last executing test programs:

1m17.927419235s ago: executing program 4 (id=2869):
socket$inet6(0xa, 0x3, 0x20)
socket(0x10, 0x3, 0x4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/26, 0x11}}, {{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/47, 0x4100}, {&(0x7f0000000100)=""/224}, {&(0x7f0000000200)=""/4096}, {&(0x7f0000001200)=""/124}, {&(0x7f0000001280)=""/60}]}}, {{&(0x7f0000001380)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x0, &(0x7f0000001840)=[{&(0x7f0000001400)=""/149}, {&(0x7f0000001b00)=""/118}, {&(0x7f0000001540)=""/188}, {&(0x7f0000001600)=""/57}, {&(0x7f0000001640)=""/135}, {&(0x7f00000014c0)=""/101}, {&(0x7f0000001780)=""/171}], 0x0, &(0x7f00000018c0)=""/176}}], 0x15cbc1ab4c0933f, 0x0, 0x0)

1m17.581610471s ago: executing program 4 (id=2873):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1_macvtap\x00'})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
r3 = socket$inet6(0xa, 0x80002, 0x6)
writev(r1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="600000000308010200000000000000000700000006000240000000003c00048008000240000000070800024000000006080001400000c8290800014000000006080002400000000392ff02400000000908000140000000090500030084000000eac98659b0093bfd737566a85afb43f1e27e9c3b885df15bf80788a084ff9c27c0fa027ff606b4cc87992bee232928604f08cc0b000070cd22a0311d2829962ac2c064845bc3285343d7776f04a1769133d3686adbbb051b07b113dfb755be15d07f39e52ea17044b82645d041be21b50c2d59d8fca02dba2628025ae5b386b2b92a479e262c7965b933f6dac052cd15d7a273499ef209867b1f6b29162bfb8d746d2675cbe28cf25c211efb0a4a8a56fb7004e431e70793e57991aa076a70e88d41d57f2564a64361c756fb74bb0f492630b6709446ab3f2fa777257767d411afea470c992fa00747c6eda7aaa1af8fd8560c1d59c2f4d2c10bc26e63c503fff3b19fee41ec1abe4223af172663c39cdc0806bec66ff9aae32897b15ba886f6a30714bb1d205d46ea07f18443c888788dc9fcf723394d1ec7096e812016e1c951e75bddbcde03b736c928cf1545d8a5fcfc2f28cb0055dfc4b0c780bbaf143dda1632c0ed6d1d16d3a85d326af396f612603c90a2a7f1a0993f4d108e8734cbd330a07d1213532bd3073bc1d58850e3647df8b427075c189865e36d5fd3a8daa63972b80649e4b9427e9804cb6a6c95b5807bf9bae44d07b6524485b7c45f7324a973f01f4592add770c77d132892032b"], 0x60}}, 0xd4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000001740)={@remote, 0x1, 0x2, 0x1, 0x2, 0x418, 0xf5a2}, 0x20)
r7 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r8, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
listen(r8, 0x8)
accept4(r8, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000010000000000008000400", @ANYRES32=r10, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64], 0x38}}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private1, 0x201d, r6})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, 0x0, 0x0)
mmap$xdp(&(0x7f00007d5000/0x1000)=nil, 0x1000, 0x700000d, 0x811, r0, 0x100000000)
socket$nl_xfrm(0x10, 0x3, 0x6)

1m6.545093168s ago: executing program 4 (id=2873):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1_macvtap\x00'})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
r3 = socket$inet6(0xa, 0x80002, 0x6)
writev(r1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="600000000308010200000000000000000700000006000240000000003c00048008000240000000070800024000000006080001400000c8290800014000000006080002400000000392ff02400000000908000140000000090500030084000000eac98659b0093bfd737566a85afb43f1e27e9c3b885df15bf80788a084ff9c27c0fa027ff606b4cc87992bee232928604f08cc0b000070cd22a0311d2829962ac2c064845bc3285343d7776f04a1769133d3686adbbb051b07b113dfb755be15d07f39e52ea17044b82645d041be21b50c2d59d8fca02dba2628025ae5b386b2b92a479e262c7965b933f6dac052cd15d7a273499ef209867b1f6b29162bfb8d746d2675cbe28cf25c211efb0a4a8a56fb7004e431e70793e57991aa076a70e88d41d57f2564a64361c756fb74bb0f492630b6709446ab3f2fa777257767d411afea470c992fa00747c6eda7aaa1af8fd8560c1d59c2f4d2c10bc26e63c503fff3b19fee41ec1abe4223af172663c39cdc0806bec66ff9aae32897b15ba886f6a30714bb1d205d46ea07f18443c888788dc9fcf723394d1ec7096e812016e1c951e75bddbcde03b736c928cf1545d8a5fcfc2f28cb0055dfc4b0c780bbaf143dda1632c0ed6d1d16d3a85d326af396f612603c90a2a7f1a0993f4d108e8734cbd330a07d1213532bd3073bc1d58850e3647df8b427075c189865e36d5fd3a8daa63972b80649e4b9427e9804cb6a6c95b5807bf9bae44d07b6524485b7c45f7324a973f01f4592add770c77d132892032b"], 0x60}}, 0xd4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000001740)={@remote, 0x1, 0x2, 0x1, 0x2, 0x418, 0xf5a2}, 0x20)
r7 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r8, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
listen(r8, 0x8)
accept4(r8, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000010000000000008000400", @ANYRES32=r10, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64], 0x38}}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private1, 0x201d, r6})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, 0x0, 0x0)
mmap$xdp(&(0x7f00007d5000/0x1000)=nil, 0x1000, 0x700000d, 0x811, r0, 0x100000000)
socket$nl_xfrm(0x10, 0x3, 0x6)

47.003658096s ago: executing program 4 (id=2873):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1_macvtap\x00'})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
r3 = socket$inet6(0xa, 0x80002, 0x6)
writev(r1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="600000000308010200000000000000000700000006000240000000003c00048008000240000000070800024000000006080001400000c8290800014000000006080002400000000392ff02400000000908000140000000090500030084000000eac98659b0093bfd737566a85afb43f1e27e9c3b885df15bf80788a084ff9c27c0fa027ff606b4cc87992bee232928604f08cc0b000070cd22a0311d2829962ac2c064845bc3285343d7776f04a1769133d3686adbbb051b07b113dfb755be15d07f39e52ea17044b82645d041be21b50c2d59d8fca02dba2628025ae5b386b2b92a479e262c7965b933f6dac052cd15d7a273499ef209867b1f6b29162bfb8d746d2675cbe28cf25c211efb0a4a8a56fb7004e431e70793e57991aa076a70e88d41d57f2564a64361c756fb74bb0f492630b6709446ab3f2fa777257767d411afea470c992fa00747c6eda7aaa1af8fd8560c1d59c2f4d2c10bc26e63c503fff3b19fee41ec1abe4223af172663c39cdc0806bec66ff9aae32897b15ba886f6a30714bb1d205d46ea07f18443c888788dc9fcf723394d1ec7096e812016e1c951e75bddbcde03b736c928cf1545d8a5fcfc2f28cb0055dfc4b0c780bbaf143dda1632c0ed6d1d16d3a85d326af396f612603c90a2a7f1a0993f4d108e8734cbd330a07d1213532bd3073bc1d58850e3647df8b427075c189865e36d5fd3a8daa63972b80649e4b9427e9804cb6a6c95b5807bf9bae44d07b6524485b7c45f7324a973f01f4592add770c77d132892032b"], 0x60}}, 0xd4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000001740)={@remote, 0x1, 0x2, 0x1, 0x2, 0x418, 0xf5a2}, 0x20)
r7 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r8, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
listen(r8, 0x8)
accept4(r8, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000010000000000008000400", @ANYRES32=r10, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64], 0x38}}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private1, 0x201d, r6})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, 0x0, 0x0)
mmap$xdp(&(0x7f00007d5000/0x1000)=nil, 0x1000, 0x700000d, 0x811, r0, 0x100000000)
socket$nl_xfrm(0x10, 0x3, 0x6)

30.16504747s ago: executing program 4 (id=2873):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1_macvtap\x00'})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
r3 = socket$inet6(0xa, 0x80002, 0x6)
writev(r1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="600000000308010200000000000000000700000006000240000000003c00048008000240000000070800024000000006080001400000c8290800014000000006080002400000000392ff02400000000908000140000000090500030084000000eac98659b0093bfd737566a85afb43f1e27e9c3b885df15bf80788a084ff9c27c0fa027ff606b4cc87992bee232928604f08cc0b000070cd22a0311d2829962ac2c064845bc3285343d7776f04a1769133d3686adbbb051b07b113dfb755be15d07f39e52ea17044b82645d041be21b50c2d59d8fca02dba2628025ae5b386b2b92a479e262c7965b933f6dac052cd15d7a273499ef209867b1f6b29162bfb8d746d2675cbe28cf25c211efb0a4a8a56fb7004e431e70793e57991aa076a70e88d41d57f2564a64361c756fb74bb0f492630b6709446ab3f2fa777257767d411afea470c992fa00747c6eda7aaa1af8fd8560c1d59c2f4d2c10bc26e63c503fff3b19fee41ec1abe4223af172663c39cdc0806bec66ff9aae32897b15ba886f6a30714bb1d205d46ea07f18443c888788dc9fcf723394d1ec7096e812016e1c951e75bddbcde03b736c928cf1545d8a5fcfc2f28cb0055dfc4b0c780bbaf143dda1632c0ed6d1d16d3a85d326af396f612603c90a2a7f1a0993f4d108e8734cbd330a07d1213532bd3073bc1d58850e3647df8b427075c189865e36d5fd3a8daa63972b80649e4b9427e9804cb6a6c95b5807bf9bae44d07b6524485b7c45f7324a973f01f4592add770c77d132892032b"], 0x60}}, 0xd4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000001740)={@remote, 0x1, 0x2, 0x1, 0x2, 0x418, 0xf5a2}, 0x20)
r7 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r8, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
listen(r8, 0x8)
accept4(r8, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000010000000000008000400", @ANYRES32=r10, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64], 0x38}}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private1, 0x201d, r6})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, 0x0, 0x0)
mmap$xdp(&(0x7f00007d5000/0x1000)=nil, 0x1000, 0x700000d, 0x811, r0, 0x100000000)
socket$nl_xfrm(0x10, 0x3, 0x6)

18.096116792s ago: executing program 1 (id=3320):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x8, 0x0, 0x0)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r3, &(0x7f0000000240)="94", 0x1)
vmsplice(r4, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0x20013644}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0)
unshare(0x20000400)
tee(r2, r4, 0x2, 0x100000000000003)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)={0x24, r5, 0x201, 0x70bd28, 0x25dfdbfb, {}, [@FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000050}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='wbt_timer\x00', r7, 0x0, 0x100000003}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

17.957394401s ago: executing program 1 (id=3321):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001740)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000005000000000000000200000d000000000300000002000000020000000200000000000000000000050000000000006161007a039b38632a136289ad534caf3647c531521ee1ef6097247a85476401032d87084d5b2410880e2ffb00821b4ff5ca1bcac015a93b2351a0602b2b64835e6ae3fbff1d23e941b04db7a738654d1d337b732cd4752c480988625e11fde55bf0f3f2aa26a45c0ef3103ca05df78b9d59422cc93e45e7e45a6555"], &(0x7f0000001640)=""/182, 0x45, 0xb6, 0x1, 0x0, 0x0, @void, @value}, 0x1f)
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket(0x2, 0x2, 0x0)
getsockopt$nfc_llcp(r1, 0x88, 0x68, 0x0, 0xfffffffffffffc9a)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000300210d0000aaa8fa017242ba9380d440fe0000000000000100000002000000", 0xfe60)
r4 = socket$inet6(0xa, 0x80000, 0xff)
getsockopt$inet6_tcp_buf(r3, 0x6, 0x1c, &(0x7f00000014c0)=""/4096, &(0x7f0000000040)=0x1000)
r5 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000cc0)=@newtfilter={0x74, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r6, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x44, 0x2, [@TCA_BASIC_POLICE={0x40, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x20000000, 0x1, 0x2, 0xfff, {0x5, 0x0, 0x9c, 0xf9e, 0x4, 0x7}, {0xf8, 0x2, 0x0, 0x4, 0x6fb, 0x4}, 0x6, 0x3}}]}]}}]}, 0x74}}, 0x4000)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r4, 0x29, 0x41, &(0x7f0000000100)={'security\x00', 0xef, "eb4ef2562ae0a4b74d2cc07440b38c0416ae1e04ed609d23746594e8c0e674cad2b55281bf7ed161db1955e58f42d175ed4636f8607073cedf0d0ed176865291b58b6bfaa38274322f1c03b8ca523d45ef5b14be0d06e9363277f22d47aa427175e9e2cd127fd2832d96cebf5fcaeb2601ded1e87c70d759e3d17e5def1b011a45e45642587ebec5e4df691b435027dd7ea60b86ae35bbccf9019c6b2e640d315fa9b7672123530afbbc0727d4dfbd098bb1dcd48e609ed18a8fa914e2387ec02b00add7393360b5779dafa094848dd3831e20c0b830f6bd470c561d30acadb33def6634e04dc022d4ab901697ab6d"}, &(0x7f0000000080)=0x113)
sendmsg$netlink(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="e000000010000905000000000000001f6f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f123d6da2f1acfac0ee2fd2b184b27db1f302de337c0004060000000000bf852c8986626691b01b2d44e4ce2871da5f2829"], 0xe0}], 0x1}, 0x0)
unshare(0x20000400)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r8, &(0x7f0000001580)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r8, 0x0)
connect$inet(r8, &(0x7f0000000240)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0)

16.932087981s ago: executing program 1 (id=3334):
gettid()
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e2e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54ae54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1386f5800"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$inet(0x2, 0x3, 0x2)
socket$kcm(0x2d, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000005300)=[{0x28, 0x0, 0xfb, 0xfffff034}]}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x18000000000002a0, 0x34, 0x0, &(0x7f0000002100)="b9fa030711a5f32e019e14f088a847e0ffff00124000632177fbac141416e000030a94029f03030180b706000000000000008100", 0x0, 0xfffffffc, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

13.642924986s ago: executing program 1 (id=3338):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e2e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54ae54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1386f5800"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$inet(0x2, 0x3, 0x2)
socket$kcm(0x2d, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x18000000000002a0, 0x27, 0x0, &(0x7f0000002100)="b9fa030711a5f32e019e14f088a847e0ffff00124000632177fbac141416e000030a94029f0303", 0x0, 0xfffffffc, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

10.42242286s ago: executing program 1 (id=3348):
r0 = socket(0xf, 0x3, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000240)={0x1d, r3, 0x0, {0x1, 0x0, 0x4}, 0xfe}, 0x18)
connect$packet(r0, &(0x7f0000000040)={0x11, 0x4, r3, 0x1, 0x7, 0x6, @broadcast}, 0x14)
sendto$inet(r1, 0x0, 0x0, 0x20000000, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xd0f, 0x70bd2a, 0x25dfdbfc, {0x60, 0x0, 0x0, r10, {0x0, 0x3}, {0xfff1, 0x1}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x48011)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000280)={'syztnl0\x00', 0x0})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r11=>0x0})
bind$packet(r4, &(0x7f0000000300)={0x11, 0x63dcbf62d8600606, r11, 0x1, 0x8, 0x6, @local}, 0x14)
bind$packet(r5, &(0x7f0000000100)={0x11, 0x4, r11}, 0x14)
r12 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
syz_emit_ethernet(0x1e, &(0x7f0000000080)=ANY=[], 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x8)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f00000000c0)=0x7, 0x4)
r13 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r13, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x40040)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000380)={'syztnl1\x00', r10, 0x1, 0x1, 0x4, 0x2, {{0x1e, 0x4, 0x1, 0x0, 0x78, 0x67, 0x0, 0x5, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x41}, @remote, {[@ssrr={0x89, 0x17, 0x4d, [@remote, @private=0xa010102, @multicast2, @local, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x26, 0x1, 0x3, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}, {@rand_addr=0x64010100, 0xf}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@rand_addr=0x64010101, 0x9}, {@remote, 0x6}, {@empty, 0x4}, {@rand_addr=0x64010101, 0x5}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}, {@rand_addr=0x64010101, 0xfffffb00}]}]}}}}})

7.091792137s ago: executing program 1 (id=3356):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x8, 0x0, 0x0)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r3, &(0x7f0000000240)="94", 0x1)
vmsplice(r4, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0x20013644}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0)
unshare(0x20000400)
tee(r2, r4, 0x2, 0x100000000000003)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)={0x24, r5, 0x201, 0x70bd28, 0x25dfdbfb, {}, [@FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @loopback}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000050}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='wbt_timer\x00', r7, 0x0, 0x100000003}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

7.09095055s ago: executing program 4 (id=2873):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'veth1_macvtap\x00'})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
r3 = socket$inet6(0xa, 0x80002, 0x6)
writev(r1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="600000000308010200000000000000000700000006000240000000003c00048008000240000000070800024000000006080001400000c8290800014000000006080002400000000392ff02400000000908000140000000090500030084000000eac98659b0093bfd737566a85afb43f1e27e9c3b885df15bf80788a084ff9c27c0fa027ff606b4cc87992bee232928604f08cc0b000070cd22a0311d2829962ac2c064845bc3285343d7776f04a1769133d3686adbbb051b07b113dfb755be15d07f39e52ea17044b82645d041be21b50c2d59d8fca02dba2628025ae5b386b2b92a479e262c7965b933f6dac052cd15d7a273499ef209867b1f6b29162bfb8d746d2675cbe28cf25c211efb0a4a8a56fb7004e431e70793e57991aa076a70e88d41d57f2564a64361c756fb74bb0f492630b6709446ab3f2fa777257767d411afea470c992fa00747c6eda7aaa1af8fd8560c1d59c2f4d2c10bc26e63c503fff3b19fee41ec1abe4223af172663c39cdc0806bec66ff9aae32897b15ba886f6a30714bb1d205d46ea07f18443c888788dc9fcf723394d1ec7096e812016e1c951e75bddbcde03b736c928cf1545d8a5fcfc2f28cb0055dfc4b0c780bbaf143dda1632c0ed6d1d16d3a85d326af396f612603c90a2a7f1a0993f4d108e8734cbd330a07d1213532bd3073bc1d58850e3647df8b427075c189865e36d5fd3a8daa63972b80649e4b9427e9804cb6a6c95b5807bf9bae44d07b6524485b7c45f7324a973f01f4592add770c77d132892032b"], 0x60}}, 0xd4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000001740)={@remote, 0x1, 0x2, 0x1, 0x2, 0x418, 0xf5a2}, 0x20)
r7 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r8, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
listen(r8, 0x8)
accept4(r8, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000010000000000008000400", @ANYRES32=r10, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64], 0x38}}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private1, 0x201d, r6})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, 0x0, 0x0)
mmap$xdp(&(0x7f00007d5000/0x1000)=nil, 0x1000, 0x700000d, 0x811, r0, 0x100000000)
socket$nl_xfrm(0x10, 0x3, 0x6)

1.888511349s ago: executing program 0 (id=3389):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180000800400000000000000000000008500000029000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.824017967s ago: executing program 3 (id=3390):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x4, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xff070000, @void, @value, @void, @value}, 0x48)

1.784549527s ago: executing program 0 (id=3391):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="580000001e0001e8ffffff00ffdbdf25020000000100000700000000080001007f0004010c000c4000000000f3ff0001080001000000000008000200ac1414bb0c000c4000000000000008340c000c40"], 0x58}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1200000007000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={r5, &(0x7f0000000480), &(0x7f0000000580)=@tcp=r7}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r5, &(0x7f0000000640), &(0x7f0000000340)=@tcp6=r6}, 0x20)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000008c0), r8)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r8, &(0x7f0000000a00)={0x0, 0x2, &(0x7f00000009c0)={&(0x7f0000000900)={0x14, r9, 0xe2c40cf0776ef37, 0x0, 0x0, {0x5}}, 0x14}}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300), 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f00000003c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x2, 0x8, &(0x7f0000000600)=ANY=[@ANYBLOB="180000004b7550bcf0c4492766652ec9e402fde92d744b9209176f6d00"/39, @ANYRES32=r3, @ANYBLOB="0000000000000000b70300000000000085000000b5000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="f08e988bb7d0f335922069da8d53a6ebca0e6f12b54c13ebb5df57a06aeba62ed760da9e6423562d2957421811376f08db3b80964e1f69427c4054b1418784b32c0bd7ba785394356376068a3e4fa42f6a62e88348785759a0863786fe8a304efb11879f2c330bbb550296af14b9355768557f98b78619aca6", @ANYRES16=r1, @ANYBLOB="a1ab000000000000000005000000080003000a000000"], 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="e0010000", @ANYRES16=r1, @ANYBLOB="000427bd7000ffdbdf252700000008000300", @ANYRES32=r10, @ANYBLOB="65a70fd5f25a8c5659e9202e8a34a7012a00055b02a8801e66ffe8b3a58e0d92517242b8be45aa5de99797de6be7e6c19a46bc615651ead9fd9004e5cef625f9ad24f7db93b83d90573fd8a6f1a150ec4ed18ae1ec4e4151e6f39b0e9620d03683eb763b4adbff995965e2f90aa553840209003e010205af0ba205c45662f7f9593a086578b8bfcba87001b6b23397ba75e0fce1bcf0b2fef2043e7591890f561613ca70f7886cb856c35ae96de896b5d97ff3bec2d0dc910eb10bc2a7ed1fef5dc58eb901ae41f31f73446974b667f08516d06fe3bb2a5511d01ce9a16b95e93887d8c2cf0dec40b534496bceb447a75e768bf25209d81d01a79f894651fb49f173a58d776526506b5bbdfa4830de71c71d46aa5a256eaa160d8da85984fe08df225c467f79b304060808080008000c7efe6ec3eb1403e7344ac687c7ed780e32d2cc0c13b014756a1297bb279fd72970549ad5b3d9ace125ef69d843f780ce5e14b2c1cb2e9d5ad0bec9fae710cc8978c09897faa7cc78b437f5341897954065f1b669a847947f0b279616758c45fd5db02bbbc96ee1bb9df22e7c2cd941dea064dd3d400bcea4abbd48c548341e750401008300000600360007000000060036000300"], 0x1e0}, 0x1, 0x0, 0x0, 0x40883}, 0x0)

1.652041344s ago: executing program 3 (id=3392):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, 0x0, 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r1, &(0x7f0000000640)=[{0x0}, {&(0x7f0000000080)='~', 0x1}], 0x2)

1.644205605s ago: executing program 3 (id=3393):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000bc0)={{{@in=@rand_addr=0x4, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x2, 0x0, 0x8, 0x8, 0x4}, {0x4}, 0x0, 0x0, 0x1}, {{@in6=@remote, 0x80, 0x32}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x8}}, 0xe8)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="4dc10000", @ANYRES16=r0, @ANYBLOB="01002cbd701004000000050000000600010005000000080009000200000008000b000000000008000c00a80a00000c0016000400000000000000", @ANYRES32=r3, @ANYRES64=r4], 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x10448)
getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x119, 0x1, &(0x7f0000000080), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r5, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x0, 0x0)

1.560614335s ago: executing program 0 (id=3394):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008"], 0x124}}, 0x0)

1.481418899s ago: executing program 3 (id=3396):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x30c, 0x30, 0x300, 0x71bd2a, 0x25dfdbff, {}, [{0x2f8, 0x1, [@m_gact={0x230, 0x110, 0x0, 0x0, {{0x9}, {0x4}, {0x201, 0x6, "0f617356f0a663079abe295a350af32575b7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224474cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51ba59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9c6fc16198b2cfa20bc906e08c92c0642310e03f00a0ed12baa1df64f1bf0502f23ff4d6a5e05aa81fa19a9b88c32227231211d5d298a3c63d5549b1a72ad3a2c2dbf727e06036e6f15f608bea0e2a8ff93600a6133a9b45faa6924e7b9e8756e78750bdef4103fcd162842f48260e1dbb952cf91a4fdf9ca11cc86255d345cc97e3e5a060faa5892b6b343ae47592ed09d5829b187941331c8c321997cbc0395a6658c85915c1468ea768127b402af42155e96f11ef5f95a4118370c736689c029238b89e6a7a47d06e553b3f1968de8d30df98c713bd5d18d8c5e00aee2d650046089d3fd1abf65c454e7e5f582e3e17fde068a7d8cfdaf8831aca9c839662d70f7a7893073ad4a108e44a105d7ec27a1511d8775f389b68079b9fb5ba0f7bc4755ca4a45642090d553db4715ba07f0f54dd66544b89e6ad25c32d6f63d39e8d5e0034b5d37c947abfec5a54689a66f9355ac9a474b1e8da8ff31a3"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_mpls={0xc4, 0x11, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0x8cb6c}]}, {0x8d, 0x6, "88d9d3ab36a0640efed1c86c8343987cdbacd2b0061700f91f1b866af73a932d18cdc7f81d9e91a9e5da9991bd8e1997683afee1a8b9b9c86eeebe71a0cd19510924dec12d4463a58a2b1c90aebc5d2b66c780e3a658282c980bcafd2038edc21272c594cb69bd461bfdeec127e4451c7c4160ab708f14b7e4a4f1eb6cce4a3313b170d05dfec44294"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x30c}, 0x1, 0x0, 0x0, 0x48000}, 0x20040800)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0xffa1}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1.428731228s ago: executing program 0 (id=3397):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080007800", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@id={0x1e, 0x3, 0x2, {0x4e24, 0x1}}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f00000000c0)={'netdevsim0\x00', @link_local})
sendmsg$nl_xfrm(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=ANY=[@ANYBLOB="040100001a00010000000000fddbdf25fc0100000000000000000000000002017f0000010000000000000000000000004e240020fffd0000000020a032e000f2", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000000000002b000000ac14141200000000000000000000000000000000000000000000000000000000fefffffffffffffffcffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003350000020004fd2c0000000000000014000e"], 0x104}, 0x1, 0x0, 0x0, 0x50}, 0x4000)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000)
recvmmsg(0xffffffffffffffff, &(0x7f00000086c0), 0x0, 0x20, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="14000000ed03014000000000000000000000000a14000000fa03010100100000000000000000000a0154fce9a379deeaf5b76d7f365afbc56e6bf42f5113eec01a04c79ef664bafaa5e5b1d06a7d2bf9f292389487b66d4e049bdb9c1afe3458964926942938e50856a48a89231d1038d2bf93d743e0cd721e6b9b06b8ad7b64f63845e520a71cb74679200327448bf394ff3df4cdab966937a37aa0be452bd0b0f83b5a7f8f"], 0x28}}, 0x5f756ca0dba5b77a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'caif0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$inet6(0x10, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10)
sendto$inet6(r7, &(0x7f0000000000)="1c0000002800050f0c1000000049", 0xe, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000002140)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r6)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003d000b08d25a80648c7494f90324fc600b0002400a000900053582c137153e3719ac018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="0039d5aed285a42bc07d63450abb0030002984230b75ce985903001fc9c0afed"], &(0x7f00000002c0)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="e8000000110001281fba6d8c7fa906165aed5db2412d01b7b56f218f9dd14251dd80cca548c3c692bf46833535822d54b71ca678a62416e6399b2792"], 0xe8}}, 0x4010)

1.139494672s ago: executing program 3 (id=3399):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140), 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x3ba, 0x4)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x14, 0x0, &(0x7f0000000080)="259a001471a76d2688a24e6588a8fb5e0af66395", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9}, 0x50)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r4)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r6=>0x0}, 0x8)
r7 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080)=r6, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r7, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000fcdbdf25020000001400018006529d614b0ccd4e2100000000000000"], 0x28}}, 0x844)

987.866499ms ago: executing program 0 (id=3401):
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0xe00000, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x11, &(0x7f0000000200)=0x6, 0x4)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000240)={<r3=>0xffffffffffffffff})
bind$netlink(r3, &(0x7f0000000300)={0x10, 0x0, 0x25dfdbfc, 0x100}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r4, &(0x7f0000000a80)={&(0x7f0000000400)=@in6={0xa, 0x4e23, 0x2, @mcast2, 0x2}, 0x1c, &(0x7f0000000840)=[{&(0x7f0000000440)="a3", 0x1}], 0x1, &(0x7f00000009c0)=[@sndinfo={0x20, 0x84, 0x2, {0x5f5c, 0x3, 0x3, 0x9}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x2}}], 0x38, 0x20040010}, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(0x3)
r5 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r7, &(0x7f0000000100)={0x20000014})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x25dfdbfc, {0x0, 0x0, 0xe4ff}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {0x0, 0x0, 0xca95}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4000000}, {0xfffffffc, 0x0, 0x0, 0x0, 0x4}, {}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7d}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x50000000}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {0x0, 0xea}, {}, {0x0, 0x0, 0x0, 0x2, 0x1}, {0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x2}, {0x3}, {}, {}, {}, {}, {0x3, 0x2, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x99}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xa3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x0, 0xfffffffd}, {}, {0x0, 0x100}, {}, {0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x9}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)

816.612206ms ago: executing program 2 (id=3402):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, 0x0, 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r1, &(0x7f0000000640)=[{0x0}, {&(0x7f0000000080)='~', 0x1}], 0x2)

734.375957ms ago: executing program 3 (id=3403):
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000001ac0)={'vcan0\x00', 0x6})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x9, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r4}, &(0x7f0000000180), &(0x7f0000000100)=r3}, 0x20)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
ppoll(&(0x7f0000000500)=[{r5}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0xffffffff, 0x0, 0x0, 0x4, 0x2, 0x1}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRES16=r7], 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x800})
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071006400000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00', r9}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @local}], 0x10)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r11}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x13, &(0x7f0000000680)=ANY=[@ANYRESHEX=r0, @ANYRESHEX, @ANYBLOB="00000000000000006608000000000000180000008a4fec1bed8060d654c30000000000000000000000009500000000000000360a020000000000180100002020782500000000202020207b1af8ff00000000bfa100000000000005010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff7ffffd, @void, @value}, 0x94)
socket$inet(0x2, 0x4000000805, 0x0)

691.842001ms ago: executing program 2 (id=3404):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="ad76b6c5", 0x4)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000004c00)=[{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000000)="a9861869a75f66ef7d128ae4230965648a021cdf93508c9706dc1e4d9e1d4c436faf1d2786e53d4c8b827fc9174b67dab67acb28c76f6310145b3bfb0804675b44f3372615", 0x45}, {&(0x7f0000000240)="eeb9ff4efd6ce05a6ccd7c232e4442ec0660f89aeac6d45aea60e560bd9dd945dfc8e65ad2cf2e4d55fb59ee276f5e40e07f7b37b86e88c65190565d726b079d4043e88acbc549f5d3291ba8e35c906d22091ac5b87485aab22c1c9723fe9e1fdc8dd53b5e20ff5f2aa43f", 0x6b}], 0x2, &(0x7f0000001480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000001e80)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000380)=""/117, 0x75}, {&(0x7f0000000080)=""/138, 0x8a}], 0x2, 0x0, 0x0, 0x1000000}, 0x2022)

567.882672ms ago: executing program 2 (id=3405):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000780), r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000080004"], 0x48)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x30}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e20, @empty}}, 0x7, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r4, 0x1)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000580)={'wpan0\x00', <r5=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000800)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fcdbdf252e00000008000200", @ANYRES32=r5, @ANYBLOB="0c0005000203aaaaaaaaaaaa05002b008000000005002e"], 0x38}, 0x1, 0x0, 0x0, 0x8040}, 0x20000000)
recvmmsg(r0, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x63, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000150001002abd7000fcdbdf250238a404", @ANYRES32=0x0], 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x840)

200.903008ms ago: executing program 2 (id=3406):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000240)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000000000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008"], 0x124}}, 0x0)

98.447898ms ago: executing program 2 (id=3407):
gettid()
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e2e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54ae54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1386f5800"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$inet(0x2, 0x3, 0x2)
socket$kcm(0x2d, 0x2, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000005300)=[{0x28, 0x0, 0xfb, 0xfffff034}, {0x80000006, 0x66}]}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

39.71068ms ago: executing program 0 (id=3408):
r0 = socket$kcm(0x11, 0x200000000000003, 0x300)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="e1cb049ff77e9465e919f6afb816bc42b4ad199500de54c2a02430d94b182923fed7e18e2863a5d7a2225c82cea8834d8b9729d085bcb906fa181ac5340f81967545909ae67e725f6e0f932f002c95feabc20b2177eced2bb002512e60031fb3"], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000)=r1, 0x4)
recvmsg$kcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)=""/245, 0xf5}], 0x1}, 0x0)

0s ago: executing program 2 (id=3409):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0xf, &(0x7f0000001ac0)=ANY=[@ANYBLOB="18000000100000001811ff000000000000000000ce5e5f48deb4bac97f993cbe86f923399eab9792d414a67b64860f95243da9668710f5d65feef464a455051617c38fb3378691cb84ed6c37c5027642f8dfc945a428a8f16e298fca85b20b62a9f5c0863845ba79e985f11518c8b0d48638654ffe4c3c9c53dc4f6445062fdfa8e14ba3856e10d31ef0764774f542df77a822634ffd29bffcb62e74d18a31b0606fad80b426466f341bc52d97c21a7e9c18e80f83527af2df09f310bb185cceca06a869af073a532d41ec3693200148df93559e5a6c710d7049c085553c06b757af60294aec2c0e8ed9ee9ed31e1714d88676d098529b3a0619f7907a574036408a6d31c35bd54c9a7bea7278bff1990a650a4a3fd3de6c73beede3d506cb6d54df9d1806272e5b38c4fa45808e4bc69b8e935ba4e146a1e16cef55d55809cd2f16471868aba81fffebf188a747a65356c730aa8f2a36b8684b4ac399248beb8dc3c0c749429f697e14b3f54479255f2875", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000078500000005000000bf0900000000000045090100000003709500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)={0x20, r2, 0x5eae78d9c54e9d3f, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='1'], 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@o_path={0x0, r4, 0x4000, r4}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r5)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="b400000000090000dd0a00000000000073018d00000000009500000000000000425e494e53a90f38f870e056d03b2010633dee8a3a6601dbd212"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x300, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="18f5ffffffffffffff0400cad357fb8571a84f0000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r3)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x14102, 0x0)
ioctl$TUNSETTXFILTER(r8, 0x400454d1, &(0x7f0000000400)={0x1, 0x2, [@random="33b484886bc2", @broadcast]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r9, {0xb, 0xfff2}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
recvmmsg(r10, &(0x7f0000002100)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f0000000740)=""/167, 0xa7}, {&(0x7f0000000a40)=""/4104, 0x1008}, {&(0x7f0000000940)=""/223, 0xdf}], 0x4}, 0x203}], 0x1, 0x0, 0x0)

kernel console output (not intermixed with test programs):

.310728][T13682] wg1 speed is unknown, defaulting to 1000
[  336.457802][T13694] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  337.161198][T13729] netlink: 'syz.1.2709': attribute type 10 has an invalid length.
[  337.396528][T13739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2712'.
[  337.409614][T13739] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2712'.
[  337.419428][T13739] nbd: socks must be embedded in a SOCK_ITEM attr
[  337.447897][T13739] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2712'.
[  337.669090][T13744] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2713'.
[  337.774571][T13748] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2714'.
[  338.333543][T13775] FAULT_INJECTION: forcing a failure.
[  338.333543][T13775] name failslab, interval 1, probability 0, space 0, times 0
[  338.357087][T13775] CPU: 0 UID: 0 PID: 13775 Comm: syz.0.2722 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  338.357114][T13775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  338.357124][T13775] Call Trace:
[  338.357132][T13775]  <TASK>
[  338.357140][T13775]  dump_stack_lvl+0x189/0x250
[  338.357171][T13775]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.357194][T13775]  ? __pfx__printk+0x10/0x10
[  338.357217][T13775]  ? __pfx___might_resched+0x10/0x10
[  338.357238][T13775]  should_fail_ex+0x414/0x560
[  338.357267][T13775]  should_failslab+0xa8/0x100
[  338.357289][T13775]  __kmalloc_cache_noprof+0x70/0x3d0
[  338.357310][T13775]  ? sctp_association_new+0x89/0x25f0
[  338.357335][T13775]  sctp_association_new+0x89/0x25f0
[  338.357358][T13775]  ? sctp_has_association+0x1cd/0x1f0
[  338.357378][T13775]  ? sctp_has_association+0x2f/0x1f0
[  338.357408][T13775]  sctp_connect_new_asoc+0x2c5/0x690
[  338.357430][T13775]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  338.357451][T13775]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  338.357469][T13775]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  338.357486][T13775]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  338.357505][T13775]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  338.357525][T13775]  ? security_sctp_bind_connect+0x7e/0x2e0
[  338.357551][T13775]  sctp_sendmsg+0x155c/0x2810
[  338.357583][T13775]  ? __pfx_sctp_sendmsg+0x10/0x10
[  338.357605][T13775]  ? aa_sk_perm+0x81e/0x950
[  338.357634][T13775]  ? __pfx_aa_sk_perm+0x10/0x10
[  338.357661][T13775]  ? sock_rps_record_flow+0x19/0x410
[  338.357687][T13775]  ? inet_sendmsg+0x2f4/0x370
[  338.357706][T13775]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  338.357728][T13775]  __sock_sendmsg+0x19c/0x270
[  338.357756][T13775]  __sys_sendto+0x3bd/0x520
[  338.357777][T13775]  ? __pfx___sys_sendto+0x10/0x10
[  338.357793][T13775]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  338.357829][T13775]  ? __fget_files+0x3a0/0x420
[  338.357861][T13775]  ? ksys_write+0x1f0/0x250
[  338.357878][T13775]  ? rcu_is_watching+0x15/0xb0
[  338.357915][T13775]  __x64_sys_sendto+0xde/0x100
[  338.357937][T13775]  do_syscall_64+0xf6/0x210
[  338.357961][T13775]  ? clear_bhb_loop+0x45/0xa0
[  338.357980][T13775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.358003][T13775] RIP: 0033:0x7f20dc18e969
[  338.358018][T13775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.358033][T13775] RSP: 002b:00007f20dcfbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  338.358051][T13775] RAX: ffffffffffffffda RBX: 00007f20dc3b5fa0 RCX: 00007f20dc18e969
[  338.358064][T13775] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000007
[  338.358075][T13775] RBP: 00007f20dcfbf090 R08: 0000200000000100 R09: 0000000000000010
[  338.358086][T13775] R10: 0000000020000050 R11: 0000000000000246 R12: 0000000000000001
[  338.358097][T13775] R13: 0000000000000000 R14: 00007f20dc3b5fa0 R15: 00007ffd4bcb0698
[  338.358125][T13775]  </TASK>
[  338.676228][T13779] netlink: 'syz.0.2722': attribute type 10 has an invalid length.
[  338.745342][T13777] veth7: entered promiscuous mode
[  339.416636][T13806] FAULT_INJECTION: forcing a failure.
[  339.416636][T13806] name failslab, interval 1, probability 0, space 0, times 0
[  339.446671][T13806] CPU: 0 UID: 0 PID: 13806 Comm: syz.2.2731 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  339.446700][T13806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  339.446711][T13806] Call Trace:
[  339.446718][T13806]  <TASK>
[  339.446727][T13806]  dump_stack_lvl+0x189/0x250
[  339.446758][T13806]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.446782][T13806]  ? __pfx__printk+0x10/0x10
[  339.446805][T13806]  ? __pfx___might_resched+0x10/0x10
[  339.446826][T13806]  should_fail_ex+0x414/0x560
[  339.446857][T13806]  should_failslab+0xa8/0x100
[  339.446881][T13806]  __kmalloc_noprof+0xcb/0x4f0
[  339.446911][T13806]  ? __kasan_kmalloc+0x93/0xb0
[  339.446928][T13806]  ? nla_strdup+0x9d/0x140
[  339.446950][T13806]  nla_strdup+0x9d/0x140
[  339.446969][T13806]  nf_tables_newtable+0x491/0x1890
[  339.446988][T13806]  ? nfnetlink_subsys_unregister+0x182/0x1b0
[  339.447029][T13806]  nfnetlink_rcv+0x113f/0x2530
[  339.447083][T13806]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  339.447153][T13806]  ? skb_clone+0x246/0x3a0
[  339.447190][T13806]  ? netlink_deliver_tap+0x2e/0x1b0
[  339.447207][T13806]  ? netlink_deliver_tap+0x2e/0x1b0
[  339.447230][T13806]  netlink_unicast+0x758/0x8d0
[  339.447265][T13806]  netlink_sendmsg+0x805/0xb30
[  339.447293][T13806]  ? __pfx_netlink_sendmsg+0x10/0x10
[  339.447314][T13806]  ? aa_sock_msg_perm+0x94/0x160
[  339.447334][T13806]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  339.447352][T13806]  ? __pfx_netlink_sendmsg+0x10/0x10
[  339.447371][T13806]  __sock_sendmsg+0x219/0x270
[  339.447398][T13806]  ____sys_sendmsg+0x505/0x830
[  339.447423][T13806]  ? __pfx_____sys_sendmsg+0x10/0x10
[  339.447453][T13806]  ? import_iovec+0x74/0xa0
[  339.447477][T13806]  ___sys_sendmsg+0x21f/0x2a0
[  339.447499][T13806]  ? __pfx____sys_sendmsg+0x10/0x10
[  339.447556][T13806]  ? __fget_files+0x2a/0x420
[  339.447576][T13806]  ? __fget_files+0x3a0/0x420
[  339.447607][T13806]  __x64_sys_sendmsg+0x19b/0x260
[  339.447629][T13806]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  339.447667][T13806]  ? do_syscall_64+0xba/0x210
[  339.447692][T13806]  do_syscall_64+0xf6/0x210
[  339.447715][T13806]  ? clear_bhb_loop+0x45/0xa0
[  339.447736][T13806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.447752][T13806] RIP: 0033:0x7f365e78e969
[  339.447768][T13806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.447782][T13806] RSP: 002b:00007f365f6de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  339.447801][T13806] RAX: ffffffffffffffda RBX: 00007f365e9b5fa0 RCX: 00007f365e78e969
[  339.447814][T13806] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  339.447824][T13806] RBP: 00007f365f6de090 R08: 0000000000000000 R09: 0000000000000000
[  339.447835][T13806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.447845][T13806] R13: 0000000000000000 R14: 00007f365e9b5fa0 R15: 00007fffe27f61e8
[  339.447873][T13806]  </TASK>
[  339.763638][T13810] bridge0: port 1(vlan5) entered blocking state
[  339.774350][T13810] bridge0: port 1(vlan5) entered disabled state
[  339.783044][T13810] vlan5: entered allmulticast mode
[  339.788548][T13810] bond0: entered allmulticast mode
[  339.799243][T13810] ip6erspan0: entered allmulticast mode
[  339.815147][T13810] vlan5: entered promiscuous mode
[  339.820479][T13810] bond0: entered promiscuous mode
[  340.493940][T13839] FAULT_INJECTION: forcing a failure.
[  340.493940][T13839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.534873][T13839] CPU: 0 UID: 0 PID: 13839 Comm: syz.0.2744 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  340.534902][T13839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  340.534912][T13839] Call Trace:
[  340.534920][T13839]  <TASK>
[  340.534928][T13839]  dump_stack_lvl+0x189/0x250
[  340.534954][T13839]  ? __lock_acquire+0xaac/0xd20
[  340.534977][T13839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.534999][T13839]  ? __pfx__printk+0x10/0x10
[  340.535015][T13839]  ? __might_fault+0xb0/0x130
[  340.535042][T13839]  should_fail_ex+0x414/0x560
[  340.535069][T13839]  _copy_from_iter+0x1db/0x15a0
[  340.535094][T13839]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  340.535112][T13839]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  340.535133][T13839]  ? __pfx__copy_from_iter+0x10/0x10
[  340.535154][T13839]  ? __build_skb_around+0x257/0x3e0
[  340.535176][T13839]  ? netlink_sendmsg+0x642/0xb30
[  340.535192][T13839]  ? skb_put+0x11b/0x210
[  340.535214][T13839]  netlink_sendmsg+0x6b2/0xb30
[  340.535241][T13839]  ? __pfx_netlink_sendmsg+0x10/0x10
[  340.535262][T13839]  ? aa_sock_msg_perm+0x94/0x160
[  340.535282][T13839]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  340.535300][T13839]  ? __pfx_netlink_sendmsg+0x10/0x10
[  340.535319][T13839]  __sock_sendmsg+0x219/0x270
[  340.535346][T13839]  ____sys_sendmsg+0x505/0x830
[  340.535372][T13839]  ? __pfx_____sys_sendmsg+0x10/0x10
[  340.535401][T13839]  ? import_iovec+0x74/0xa0
[  340.535424][T13839]  ___sys_sendmsg+0x21f/0x2a0
[  340.535445][T13839]  ? __pfx____sys_sendmsg+0x10/0x10
[  340.535500][T13839]  ? __fget_files+0x2a/0x420
[  340.535520][T13839]  ? __fget_files+0x3a0/0x420
[  340.535551][T13839]  __x64_sys_sendmsg+0x19b/0x260
[  340.535573][T13839]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  340.535610][T13839]  ? do_syscall_64+0xba/0x210
[  340.535637][T13839]  do_syscall_64+0xf6/0x210
[  340.535661][T13839]  ? clear_bhb_loop+0x45/0xa0
[  340.535682][T13839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.535699][T13839] RIP: 0033:0x7f20dc18e969
[  340.535715][T13839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.535730][T13839] RSP: 002b:00007f20dcfbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  340.535749][T13839] RAX: ffffffffffffffda RBX: 00007f20dc3b5fa0 RCX: 00007f20dc18e969
[  340.535762][T13839] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[  340.535773][T13839] RBP: 00007f20dcfbf090 R08: 0000000000000000 R09: 0000000000000000
[  340.535791][T13839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.535801][T13839] R13: 0000000000000000 R14: 00007f20dc3b5fa0 R15: 00007ffd4bcb0698
[  340.535830][T13839]  </TASK>
[  341.071656][T13857] __nla_validate_parse: 1 callbacks suppressed
[  341.071674][T13857] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2749'.
[  341.220754][T13863] FAULT_INJECTION: forcing a failure.
[  341.220754][T13863] name failslab, interval 1, probability 0, space 0, times 0
[  341.245058][T13863] CPU: 0 UID: 0 PID: 13863 Comm: syz.0.2751 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  341.245085][T13863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  341.245095][T13863] Call Trace:
[  341.245102][T13863]  <TASK>
[  341.245110][T13863]  dump_stack_lvl+0x189/0x250
[  341.245141][T13863]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.245164][T13863]  ? __pfx__printk+0x10/0x10
[  341.245196][T13863]  should_fail_ex+0x414/0x560
[  341.245225][T13863]  should_failslab+0xa8/0x100
[  341.245247][T13863]  __kmalloc_cache_noprof+0x70/0x3d0
[  341.245266][T13863]  ? sctp_add_bind_addr+0x8c/0x370
[  341.245293][T13863]  sctp_add_bind_addr+0x8c/0x370
[  341.245320][T13863]  sctp_copy_local_addr_list+0x30b/0x4e0
[  341.245347][T13863]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  341.245368][T13863]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  341.245394][T13863]  ? sctp_v6_is_any+0x64/0x80
[  341.245411][T13863]  ? sctp_copy_one_addr+0x93/0x360
[  341.245435][T13863]  sctp_bind_addr_copy+0xb3/0x3c0
[  341.245457][T13863]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  341.245481][T13863]  sctp_connect_new_asoc+0x2e0/0x690
[  341.245502][T13863]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  341.245517][T13863]  ? __local_bh_enable_ip+0x12d/0x1c0
[  341.245547][T13863]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  341.245564][T13863]  ? security_sctp_bind_connect+0x7e/0x2e0
[  341.245588][T13863]  sctp_sendmsg+0x155c/0x2810
[  341.245617][T13863]  ? __pfx_sctp_sendmsg+0x10/0x10
[  341.245638][T13863]  ? aa_sk_perm+0x81e/0x950
[  341.245667][T13863]  ? __pfx_aa_sk_perm+0x10/0x10
[  341.245694][T13863]  ? sock_rps_record_flow+0x19/0x410
[  341.245719][T13863]  ? inet_sendmsg+0x2f4/0x370
[  341.245745][T13863]  __sock_sendmsg+0x19c/0x270
[  341.245772][T13863]  ____sys_sendmsg+0x52d/0x830
[  341.245798][T13863]  ? __pfx_____sys_sendmsg+0x10/0x10
[  341.245828][T13863]  ? import_iovec+0x74/0xa0
[  341.245853][T13863]  ___sys_sendmsg+0x21f/0x2a0
[  341.245875][T13863]  ? __pfx____sys_sendmsg+0x10/0x10
[  341.245932][T13863]  ? __fget_files+0x2a/0x420
[  341.245953][T13863]  ? __fget_files+0x3a0/0x420
[  341.245992][T13863]  __sys_sendmmsg+0x227/0x430
[  341.246018][T13863]  ? __pfx___sys_sendmmsg+0x10/0x10
[  341.246048][T13863]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  341.246091][T13863]  ? ksys_write+0x1f0/0x250
[  341.246108][T13863]  ? rcu_is_watching+0x15/0xb0
[  341.246143][T13863]  __x64_sys_sendmmsg+0xa0/0xc0
[  341.246165][T13863]  do_syscall_64+0xf6/0x210
[  341.246190][T13863]  ? clear_bhb_loop+0x45/0xa0
[  341.246211][T13863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.246228][T13863] RIP: 0033:0x7f20dc18e969
[  341.246245][T13863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.246259][T13863] RSP: 002b:00007f20dcfbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  341.246278][T13863] RAX: ffffffffffffffda RBX: 00007f20dc3b5fa0 RCX: 00007f20dc18e969
[  341.246292][T13863] RDX: 0000000000000001 RSI: 00002000000018c0 RDI: 0000000000000003
[  341.246303][T13863] RBP: 00007f20dcfbf090 R08: 0000000000000000 R09: 0000000000000000
[  341.246314][T13863] R10: 000000000000c000 R11: 0000000000000246 R12: 0000000000000002
[  341.246325][T13863] R13: 0000000000000000 R14: 00007f20dc3b5fa0 R15: 00007ffd4bcb0698
[  341.246355][T13863]  </TASK>
[  341.669895][T13860] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2750'.
[  341.851609][T13878] vlan6: entered allmulticast mode
[  341.857222][T13878] dummy0: entered allmulticast mode
[  341.971698][T13883] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2758'.
[  342.160536][T13892] syzkaller1: entered promiscuous mode
[  342.166416][T13892] syzkaller1: entered allmulticast mode
[  342.273652][T13896] sctp: [Deprecated]: syz.1.2763 (pid 13896) Use of int in maxseg socket option.
[  342.273652][T13896] Use struct sctp_assoc_value instead
[  342.292984][T13888] wg1 speed is unknown, defaulting to 1000
[  342.547144][T13908] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2768'.
[  342.669610][T13912] netlink: 'syz.3.2770': attribute type 39 has an invalid length.
[  343.251553][T13944] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2782'.
[  343.385789][T13949] IPVS: set_ctl: invalid protocol: 43 172.20.20.187:20000
[  344.013230][T13986] netlink: 240 bytes leftover after parsing attributes in process `syz.4.2796'.
[  344.050628][T13988] FAULT_INJECTION: forcing a failure.
[  344.050628][T13988] name failslab, interval 1, probability 0, space 0, times 0
[  344.078950][T13990] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2797'.
[  344.113597][T13988] CPU: 1 UID: 0 PID: 13988 Comm: syz.0.2795 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  344.113620][T13988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  344.113631][T13988] Call Trace:
[  344.113638][T13988]  <TASK>
[  344.113647][T13988]  dump_stack_lvl+0x189/0x250
[  344.113678][T13988]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.113700][T13988]  ? __pfx__printk+0x10/0x10
[  344.113727][T13988]  should_fail_ex+0x414/0x560
[  344.113754][T13988]  should_failslab+0xa8/0x100
[  344.113777][T13988]  kmem_cache_alloc_noprof+0x73/0x3c0
[  344.113797][T13988]  ? skb_clone+0x212/0x3a0
[  344.113814][T13988]  ? eth_header+0x11b/0x200
[  344.113836][T13988]  skb_clone+0x212/0x3a0
[  344.113853][T13988]  ? llc_sap_action_send_xid_c+0x1e0/0x360
[  344.113872][T13988]  llc_sap_action_send_xid_c+0x20c/0x360
[  344.113892][T13988]  llc_sap_state_process+0x262/0x510
[  344.113912][T13988]  llc_ui_sendmsg+0xa82/0xdd0
[  344.113947][T13988]  ? __pfx_llc_ui_sendmsg+0x10/0x10
[  344.113965][T13988]  ? aa_sock_msg_perm+0x94/0x160
[  344.113983][T13988]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  344.114000][T13988]  ? __pfx_llc_ui_sendmsg+0x10/0x10
[  344.114018][T13988]  __sock_sendmsg+0x219/0x270
[  344.114043][T13988]  ____sys_sendmsg+0x52d/0x830
[  344.114066][T13988]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.114092][T13988]  ? import_iovec+0x74/0xa0
[  344.114113][T13988]  ___sys_sendmsg+0x21f/0x2a0
[  344.114132][T13988]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.114186][T13988]  ? __might_fault+0xb0/0x130
[  344.114213][T13988]  __sys_sendmmsg+0x227/0x430
[  344.114237][T13988]  ? __pfx___sys_sendmmsg+0x10/0x10
[  344.114265][T13988]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  344.114302][T13988]  ? ksys_write+0x1f0/0x250
[  344.114329][T13988]  __x64_sys_sendmmsg+0xa0/0xc0
[  344.114351][T13988]  do_syscall_64+0xf6/0x210
[  344.114385][T13988]  ? clear_bhb_loop+0x45/0xa0
[  344.114405][T13988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.114419][T13988] RIP: 0033:0x7f20dc18e969
[  344.114433][T13988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.114445][T13988] RSP: 002b:00007f20dcf9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  344.114463][T13988] RAX: ffffffffffffffda RBX: 00007f20dc3b6080 RCX: 00007f20dc18e969
[  344.114475][T13988] RDX: 03fffffffffffeed RSI: 0000200000001380 RDI: 0000000000000004
[  344.114485][T13988] RBP: 00007f20dcf9e090 R08: 0000000000000000 R09: 0000000000000000
[  344.114493][T13988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  344.114502][T13988] R13: 0000000000000001 R14: 00007f20dc3b6080 R15: 00007ffd4bcb0698
[  344.114529][T13988]  </TASK>
[  344.181500][T13997] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2797'.
[  344.488157][T13990] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2797'.
[  344.510397][T13999] team0: Device gtp0 is of different type
[  344.510568][T13990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2797'.
[  344.762130][T14005] Timeout policy `syz0' can only be used by L3 protocol number 34984
[  344.998326][T14023] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  345.055823][T14021] sctp: [Deprecated]: syz.1.2808 (pid 14021) Use of int in max_burst socket option.
[  345.055823][T14021] Use struct sctp_assoc_value instead
[  345.077871][T14029] FAULT_INJECTION: forcing a failure.
[  345.077871][T14029] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.095462][T14021] sctp: [Deprecated]: syz.1.2808 (pid 14021) Use of struct sctp_assoc_value in delayed_ack socket option.
[  345.095462][T14021] Use struct sctp_sack_info instead
[  345.126472][T14029] CPU: 1 UID: 0 PID: 14029 Comm: syz.4.2811 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  345.126497][T14029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  345.126507][T14029] Call Trace:
[  345.126514][T14029]  <TASK>
[  345.126521][T14029]  dump_stack_lvl+0x189/0x250
[  345.126550][T14029]  ? __pfx_dump_stack_lvl+0x10/0x10
[  345.126570][T14029]  ? __pfx__printk+0x10/0x10
[  345.126594][T14029]  should_fail_ex+0x414/0x560
[  345.126621][T14029]  _copy_to_user+0x31/0xb0
[  345.126645][T14029]  simple_read_from_buffer+0xe1/0x170
[  345.126669][T14029]  proc_fail_nth_read+0x1df/0x250
[  345.126692][T14029]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  345.126716][T14029]  ? rw_verify_area+0x258/0x650
[  345.126733][T14029]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  345.126755][T14029]  vfs_read+0x1fd/0x980
[  345.126778][T14029]  ? __pfx___mutex_lock+0x10/0x10
[  345.126802][T14029]  ? __pfx_vfs_read+0x10/0x10
[  345.126822][T14029]  ? __fget_files+0x2a/0x420
[  345.126847][T14029]  ? __fget_files+0x3a0/0x420
[  345.126864][T14029]  ? __fget_files+0x2a/0x420
[  345.126884][T14029]  ksys_read+0x145/0x250
[  345.126901][T14029]  ? __pfx_ksys_read+0x10/0x10
[  345.126921][T14029]  ? do_syscall_64+0xba/0x210
[  345.126944][T14029]  do_syscall_64+0xf6/0x210
[  345.126967][T14029]  ? clear_bhb_loop+0x45/0xa0
[  345.126987][T14029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.126999][T14029] RIP: 0033:0x7f49f8d8d37c
[  345.127013][T14029] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  345.127025][T14029] RSP: 002b:00007f49f9bae030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  345.127040][T14029] RAX: ffffffffffffffda RBX: 00007f49f8fb5fa0 RCX: 00007f49f8d8d37c
[  345.127052][T14029] RDX: 000000000000000f RSI: 00007f49f9bae0a0 RDI: 0000000000000004
[  345.127061][T14029] RBP: 00007f49f9bae090 R08: 0000000000000000 R09: 0000000000000000
[  345.127070][T14029] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.127080][T14029] R13: 0000000000000000 R14: 00007f49f8fb5fa0 R15: 00007fffe9a45068
[  345.127104][T14029]  </TASK>
[  345.130820][T14021] netlink: 'syz.1.2808': attribute type 4 has an invalid length.
[  345.396516][T14043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.423308][T14044] netlink: 'syz.4.2814': attribute type 1 has an invalid length.
[  345.505273][T14043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.589729][T14043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.601407][T14052] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:000e with DS=0x9
[  345.678803][T14060] batadv_slave_1: entered promiscuous mode
[  345.686413][T14060] batadv0: entered promiscuous mode
[  345.716549][T14060] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  346.085893][T14081] __nla_validate_parse: 7 callbacks suppressed
[  346.085914][T14081] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2828'.
[  346.101656][T14083] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2829'.
[  346.121564][T14083] IPVS: Unknown mcast interface: batadv0
[  346.291657][T14097] xt_HMARK: spi-set and port-set can't be combined
[  346.316862][T14103] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2830'.
[  346.352237][T14103] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  346.360998][T14103] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  346.369672][T14103] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  346.378459][T14103] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  346.402755][T14103] vxlan0: entered promiscuous mode
[  346.426808][T14103] vxlan0: entered allmulticast mode
[  346.449495][T14103] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  346.458397][T14103] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  346.467171][T14103] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  346.476175][T14103] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  346.508893][T14059] batadv0: left promiscuous mode
[  346.517915][T14059] batadv_slave_1: left promiscuous mode
[  346.609297][T14111] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2837'.
[  347.184490][T14131] xt_hashlimit: overflow, rate too high: 1125899906842624
[  348.012700][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2852'.
[  348.050247][T14159] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2852'.
[  350.520402][T14185] wg1 speed is unknown, defaulting to 1000
[  350.594276][T14192] FAULT_INJECTION: forcing a failure.
[  350.594276][T14192] name failslab, interval 1, probability 0, space 0, times 0
[  350.610429][T14192] CPU: 1 UID: 0 PID: 14192 Comm: syz.1.2866 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  350.610456][T14192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  350.610467][T14192] Call Trace:
[  350.610474][T14192]  <TASK>
[  350.610482][T14192]  dump_stack_lvl+0x189/0x250
[  350.610512][T14192]  ? __pfx_dump_stack_lvl+0x10/0x10
[  350.610535][T14192]  ? __pfx__printk+0x10/0x10
[  350.610558][T14192]  ? __pfx___might_resched+0x10/0x10
[  350.610579][T14192]  should_fail_ex+0x414/0x560
[  350.610608][T14192]  ? translate_table+0x19b/0x2040
[  350.610625][T14192]  should_failslab+0xa8/0x100
[  350.610648][T14192]  __kvmalloc_node_noprof+0x168/0x5e0
[  350.610670][T14192]  ? translate_table+0x19b/0x2040
[  350.610692][T14192]  translate_table+0x19b/0x2040
[  350.610733][T14192]  ? __pfx_translate_table+0x10/0x10
[  350.610754][T14192]  ? __might_fault+0xb0/0x130
[  350.610792][T14192]  ? _copy_from_user+0x94/0xb0
[  350.610818][T14192]  do_ip6t_set_ctl+0x970/0xce0
[  350.610844][T14192]  ? rcu_is_watching+0x15/0xb0
[  350.610868][T14192]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  350.610907][T14192]  ? __pfx___mutex_lock+0x10/0x10
[  350.610930][T14192]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  350.610958][T14192]  ? aa_sk_perm+0x81e/0x950
[  350.610985][T14192]  ? vfs_write+0x8d8/0xa90
[  350.611003][T14192]  ? __pfx_aa_sk_perm+0x10/0x10
[  350.611026][T14192]  ? kasan_quarantine_put+0xdd/0x220
[  350.611043][T14192]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.611068][T14192]  nf_setsockopt+0x26c/0x290
[  350.611090][T14192]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  350.611117][T14192]  do_sock_setsockopt+0x257/0x3e0
[  350.611140][T14192]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  350.611166][T14192]  ? ksys_write+0x1e1/0x250
[  350.611192][T14192]  __x64_sys_setsockopt+0x18b/0x220
[  350.611217][T14192]  do_syscall_64+0xf6/0x210
[  350.611241][T14192]  ? clear_bhb_loop+0x45/0xa0
[  350.611262][T14192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.611278][T14192] RIP: 0033:0x7fe0ecb8e969
[  350.611293][T14192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.611309][T14192] RSP: 002b:00007fe0edaa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  350.611328][T14192] RAX: ffffffffffffffda RBX: 00007fe0ecdb5fa0 RCX: 00007fe0ecb8e969
[  350.611341][T14192] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  350.611352][T14192] RBP: 00007fe0edaa7090 R08: 0000000000000478 R09: 0000000000000000
[  350.611363][T14192] R10: 0000200000000700 R11: 0000000000000246 R12: 0000000000000001
[  350.611378][T14192] R13: 0000000000000000 R14: 00007fe0ecdb5fa0 R15: 00007ffff19bc768
[  350.611407][T14192]  </TASK>
[  350.922813][T14194] siw: device registration error -23
[  351.080852][T14202] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2864'.
[  351.230121][T14201] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2868'.
[  351.401137][T14209] netlink: 'syz.3.2870': attribute type 1 has an invalid length.
[  351.432169][T14209] netlink: 'syz.3.2870': attribute type 2 has an invalid length.
[  351.521045][T14211] sch_fq: defrate 2048 ignored.
[  351.542165][T14211] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2872'.
[  352.308734][T14233] FAULT_INJECTION: forcing a failure.
[  352.308734][T14233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.375709][T14233] CPU: 0 UID: 0 PID: 14233 Comm: syz.0.2879 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  352.375736][T14233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  352.375747][T14233] Call Trace:
[  352.375754][T14233]  <TASK>
[  352.375762][T14233]  dump_stack_lvl+0x189/0x250
[  352.375794][T14233]  ? __pfx_dump_stack_lvl+0x10/0x10
[  352.375817][T14233]  ? __pfx__printk+0x10/0x10
[  352.375847][T14233]  should_fail_ex+0x414/0x560
[  352.375877][T14233]  _copy_to_user+0x31/0xb0
[  352.375901][T14233]  simple_read_from_buffer+0xe1/0x170
[  352.375927][T14233]  proc_fail_nth_read+0x1df/0x250
[  352.375952][T14233]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  352.375977][T14233]  ? rw_verify_area+0x258/0x650
[  352.375993][T14233]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  352.376017][T14233]  vfs_read+0x1fd/0x980
[  352.376041][T14233]  ? __pfx___mutex_lock+0x10/0x10
[  352.376064][T14233]  ? __pfx_vfs_read+0x10/0x10
[  352.376084][T14233]  ? __fget_files+0x2a/0x420
[  352.376108][T14233]  ? __fget_files+0x3a0/0x420
[  352.376127][T14233]  ? __fget_files+0x2a/0x420
[  352.376156][T14233]  ksys_read+0x145/0x250
[  352.376177][T14233]  ? __pfx_ksys_read+0x10/0x10
[  352.376198][T14233]  ? do_syscall_64+0xba/0x210
[  352.376224][T14233]  do_syscall_64+0xf6/0x210
[  352.376246][T14233]  ? clear_bhb_loop+0x45/0xa0
[  352.376268][T14233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.376284][T14233] RIP: 0033:0x7f20dc18d37c
[  352.376299][T14233] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  352.376314][T14233] RSP: 002b:00007f20dcfbf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  352.376332][T14233] RAX: ffffffffffffffda RBX: 00007f20dc3b5fa0 RCX: 00007f20dc18d37c
[  352.376345][T14233] RDX: 000000000000000f RSI: 00007f20dcfbf0a0 RDI: 0000000000000004
[  352.376356][T14233] RBP: 00007f20dcfbf090 R08: 0000000000000000 R09: 0000000000000000
[  352.376367][T14233] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.376378][T14233] R13: 0000000000000000 R14: 00007f20dc3b5fa0 R15: 00007ffd4bcb0698
[  352.376406][T14233]  </TASK>
[  352.744339][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  352.759989][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  352.772279][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  352.781787][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  352.792620][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  352.830028][T14237] wg1 speed is unknown, defaulting to 1000
[  353.038858][T14254] wg1 speed is unknown, defaulting to 1000
[  353.443372][T14267] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2889'.
[  353.523089][T14237] chnl_net:caif_netlink_parms(): no params data found
[  353.546285][T14273] netlink: 'syz.0.2894': attribute type 10 has an invalid length.
[  353.568705][T14276] team0: Port device bond0 removed
[  353.579990][T14280] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2895'.
[  354.114678][T14237] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.130569][T14237] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.158012][T14237] bridge_slave_0: entered allmulticast mode
[  354.201203][T14237] bridge_slave_0: entered promiscuous mode
[  354.246892][T14237] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.287191][T14237] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.315356][T14237] bridge_slave_1: entered allmulticast mode
[  354.347821][T14237] bridge_slave_1: entered promiscuous mode
[  354.418464][T14302] IPVS: ip_vs_edit_dest(): server weight less than zero
[  354.479302][T14237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.529996][T14237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.689588][T14237] team0: Port device team_slave_0 added
[  354.705267][T14313] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2904'.
[  354.738187][T14237] team0: Port device team_slave_1 added
[  354.815317][ T5833] Bluetooth: hci2: command tx timeout
[  354.968823][T14329] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2911'.
[  354.992654][T14329] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2911'.
[  355.185111][T14237] batman_adv: batadv0: Adding interface: batadv_slave_0
[  355.201055][T14237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  355.266321][T14237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  355.279592][T14237] batman_adv: batadv0: Adding interface: batadv_slave_1
[  355.289041][T14237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  355.319521][T14237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.521982][T14347] FAULT_INJECTION: forcing a failure.
[  355.521982][T14347] name failslab, interval 1, probability 0, space 0, times 0
[  355.525378][T14237] hsr_slave_0: entered promiscuous mode
[  355.538875][T14347] CPU: 0 UID: 0 PID: 14347 Comm: syz.0.2915 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  355.538902][T14347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  355.538913][T14347] Call Trace:
[  355.538922][T14347]  <TASK>
[  355.538930][T14347]  dump_stack_lvl+0x189/0x250
[  355.538962][T14347]  ? __pfx_dump_stack_lvl+0x10/0x10
[  355.538985][T14347]  ? __pfx__printk+0x10/0x10
[  355.539007][T14347]  ? __pfx___might_resched+0x10/0x10
[  355.539022][T14347]  ? fs_reclaim_acquire+0x7d/0x100
[  355.539050][T14347]  should_fail_ex+0x414/0x560
[  355.539079][T14347]  should_failslab+0xa8/0x100
[  355.539101][T14347]  __kmalloc_cache_noprof+0x70/0x3d0
[  355.539122][T14347]  ? rtnl_newlink+0xed/0x1c70
[  355.539143][T14347]  rtnl_newlink+0xed/0x1c70
[  355.539177][T14347]  ? __pfx_rtnl_newlink+0x10/0x10
[  355.539194][T14347]  ? is_bpf_text_address+0x26/0x2b0
[  355.539220][T14347]  ? is_bpf_text_address+0x292/0x2b0
[  355.539246][T14347]  ? __lock_acquire+0xaac/0xd20
[  355.539280][T14347]  ? __lock_acquire+0xaac/0xd20
[  355.539317][T14347]  ? is_bpf_text_address+0x26/0x2b0
[  355.539342][T14347]  ? is_bpf_text_address+0x292/0x2b0
[  355.539362][T14347]  ? is_bpf_text_address+0x26/0x2b0
[  355.539388][T14347]  ? aa_get_newest_label+0xf7/0x5d0
[  355.539408][T14347]  ? __lock_acquire+0xaac/0xd20
[  355.539450][T14347]  ? __pfx_rtnl_newlink+0x10/0x10
[  355.539465][T14347]  rtnetlink_rcv_msg+0x7cc/0xb70
[  355.539480][T14347]  ? kasan_save_track+0x4f/0x80
[  355.539499][T14347]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  355.539514][T14347]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.539531][T14347]  ? __lock_acquire+0xaac/0xd20
[  355.539565][T14347]  netlink_rcv_skb+0x219/0x490
[  355.539583][T14347]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.539600][T14347]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  355.539635][T14347]  ? netlink_deliver_tap+0x2e/0x1b0
[  355.539651][T14347]  ? netlink_deliver_tap+0x2e/0x1b0
[  355.539673][T14347]  netlink_unicast+0x758/0x8d0
[  355.539707][T14347]  netlink_sendmsg+0x805/0xb30
[  355.539733][T14347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  355.539753][T14347]  ? aa_sock_msg_perm+0x94/0x160
[  355.539771][T14347]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  355.539789][T14347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  355.539807][T14347]  __sock_sendmsg+0x219/0x270
[  355.539833][T14347]  ____sys_sendmsg+0x505/0x830
[  355.539857][T14347]  ? __pfx_____sys_sendmsg+0x10/0x10
[  355.539885][T14347]  ? import_iovec+0x74/0xa0
[  355.539908][T14347]  ___sys_sendmsg+0x21f/0x2a0
[  355.539930][T14347]  ? __pfx____sys_sendmsg+0x10/0x10
[  355.539983][T14347]  ? __fget_files+0x2a/0x420
[  355.540002][T14347]  ? __fget_files+0x3a0/0x420
[  355.540031][T14347]  __x64_sys_sendmsg+0x19b/0x260
[  355.540053][T14347]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  355.540088][T14347]  ? do_syscall_64+0xba/0x210
[  355.540114][T14347]  do_syscall_64+0xf6/0x210
[  355.540136][T14347]  ? clear_bhb_loop+0x45/0xa0
[  355.540156][T14347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.540179][T14347] RIP: 0033:0x7f20dc18e969
[  355.540193][T14347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.540207][T14347] RSP: 002b:00007f20dcfbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  355.540224][T14347] RAX: ffffffffffffffda RBX: 00007f20dc3b5fa0 RCX: 00007f20dc18e969
[  355.540236][T14347] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000e
[  355.540245][T14347] RBP: 00007f20dcfbf090 R08: 0000000000000000 R09: 0000000000000000
[  355.540254][T14347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.540263][T14347] R13: 0000000000000000 R14: 00007f20dc3b5fa0 R15: 00007ffd4bcb0698
[  355.540289][T14347]  </TASK>
[  355.626538][T14354] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2918'.
[  355.917691][T14237] hsr_slave_1: entered promiscuous mode
[  355.924117][T14237] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  355.938440][T14237] Cannot create hsr debugfs directory
[  355.972714][T14355] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2917'.
[  356.675555][T14348] wg1 speed is unknown, defaulting to 1000
[  356.840996][T14377] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2926'.
[  356.896687][ T5833] Bluetooth: hci2: command tx timeout
[  356.974465][T14350] wg1 speed is unknown, defaulting to 1000
[  357.013617][T14237] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.303997][T14237] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.471548][T14237] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.670325][T14237] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.700175][T14408] netlink: 900 bytes leftover after parsing attributes in process `syz.0.2939'.
[  357.711071][T14411] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  357.899897][T14421] FAULT_INJECTION: forcing a failure.
[  357.899897][T14421] name failslab, interval 1, probability 0, space 0, times 0
[  357.927160][T14421] CPU: 1 UID: 0 PID: 14421 Comm: syz.0.2943 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  357.927187][T14421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  357.927197][T14421] Call Trace:
[  357.927205][T14421]  <TASK>
[  357.927213][T14421]  dump_stack_lvl+0x189/0x250
[  357.927244][T14421]  ? __pfx_dump_stack_lvl+0x10/0x10
[  357.927267][T14421]  ? __pfx__printk+0x10/0x10
[  357.927288][T14421]  ? __pfx___might_resched+0x10/0x10
[  357.927305][T14421]  ? fs_reclaim_acquire+0x7d/0x100
[  357.927329][T14421]  should_fail_ex+0x414/0x560
[  357.927357][T14421]  should_failslab+0xa8/0x100
[  357.927379][T14421]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  357.927401][T14421]  ? __alloc_skb+0x112/0x2d0
[  357.927422][T14421]  __alloc_skb+0x112/0x2d0
[  357.927444][T14421]  alloc_skb_with_frags+0xca/0x890
[  357.927477][T14421]  sock_alloc_send_pskb+0x857/0x990
[  357.927519][T14421]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  357.927541][T14421]  ? __local_bh_enable_ip+0x12d/0x1c0
[  357.927565][T14421]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  357.927600][T14421]  llc_ui_sendmsg+0x477/0xdd0
[  357.927637][T14421]  ? __pfx_llc_ui_sendmsg+0x10/0x10
[  357.927656][T14421]  ? aa_sock_msg_perm+0x94/0x160
[  357.927675][T14421]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  357.927693][T14421]  ? __pfx_llc_ui_sendmsg+0x10/0x10
[  357.927712][T14421]  __sock_sendmsg+0x219/0x270
[  357.927739][T14421]  ____sys_sendmsg+0x52d/0x830
[  357.927765][T14421]  ? __pfx_____sys_sendmsg+0x10/0x10
[  357.927793][T14421]  ? import_iovec+0x74/0xa0
[  357.927818][T14421]  ___sys_sendmsg+0x21f/0x2a0
[  357.927840][T14421]  ? __pfx____sys_sendmsg+0x10/0x10
[  357.927904][T14421]  ? __might_fault+0xb0/0x130
[  357.927936][T14421]  __sys_sendmmsg+0x227/0x430
[  357.927961][T14421]  ? __pfx___sys_sendmmsg+0x10/0x10
[  357.927990][T14421]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  357.928032][T14421]  ? ksys_write+0x1f0/0x250
[  357.928061][T14421]  __x64_sys_sendmmsg+0xa0/0xc0
[  357.928083][T14421]  do_syscall_64+0xf6/0x210
[  357.928108][T14421]  ? clear_bhb_loop+0x45/0xa0
[  357.928129][T14421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.928145][T14421] RIP: 0033:0x7f20dc18e969
[  357.928162][T14421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.928182][T14421] RSP: 002b:00007f20dcf9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  357.928201][T14421] RAX: ffffffffffffffda RBX: 00007f20dc3b6080 RCX: 00007f20dc18e969
[  357.928214][T14421] RDX: 03fffffffffffeed RSI: 0000200000001380 RDI: 0000000000000004
[  357.928226][T14421] RBP: 00007f20dcf9e090 R08: 0000000000000000 R09: 0000000000000000
[  357.928237][T14421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  357.928247][T14421] R13: 0000000000000001 R14: 00007f20dc3b6080 R15: 00007ffd4bcb0698
[  357.928276][T14421]  </TASK>
[  357.997858][T14237] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  358.351474][T14237] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  358.385452][T14237] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  358.398412][T14431] netlink: 'syz.2.2947': attribute type 16 has an invalid length.
[  358.403672][T14237] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  358.421368][T14431] netlink: 'syz.2.2947': attribute type 17 has an invalid length.
[  358.661806][T14237] 8021q: adding VLAN 0 to HW filter on device bond0
[  358.698735][T14440] 
: (slave dummy0): Releasing backup interface
[  358.726733][T14440] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  358.744646][T14440] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  358.759468][T14440] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  358.768018][T14446] xt_hashlimit: size too large, truncated to 1048576
[  358.780694][T14440] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  358.825475][T14440] team0: Port device geneve0 removed
[  358.909537][T14237] 8021q: adding VLAN 0 to HW filter on device team0
[  358.963794][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.971142][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  359.000949][ T5833] Bluetooth: hci2: command tx timeout
[  359.064315][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.071578][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  359.072328][T14455] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  359.248721][T14456] wg1 speed is unknown, defaulting to 1000
[  359.490633][T14475] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2955'.
[  359.722207][T14485] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2961'.
[  359.744944][T14485] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2961'.
[  359.899972][T14489] FAULT_INJECTION: forcing a failure.
[  359.899972][T14489] name failslab, interval 1, probability 0, space 0, times 0
[  359.920508][T14489] CPU: 0 UID: 0 PID: 14489 Comm: syz.1.2963 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  359.920535][T14489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  359.920546][T14489] Call Trace:
[  359.920554][T14489]  <TASK>
[  359.920562][T14489]  dump_stack_lvl+0x189/0x250
[  359.920594][T14489]  ? __pfx_dump_stack_lvl+0x10/0x10
[  359.920617][T14489]  ? __pfx__printk+0x10/0x10
[  359.920641][T14489]  ? __pfx___might_resched+0x10/0x10
[  359.920662][T14489]  should_fail_ex+0x414/0x560
[  359.920693][T14489]  should_failslab+0xa8/0x100
[  359.920717][T14489]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  359.920739][T14489]  ? __alloc_skb+0x112/0x2d0
[  359.920763][T14489]  __alloc_skb+0x112/0x2d0
[  359.920783][T14489]  netlink_dump+0x245/0xe70
[  359.920801][T14489]  ? trace_contention_end+0x39/0x120
[  359.920820][T14489]  ? __mutex_lock+0x330/0xe80
[  359.920846][T14489]  ? __netlink_lookup+0xbd/0x810
[  359.920864][T14489]  ? __pfx_netlink_dump+0x10/0x10
[  359.920901][T14489]  ? netlink_lookup+0x30/0x200
[  359.920916][T14489]  ? netlink_lookup+0x30/0x200
[  359.920930][T14489]  ? netlink_lookup+0x30/0x200
[  359.920952][T14489]  __netlink_dump_start+0x5cb/0x7e0
[  359.920978][T14489]  xsk_diag_handler_dump+0x183/0x220
[  359.921008][T14489]  ? __pfx_xsk_diag_handler_dump+0x10/0x10
[  359.921040][T14489]  ? __pfx_xsk_diag_dump+0x10/0x10
[  359.921066][T14489]  ? sock_diag_lock_handler+0x19/0x290
[  359.921090][T14489]  ? sock_diag_lock_handler+0x19/0x290
[  359.921117][T14489]  sock_diag_rcv_msg+0x4c9/0x600
[  359.921146][T14489]  netlink_rcv_skb+0x219/0x490
[  359.921165][T14489]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  359.921190][T14489]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  359.921228][T14489]  ? netlink_deliver_tap+0x2e/0x1b0
[  359.921245][T14489]  ? netlink_deliver_tap+0x2e/0x1b0
[  359.921269][T14489]  netlink_unicast+0x758/0x8d0
[  359.921305][T14489]  netlink_sendmsg+0x805/0xb30
[  359.921334][T14489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.921355][T14489]  ? aa_sock_msg_perm+0x94/0x160
[  359.921375][T14489]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  359.921394][T14489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.921413][T14489]  __sock_sendmsg+0x219/0x270
[  359.921441][T14489]  sock_write_iter+0x258/0x330
[  359.921466][T14489]  ? __pfx_sock_write_iter+0x10/0x10
[  359.921501][T14489]  ? __pfx_aa_file_perm+0x10/0x10
[  359.921527][T14489]  do_iter_readv_writev+0x56b/0x7f0
[  359.921551][T14489]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  359.921577][T14489]  ? bpf_lsm_file_permission+0x9/0x20
[  359.921617][T14489]  ? security_file_permission+0x75/0x290
[  359.921644][T14489]  ? rw_verify_area+0x258/0x650
[  359.921667][T14489]  vfs_writev+0x306/0x9a0
[  359.921688][T14489]  ? vfs_write+0x8d8/0xa90
[  359.921715][T14489]  ? __pfx_vfs_writev+0x10/0x10
[  359.921751][T14489]  ? __fget_files+0x2a/0x420
[  359.921778][T14489]  ? __fget_files+0x3a0/0x420
[  359.921798][T14489]  ? __fget_files+0x2a/0x420
[  359.921829][T14489]  do_writev+0x14d/0x2d0
[  359.921854][T14489]  ? __pfx_do_writev+0x10/0x10
[  359.921881][T14489]  ? do_syscall_64+0xba/0x210
[  359.921909][T14489]  do_syscall_64+0xf6/0x210
[  359.921933][T14489]  ? clear_bhb_loop+0x45/0xa0
[  359.921955][T14489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.921971][T14489] RIP: 0033:0x7fe0ecb8e969
[  359.921988][T14489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.922003][T14489] RSP: 002b:00007fe0edaa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  359.922022][T14489] RAX: ffffffffffffffda RBX: 00007fe0ecdb5fa0 RCX: 00007fe0ecb8e969
[  359.922042][T14489] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  359.922053][T14489] RBP: 00007fe0edaa7090 R08: 0000000000000000 R09: 0000000000000000
[  359.922064][T14489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.922073][T14489] R13: 0000000000000000 R14: 00007fe0ecdb5fa0 R15: 00007ffff19bc768
[  359.922102][T14489]  </TASK>
[  360.021213][T14483] wg1 speed is unknown, defaulting to 1000
[  360.190581][T14237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  360.712996][T14459] wg1 speed is unknown, defaulting to 1000
[  361.057807][ T5833] Bluetooth: hci2: command tx timeout
[  361.104648][T14527] vlan1: entered promiscuous mode
[  361.110027][T14527] bond0: entered promiscuous mode
[  361.212838][T14529] team0: Mode "j�adbalanc" not found
[  361.241721][T14237] veth0_vlan: entered promiscuous mode
[  361.268500][T14237] veth1_vlan: entered promiscuous mode
[  361.329614][T14237] veth0_macvtap: entered promiscuous mode
[  361.351382][T14237] veth1_macvtap: entered promiscuous mode
[  361.386724][T14237] batman_adv: batadv0: Interface activated: batadv_slave_0
[  361.414475][T14237] batman_adv: batadv0: Interface activated: batadv_slave_1
[  361.440568][T14237] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.454537][T14237] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.477063][T14237] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.495056][T14237] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.526735][T14541] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2978'.
[  361.538095][T14543] FAULT_INJECTION: forcing a failure.
[  361.538095][T14543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  361.562225][T14543] CPU: 1 UID: 0 PID: 14543 Comm: syz.1.2977 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  361.562247][T14543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  361.562255][T14543] Call Trace:
[  361.562261][T14543]  <TASK>
[  361.562268][T14543]  dump_stack_lvl+0x189/0x250
[  361.562291][T14543]  ? __lock_acquire+0xaac/0xd20
[  361.562312][T14543]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.562329][T14543]  ? __pfx__printk+0x10/0x10
[  361.562344][T14543]  ? __might_fault+0xb0/0x130
[  361.562372][T14543]  should_fail_ex+0x414/0x560
[  361.562397][T14543]  _copy_from_user+0x2d/0xb0
[  361.562415][T14543]  kstrtouint_from_user+0xc4/0x170
[  361.562432][T14543]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  361.562461][T14543]  proc_fail_nth_write+0x88/0x240
[  361.562480][T14543]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  361.562503][T14543]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  361.562520][T14543]  vfs_write+0x27b/0xa90
[  361.562551][T14543]  ? __pfx_vfs_write+0x10/0x10
[  361.562569][T14543]  ? __fget_files+0x2a/0x420
[  361.562592][T14543]  ? __fget_files+0x3a0/0x420
[  361.562611][T14543]  ? __fget_files+0x2a/0x420
[  361.562637][T14543]  ksys_write+0x145/0x250
[  361.562652][T14543]  ? rcu_is_watching+0x15/0xb0
[  361.562674][T14543]  ? __pfx_ksys_write+0x10/0x10
[  361.562693][T14543]  ? do_syscall_64+0xba/0x210
[  361.562716][T14543]  do_syscall_64+0xf6/0x210
[  361.562736][T14543]  ? clear_bhb_loop+0x45/0xa0
[  361.562753][T14543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.562768][T14543] RIP: 0033:0x7fe0ecb8d41f
[  361.562784][T14543] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  361.562799][T14543] RSP: 002b:00007fe0edaa7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  361.562826][T14543] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe0ecb8d41f
[  361.562836][T14543] RDX: 0000000000000001 RSI: 00007fe0edaa70a0 RDI: 000000000000000c
[  361.562847][T14543] RBP: 00007fe0edaa7090 R08: 0000000000000000 R09: 0000000000000000
[  361.562856][T14543] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  361.562866][T14543] R13: 0000000000000000 R14: 00007fe0ecdb5fa0 R15: 00007ffff19bc768
[  361.562896][T14543]  </TASK>
[  361.890877][ T4569] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.912023][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.921269][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.941816][ T4569] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.231199][T14556] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2983'.
[  362.653237][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.744227][T14572] wg1 speed is unknown, defaulting to 1000
[  362.867039][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.903698][T14576] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2986'.
[  362.994299][T14581] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  363.044474][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.649825][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.825405][ T5823] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  363.836032][ T5823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  363.855387][ T5823] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  363.866125][ T5823] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  363.877512][ T5823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  363.892220][T14573] wg1 speed is unknown, defaulting to 1000
[  364.000543][T14602] wg1 speed is unknown, defaulting to 1000
[  364.033626][   T13] bridge_slave_1: left allmulticast mode
[  364.041053][   T13] bridge_slave_1: left promiscuous mode
[  364.049489][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.081869][   T13] bridge_slave_0: left allmulticast mode
[  364.087771][   T13] bridge_slave_0: left promiscuous mode
[  364.093970][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.747872][T14626] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3001'.
[  364.998792][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  365.011347][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  365.026043][   T13] bond0 (unregistering): Released all slaves
[  365.342220][T14633] lo: entered allmulticast mode
[  365.347589][T14633] tunl0: entered allmulticast mode
[  365.352890][T14633] gre0: entered allmulticast mode
[  365.358571][T14633] gretap0: entered allmulticast mode
[  365.364043][T14633] erspan0: entered allmulticast mode
[  365.369644][T14633] ip_vti0: entered allmulticast mode
[  365.379592][T14633] ip6_vti0: entered allmulticast mode
[  365.385576][T14633] sit0: entered allmulticast mode
[  365.390865][T14633] ip6tnl0: entered allmulticast mode
[  365.397416][T14633] ip6gre0: entered allmulticast mode
[  365.402944][T14633] ip6gretap0: entered allmulticast mode
[  365.409492][T14633] nlmon0: entered allmulticast mode
[  365.417171][T14633] caif0: entered allmulticast mode
[  365.422427][T14633] batadv0: entered allmulticast mode
[  365.428245][T14633] veth0: entered allmulticast mode
[  365.433496][T14633] veth1: entered allmulticast mode
[  365.441588][T14633] wg0: entered allmulticast mode
[  365.446764][T14633] wg1: entered allmulticast mode
[  365.451863][T14633] wg2: entered allmulticast mode
[  365.459489][T14633] veth0_to_bridge: entered allmulticast mode
[  365.465711][T14633] bridge_slave_0: entered allmulticast mode
[  365.471884][T14633] veth1_to_bridge: entered allmulticast mode
[  365.480244][T14633] bridge_slave_1: entered allmulticast mode
[  365.486596][T14633] veth0_to_bond: entered allmulticast mode
[  365.492598][T14633] bond_slave_0: entered allmulticast mode
[  365.500757][T14633] veth1_to_bond: entered allmulticast mode
[  365.506985][T14633] bond_slave_1: entered allmulticast mode
[  365.512828][T14633] veth0_to_team: entered allmulticast mode
[  365.521700][T14633] team_slave_0: entered allmulticast mode
[  365.527724][T14633] veth1_to_team: entered allmulticast mode
[  365.534061][T14633] team_slave_1: entered allmulticast mode
[  365.542467][T14633] veth0_to_batadv: entered allmulticast mode
[  365.549695][T14633] batadv_slave_0: entered allmulticast mode
[  365.558089][T14633] veth1_to_batadv: entered allmulticast mode
[  365.564271][T14633] batadv_slave_1: entered allmulticast mode
[  365.570596][T14633] xfrm0: entered allmulticast mode
[  365.579822][T14633] veth0_to_hsr: entered allmulticast mode
[  365.585870][T14633] hsr_slave_0: entered allmulticast mode
[  365.591708][T14633] veth1_to_hsr: entered allmulticast mode
[  365.601287][T14633] hsr_slave_1: entered allmulticast mode
[  365.607460][T14633] hsr0: entered allmulticast mode
[  365.612692][T14633] veth1_virt_wifi: entered allmulticast mode
[  365.629045][T14633] veth0_virt_wifi: entered allmulticast mode
[  365.635743][T14633] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  365.643246][T14633] veth1_vlan: entered allmulticast mode
[  365.652628][T14633] veth0_vlan: entered allmulticast mode
[  365.659329][T14633] vlan0: entered allmulticast mode
[  365.664661][T14633] vlan1: entered allmulticast mode
[  365.673883][T14633] macvlan0: entered allmulticast mode
[  365.679667][T14633] macvlan1: entered allmulticast mode
[  365.688779][T14633] ipvlan0: entered allmulticast mode
[  365.694324][T14633] ipvlan1: entered allmulticast mode
[  365.701386][T14633] veth1_macvtap: entered allmulticast mode
[  365.711044][T14633] veth0_macvtap: entered allmulticast mode
[  365.717357][T14633] macvtap0: entered allmulticast mode
[  365.722931][T14633] macsec0: entered allmulticast mode
[  365.732027][T14633] geneve0: entered allmulticast mode
[  365.737814][T14633] geneve1: entered allmulticast mode
[  365.743386][T14633] mac80211_hwsim hwsim8 wlan0: left promiscuous mode
[  365.753591][T14633] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  365.761337][T14633] ip6gretap1: entered allmulticast mode
[  365.770570][T14633] mac80211_hwsim hwsim17 wlan2: entered allmulticast mode
[  365.778280][T14633] mac80211_hwsim hwsim20 wlan3: entered allmulticast mode
[  365.789262][T14633] mac80211_hwsim hwsim21 wlan4: entered allmulticast mode
[  365.796786][T14633] veth2: entered allmulticast mode
[  365.802102][T14633] veth3: entered allmulticast mode
[  365.810806][T14633] mac80211_hwsim hwsim23 wlan5: entered allmulticast mode
[  365.818644][T14633] mac80211_hwsim hwsim26 wlan6: entered allmulticast mode
[  365.829351][T14633] ip6tnl1: entered allmulticast mode
[  365.835010][T14633] mac80211_hwsim hwsim27 wlan7: entered allmulticast mode
[  365.842291][T14633] sit1: entered allmulticast mode
[  365.850343][T14633] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 256 - 0
[  365.859132][T14633] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 256 - 0
[  365.867728][T14633] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 256 - 0
[  365.876455][T14633] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 256 - 0
[  365.887292][T14633] geneve2: left promiscuous mode
[  365.900967][T14633] vlan2: entered allmulticast mode
[  365.907615][T14633] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.916477][T14633] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.925027][T14633] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.933372][T14633] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.942434][ T5833] Bluetooth: hci2: command tx timeout
[  365.949094][T14633] vxlan0: entered allmulticast mode
[  365.964150][T14633] syztnl2: entered allmulticast mode
[  365.979967][T14633] vlan3: entered allmulticast mode
[  365.985387][T14633] bridge1: entered allmulticast mode
[  365.990772][T14633] gtp0: entered allmulticast mode
[  365.996567][T14633] gretap1: entered allmulticast mode
[  366.001986][T14633] netdevsim netdevsim3 eth0: entered allmulticast mode
[  366.009346][T14633] netdevsim netdevsim3 eth1: entered allmulticast mode
[  366.016938][T14633] netdevsim netdevsim3 eth2: entered allmulticast mode
[  366.023948][T14633] netdevsim netdevsim3 eth3: entered allmulticast mode
[  366.031377][T14633] mac80211_hwsim hwsim34 wlan1: entered allmulticast mode
[  366.039769][T14633] macvtap1: left promiscuous mode
[  366.049095][T14633] veth4: entered allmulticast mode
[  366.054363][T14633] veth5: entered allmulticast mode
[  366.060046][T14633] mac80211_hwsim hwsim37 wlan8: entered allmulticast mode
[  366.101708][T14633] vlan4: entered allmulticast mode
[  366.107406][T14633] erspan1: entered allmulticast mode
[  366.279324][   T30] audit: type=1107 audit(1746049262.571:4): pid=14644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='1'
[  366.319114][T14602] chnl_net:caif_netlink_parms(): no params data found
[  366.415379][T14654] netlink: 'syz.0.3011': attribute type 3 has an invalid length.
[  366.472352][   T13] hsr_slave_0: left promiscuous mode
[  366.480563][   T13] hsr_slave_1: left promiscuous mode
[  366.488217][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  366.500178][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  366.511628][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  366.519782][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  366.549738][   T13] veth1_macvtap: left promiscuous mode
[  366.555927][   T13] veth0_macvtap: left promiscuous mode
[  366.561663][   T13] veth1_vlan: left promiscuous mode
[  366.568241][   T13] veth0_vlan: left promiscuous mode
[  367.349834][   T13] team0 (unregistering): Port device team_slave_1 removed
[  367.411090][   T13] team0 (unregistering): Port device team_slave_0 removed
[  368.006785][T14662] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3013'.
[  368.016149][ T5833] Bluetooth: hci2: command tx timeout
[  370.100013][ T5833] Bluetooth: hci2: command tx timeout
[  370.522632][T14602] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.539950][T14602] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.555587][T14602] bridge_slave_0: entered allmulticast mode
[  370.563267][T14602] bridge_slave_0: entered promiscuous mode
[  370.595547][T14602] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.613553][T14602] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.639593][T14683] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  370.658262][T14602] bridge_slave_1: entered allmulticast mode
[  370.675499][T14602] bridge_slave_1: entered promiscuous mode
[  370.817368][T14602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  370.851195][T14602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  370.945818][T14602] team0: Port device team_slave_0 added
[  370.956360][T14602] team0: Port device team_slave_1 added
[  371.046789][T14602] batman_adv: batadv0: Adding interface: batadv_slave_0
[  371.053820][T14602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  371.080985][T14602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  371.152452][T14602] batman_adv: batadv0: Adding interface: batadv_slave_1
[  371.163280][T14703] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  371.166129][T14602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  371.204352][T14602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  371.229376][T14706] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3029'.
[  371.894040][T14713] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3031'.
[  372.180163][ T5833] Bluetooth: hci2: command tx timeout
[  373.779857][T14602] hsr_slave_0: entered promiscuous mode
[  373.813477][T14602] hsr_slave_1: entered promiscuous mode
[  373.820335][T14602] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  373.833209][T14602] Cannot create hsr debugfs directory
[  374.197957][T14738] FAULT_INJECTION: forcing a failure.
[  374.197957][T14738] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  374.232054][T14738] CPU: 1 UID: 0 PID: 14738 Comm: syz.0.3039 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  374.232081][T14738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  374.232091][T14738] Call Trace:
[  374.232099][T14738]  <TASK>
[  374.232107][T14738]  dump_stack_lvl+0x189/0x250
[  374.232138][T14738]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.232161][T14738]  ? __pfx__printk+0x10/0x10
[  374.232181][T14738]  ? fs_reclaim_acquire+0x7d/0x100
[  374.232213][T14738]  should_fail_ex+0x414/0x560
[  374.232243][T14738]  prepare_alloc_pages+0x213/0x610
[  374.232273][T14738]  __alloc_frozen_pages_noprof+0x123/0x370
[  374.232311][T14738]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  374.232333][T14738]  ? __lock_acquire+0xaac/0xd20
[  374.232364][T14738]  ? policy_nodemask+0x27c/0x720
[  374.232392][T14738]  alloc_pages_mpol+0x232/0x4a0
[  374.232418][T14738]  vma_alloc_folio_noprof+0xe4/0x200
[  374.232443][T14738]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  374.232476][T14738]  folio_prealloc+0x30/0x180
[  374.232500][T14738]  do_wp_page+0x123a/0x5760
[  374.232541][T14738]  ? __pfx_do_wp_page+0x10/0x10
[  374.232556][T14738]  ? do_raw_spin_lock+0x121/0x290
[  374.232579][T14738]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  374.232610][T14738]  __handle_mm_fault+0x1028/0x5380
[  374.232650][T14738]  ? __pfx___handle_mm_fault+0x10/0x10
[  374.232688][T14738]  ? find_vma+0xe7/0x160
[  374.232706][T14738]  ? __pfx_find_vma+0x10/0x10
[  374.232726][T14738]  handle_mm_fault+0x3f6/0x8c0
[  374.232751][T14738]  do_user_addr_fault+0x764/0x1390
[  374.232781][T14738]  exc_page_fault+0x68/0x110
[  374.232803][T14738]  asm_exc_page_fault+0x26/0x30
[  374.232819][T14738] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  374.232838][T14738] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  374.232853][T14738] RSP: 0018:ffffc9000341f6d8 EFLAGS: 00050206
[  374.232869][T14738] RAX: ffffffff84b5a001 RBX: ffff888057ee00e8 RCX: 0000000000000970
[  374.232882][T14738] RDX: 0000000000000000 RSI: ffff888057eef948 RDI: 0000200000030000
[  374.232894][T14738] RBP: ffffc9000341f828 R08: ffff888057ef02b7 R09: 1ffff1100afde056
[  374.232905][T14738] R10: dffffc0000000000 R11: ffffed100afde057 R12: dffffc0000000000
[  374.232916][T14738] R13: 00000000000203a0 R14: 00007ffffffff000 R15: 00000000000101d0
[  374.232932][T14738]  ? _copy_to_iter+0x421/0x15a0
[  374.232956][T14738]  _copy_to_iter+0x484/0x15a0
[  374.232986][T14738]  ? __pfx__copy_to_iter+0x10/0x10
[  374.233003][T14738]  ? tipc_wait_for_rcvmsg+0x4ef/0x630
[  374.233035][T14738]  __skb_datagram_iter+0x100/0x960
[  374.233057][T14738]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  374.233087][T14738]  skb_copy_datagram_iter+0xc5/0x230
[  374.233113][T14738]  tipc_recvstream+0x72d/0xe70
[  374.233151][T14738]  ? __pfx_tipc_recvstream+0x10/0x10
[  374.233168][T14738]  sock_recvmsg+0x229/0x270
[  374.233195][T14738]  ____sys_recvmsg+0x1c9/0x460
[  374.233223][T14738]  ? __pfx_____sys_recvmsg+0x10/0x10
[  374.233257][T14738]  ? import_iovec+0x74/0xa0
[  374.233289][T14738]  ___sys_recvmsg+0x1b5/0x510
[  374.233316][T14738]  ? __pfx____sys_recvmsg+0x10/0x10
[  374.233362][T14738]  ? __fget_files+0x3a0/0x420
[  374.233394][T14738]  __x64_sys_recvmsg+0x198/0x260
[  374.233415][T14738]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  374.233452][T14738]  ? do_syscall_64+0xba/0x210
[  374.233478][T14738]  do_syscall_64+0xf6/0x210
[  374.233502][T14738]  ? clear_bhb_loop+0x45/0xa0
[  374.233522][T14738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.233537][T14738] RIP: 0033:0x7f20dc18e969
[  374.233552][T14738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.233567][T14738] RSP: 002b:00007f20dcfbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  374.233584][T14738] RAX: ffffffffffffffda RBX: 00007f20dc3b5fa0 RCX: 00007f20dc18e969
[  374.233596][T14738] RDX: 0000000000001f00 RSI: 0000200000000500 RDI: 0000000000000005
[  374.233608][T14738] RBP: 00007f20dcfbf090 R08: 0000000000000000 R09: 0000000000000000
[  374.233618][T14738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  374.233629][T14738] R13: 0000000000000000 R14: 00007f20dc3b5fa0 R15: 00007ffd4bcb0698
[  374.233657][T14738]  </TASK>
[  374.255549][ T5833] Bluetooth: hci2: command tx timeout
[  374.951690][T14751] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3044'.
[  375.107177][T14754] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3045'.
[  377.432237][T14761] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3050'.
[  377.463002][T14763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3049'.
[  377.480406][T14763] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  377.538035][T14763] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  377.593718][T14769] netlink: 'syz.1.3052': attribute type 3 has an invalid length.
[  377.632060][T14602] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  377.667774][T14602] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  377.701001][T14602] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  377.728987][T14602] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  377.809092][T14779] netlink: 'syz.0.3054': attribute type 33 has an invalid length.
[  377.895845][T14602] 8021q: adding VLAN 0 to HW filter on device bond0
[  377.920082][T14602] 8021q: adding VLAN 0 to HW filter on device team0
[  377.941757][ T8673] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.949025][ T8673] bridge0: port 1(bridge_slave_0) entered forwarding state
[  377.973800][ T4569] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.981040][ T4569] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.054336][T14602] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  378.268291][T14602] 8021q: adding VLAN 0 to HW filter on device batadv0
[  378.749265][T14602] veth0_vlan: entered promiscuous mode
[  378.789929][T14602] veth1_vlan: entered promiscuous mode
[  378.918424][T14602] veth0_macvtap: entered promiscuous mode
[  378.967496][T14602] veth1_macvtap: entered promiscuous mode
[  378.987211][T14817] netlink: 'syz.0.3068': attribute type 10 has an invalid length.
[  379.005883][T14819] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3069'.
[  379.029758][T14602] batman_adv: batadv0: Interface activated: batadv_slave_0
[  379.045730][T14819] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3069'.
[  379.069723][T14823] 8021q: VLANs not supported on ip_vti0
[  379.098326][T14602] batman_adv: batadv0: Interface activated: batadv_slave_1
[  379.130327][T14602] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.141938][T14602] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.162949][T14602] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.180557][T14602] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.353649][T14836] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3074'.
[  379.409600][T14836] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  379.477619][T14836] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  379.547943][ T8673] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.556840][T14843] wg1 speed is unknown, defaulting to 1000
[  379.572143][ T8673] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.693936][ T8673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.710242][ T8673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.859981][T14854] FAULT_INJECTION: forcing a failure.
[  379.859981][T14854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  379.885156][T14854] CPU: 1 UID: 0 PID: 14854 Comm: syz.2.3079 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  379.885183][T14854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  379.885193][T14854] Call Trace:
[  379.885200][T14854]  <TASK>
[  379.885207][T14854]  dump_stack_lvl+0x189/0x250
[  379.885231][T14854]  ? __lock_acquire+0xaac/0xd20
[  379.885254][T14854]  ? __pfx_dump_stack_lvl+0x10/0x10
[  379.885273][T14854]  ? __pfx__printk+0x10/0x10
[  379.885287][T14854]  ? __might_fault+0xb0/0x130
[  379.885315][T14854]  should_fail_ex+0x414/0x560
[  379.885344][T14854]  _copy_from_user+0x2d/0xb0
[  379.885366][T14854]  __x64_sys_epoll_ctl+0x126/0x1a0
[  379.885384][T14854]  ? rcu_is_watching+0x15/0xb0
[  379.885407][T14854]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  379.885428][T14854]  ? do_syscall_64+0xba/0x210
[  379.885454][T14854]  do_syscall_64+0xf6/0x210
[  379.885474][T14854]  ? clear_bhb_loop+0x45/0xa0
[  379.885494][T14854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.885510][T14854] RIP: 0033:0x7f365e78e969
[  379.885526][T14854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  379.885539][T14854] RSP: 002b:00007f365f6de038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  379.885556][T14854] RAX: ffffffffffffffda RBX: 00007f365e9b5fa0 RCX: 00007f365e78e969
[  379.885567][T14854] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000003
[  379.885576][T14854] RBP: 00007f365f6de090 R08: 0000000000000000 R09: 0000000000000000
[  379.885586][T14854] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  379.885596][T14854] R13: 0000000000000000 R14: 00007f365e9b5fa0 R15: 00007fffe27f61e8
[  379.885623][T14854]  </TASK>
[  380.135845][T14856] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  380.331265][T14860] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3082'.
[  380.371488][T14860] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3082'.
[  380.390325][T14860] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3082'.
[  381.049920][T14894] FAULT_INJECTION: forcing a failure.
[  381.049920][T14894] name failslab, interval 1, probability 0, space 0, times 0
[  381.063418][T14894] CPU: 0 UID: 0 PID: 14894 Comm: syz.1.3094 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  381.063443][T14894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  381.063454][T14894] Call Trace:
[  381.063462][T14894]  <TASK>
[  381.063470][T14894]  dump_stack_lvl+0x189/0x250
[  381.063504][T14894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  381.063527][T14894]  ? __pfx__printk+0x10/0x10
[  381.063551][T14894]  ? __pfx___might_resched+0x10/0x10
[  381.063566][T14894]  ? fs_reclaim_acquire+0x7d/0x100
[  381.063595][T14894]  should_fail_ex+0x414/0x560
[  381.063646][T14894]  ? alloc_netdev_mqs+0xa8b/0x11e0
[  381.063667][T14894]  should_failslab+0xa8/0x100
[  381.063690][T14894]  __kvmalloc_node_noprof+0x168/0x5e0
[  381.063712][T14894]  ? alloc_netdev_mqs+0xa8b/0x11e0
[  381.063739][T14894]  alloc_netdev_mqs+0xa8b/0x11e0
[  381.063768][T14894]  rtnl_create_link+0x31f/0xd10
[  381.063797][T14894]  rtnl_newlink_create+0x25c/0xb00
[  381.063822][T14894]  ? __pfx_aa_get_newest_label+0x10/0x10
[  381.063844][T14894]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  381.063861][T14894]  ? rtnl_newlink+0x8db/0x1c70
[  381.063879][T14894]  ? __pfx___mutex_lock+0x10/0x10
[  381.063913][T14894]  ? ns_capable+0x8a/0xf0
[  381.063934][T14894]  rtnl_newlink+0x16d6/0x1c70
[  381.063968][T14894]  ? __pfx_rtnl_newlink+0x10/0x10
[  381.063986][T14894]  ? is_bpf_text_address+0x26/0x2b0
[  381.064014][T14894]  ? is_bpf_text_address+0x292/0x2b0
[  381.064041][T14894]  ? __lock_acquire+0xaac/0xd20
[  381.064077][T14894]  ? __lock_acquire+0xaac/0xd20
[  381.064119][T14894]  ? is_bpf_text_address+0x26/0x2b0
[  381.064146][T14894]  ? is_bpf_text_address+0x292/0x2b0
[  381.064167][T14894]  ? is_bpf_text_address+0x26/0x2b0
[  381.064196][T14894]  ? aa_get_newest_label+0xf7/0x5d0
[  381.064217][T14894]  ? __lock_acquire+0xaac/0xd20
[  381.064264][T14894]  ? __pfx_rtnl_newlink+0x10/0x10
[  381.064280][T14894]  rtnetlink_rcv_msg+0x7cc/0xb70
[  381.064296][T14894]  ? kasan_save_track+0x4f/0x80
[  381.064318][T14894]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  381.064333][T14894]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  381.064350][T14894]  ? __lock_acquire+0xaac/0xd20
[  381.064385][T14894]  netlink_rcv_skb+0x219/0x490
[  381.064404][T14894]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  381.064423][T14894]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  381.064459][T14894]  ? netlink_deliver_tap+0x2e/0x1b0
[  381.064474][T14894]  ? netlink_deliver_tap+0x2e/0x1b0
[  381.064493][T14894]  netlink_unicast+0x758/0x8d0
[  381.064524][T14894]  netlink_sendmsg+0x805/0xb30
[  381.064551][T14894]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.064573][T14894]  ? aa_sock_msg_perm+0x94/0x160
[  381.064591][T14894]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  381.064608][T14894]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.064634][T14894]  __sock_sendmsg+0x219/0x270
[  381.064662][T14894]  ____sys_sendmsg+0x505/0x830
[  381.064688][T14894]  ? __pfx_____sys_sendmsg+0x10/0x10
[  381.064718][T14894]  ? import_iovec+0x74/0xa0
[  381.064743][T14894]  ___sys_sendmsg+0x21f/0x2a0
[  381.064767][T14894]  ? __pfx____sys_sendmsg+0x10/0x10
[  381.064816][T14894]  ? __fget_files+0x2a/0x420
[  381.064836][T14894]  ? __fget_files+0x3a0/0x420
[  381.064866][T14894]  __x64_sys_sendmsg+0x19b/0x260
[  381.064889][T14894]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  381.064927][T14894]  ? do_syscall_64+0xba/0x210
[  381.064951][T14894]  do_syscall_64+0xf6/0x210
[  381.064974][T14894]  ? clear_bhb_loop+0x45/0xa0
[  381.064994][T14894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.065011][T14894] RIP: 0033:0x7fe0ecb8e969
[  381.065028][T14894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.065043][T14894] RSP: 002b:00007fe0edaa7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  381.065060][T14894] RAX: ffffffffffffffda RBX: 00007fe0ecdb5fa0 RCX: 00007fe0ecb8e969
[  381.065071][T14894] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000c
[  381.065080][T14894] RBP: 00007fe0edaa7090 R08: 0000000000000000 R09: 0000000000000000
[  381.065089][T14894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  381.065100][T14894] R13: 0000000000000000 R14: 00007fe0ecdb5fa0 R15: 00007ffff19bc768
[  381.065130][T14894]  </TASK>
[  381.520383][T14896] netlink: 'syz.3.3095': attribute type 5 has an invalid length.
[  381.611523][T14902] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3097'.
[  381.655801][T14902] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  381.667274][T14902] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  381.700909][T14906] FAULT_INJECTION: forcing a failure.
[  381.700909][T14906] name failslab, interval 1, probability 0, space 0, times 0
[  381.714369][T14906] CPU: 0 UID: 0 PID: 14906 Comm: syz.1.3100 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  381.714392][T14906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  381.714402][T14906] Call Trace:
[  381.714411][T14906]  <TASK>
[  381.714419][T14906]  dump_stack_lvl+0x189/0x250
[  381.714450][T14906]  ? __pfx_dump_stack_lvl+0x10/0x10
[  381.714474][T14906]  ? __pfx__printk+0x10/0x10
[  381.714497][T14906]  ? __pfx___might_resched+0x10/0x10
[  381.714529][T14906]  should_fail_ex+0x414/0x560
[  381.714559][T14906]  should_failslab+0xa8/0x100
[  381.714583][T14906]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  381.714604][T14906]  ? __alloc_skb+0x112/0x2d0
[  381.714627][T14906]  __alloc_skb+0x112/0x2d0
[  381.714649][T14906]  netlink_sendmsg+0x5c6/0xb30
[  381.714677][T14906]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.714699][T14906]  ? aa_sock_msg_perm+0x94/0x160
[  381.714718][T14906]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  381.714738][T14906]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.714760][T14906]  __sock_sendmsg+0x219/0x270
[  381.714784][T14906]  ____sys_sendmsg+0x505/0x830
[  381.714807][T14906]  ? __pfx_____sys_sendmsg+0x10/0x10
[  381.714837][T14906]  ? import_iovec+0x74/0xa0
[  381.714862][T14906]  ___sys_sendmsg+0x21f/0x2a0
[  381.714884][T14906]  ? __pfx____sys_sendmsg+0x10/0x10
[  381.714940][T14906]  ? __fget_files+0x2a/0x420
[  381.714957][T14906]  ? __fget_files+0x3a0/0x420
[  381.714988][T14906]  __x64_sys_sendmsg+0x19b/0x260
[  381.715010][T14906]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  381.715047][T14906]  ? do_syscall_64+0xba/0x210
[  381.715074][T14906]  do_syscall_64+0xf6/0x210
[  381.715097][T14906]  ? clear_bhb_loop+0x45/0xa0
[  381.715118][T14906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.715132][T14906] RIP: 0033:0x7fe0ecb8e969
[  381.715148][T14906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.715163][T14906] RSP: 002b:00007fe0edaa7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  381.715181][T14906] RAX: ffffffffffffffda RBX: 00007fe0ecdb5fa0 RCX: 00007fe0ecb8e969
[  381.715194][T14906] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000006
[  381.715205][T14906] RBP: 00007fe0edaa7090 R08: 0000000000000000 R09: 0000000000000000
[  381.715217][T14906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  381.715227][T14906] R13: 0000000000000000 R14: 00007fe0ecdb5fa0 R15: 00007ffff19bc768
[  381.715256][T14906]  </TASK>
[  382.173507][ T1337] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.337075][ T1337] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.519769][T14922] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3105'.
[  382.613885][   T30] audit: type=1107 audit(1746049278.901:5): pid=14921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='R=Hn�-�mx�DL��*~ YL� D$���8�9ihT�ɾ��~Ri;�����UG��,��x�=�r���~������-?��/'
[  382.713399][ T1337] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.882443][ T1337] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.143749][ T5823] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  383.157356][ T5823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  383.174634][ T5823] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  383.184103][ T5823] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  383.186885][T14947] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3113'.
[  383.203620][ T5823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  383.232522][ T1337] bridge_slave_1: left allmulticast mode
[  383.241942][ T1337] bridge_slave_1: left promiscuous mode
[  383.250022][ T1337] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.264678][ T1337] bridge_slave_0: left allmulticast mode
[  383.273235][ T1337] bridge_slave_0: left promiscuous mode
[  383.281774][ T1337] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.227361][ T1337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  384.239294][ T1337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  384.250038][ T1337] bond0 (unregistering): Released all slaves
[  384.273694][T14965] syzkaller1: entered promiscuous mode
[  384.309464][T14965] syzkaller1: entered allmulticast mode
[  384.504421][T14991] batadv_slave_1: entered promiscuous mode
[  384.520907][T14995] batadv0: entered promiscuous mode
[  384.569409][T14991] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3125'.
[  384.598245][T14944] wg1 speed is unknown, defaulting to 1000
[  384.611446][T14991] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  384.669280][T15003] openvswitch: netlink: Missing key (keys=40, expected=100)
[  384.762896][T14990] batadv0: left promiscuous mode
[  384.785842][T14990] batadv_slave_1: left promiscuous mode
[  384.798184][T15005] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3131'.
[  384.959079][ T1337] hsr_slave_0: left promiscuous mode
[  384.981785][ T1337] hsr_slave_1: left promiscuous mode
[  385.005958][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.013774][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.030634][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.040087][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.092211][ T1337] veth1_macvtap: left promiscuous mode
[  385.099961][ T1337] veth0_macvtap: left promiscuous mode
[  385.106661][ T1337] veth1_vlan: left promiscuous mode
[  385.112218][ T1337] veth0_vlan: left promiscuous mode
[  385.295292][ T5833] Bluetooth: hci2: command tx timeout
[  385.338534][T15037] netlink: 'syz.0.3137': attribute type 10 has an invalid length.
[  385.365434][T15037] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3137'.
[  385.941762][ T1337] team0 (unregistering): Port device team_slave_1 removed
[  385.998894][ T1337] team0 (unregistering): Port device team_slave_0 removed
[  386.596200][T15037] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.607615][T15037] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.622463][T15037] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.631963][T15037] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.651189][T15037] team0: Port device geneve0 added
[  386.774639][   T30] audit: type=1800 audit(1746049283.061:6): pid=15051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3144" name=3564489B0C dev="tmpfs" ino=3309 res=0 errno=0
[  387.026462][T14944] chnl_net:caif_netlink_parms(): no params data found
[  387.378831][ T5833] Bluetooth: hci2: command tx timeout
[  387.437635][T14944] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.445037][T14944] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.452303][T14944] bridge_slave_0: entered allmulticast mode
[  387.486919][T14944] bridge_slave_0: entered promiscuous mode
[  387.514361][T14944] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.533571][T14944] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.550684][T14944] bridge_slave_1: entered allmulticast mode
[  387.559391][T14944] bridge_slave_1: entered promiscuous mode
[  387.693184][T14944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  387.728490][T14944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  387.809063][T14944] team0: Port device team_slave_0 added
[  387.824467][T14944] team0: Port device team_slave_1 added
[  387.904159][T14944] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.922561][T14944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.953726][T14944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.997098][T14944] batman_adv: batadv0: Adding interface: batadv_slave_1
[  388.004079][T14944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.135541][T15121] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3169'.
[  388.152807][T14944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.180404][T15108] wg1 speed is unknown, defaulting to 1000
[  388.260726][   T47] IPVS: starting estimator thread 0...
[  388.269698][T14944] hsr_slave_0: entered promiscuous mode
[  388.277017][T14944] hsr_slave_1: entered promiscuous mode
[  388.283935][T14944] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  388.293897][T14944] Cannot create hsr debugfs directory
[  388.364944][T15127] IPVS: using max 34 ests per chain, 81600 per kthread
[  388.377759][T15126] wg1 speed is unknown, defaulting to 1000
[  388.397605][T15132] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3171'.
[  389.058143][T15148] sch_fq: defrate 2048 ignored.
[  389.273165][T15159] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3180'.
[  389.297526][T15163] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3181'.
[  389.330605][T15159] batadv_slave_1: entered promiscuous mode
[  389.455100][ T5833] Bluetooth: hci2: command tx timeout
[  389.504553][T15169] netlink: 'syz.0.3181': attribute type 4 has an invalid length.
[  389.537747][T15171] netlink: 'syz.2.3183': attribute type 10 has an invalid length.
[  389.591114][T15171] lo: entered promiscuous mode
[  389.622677][T15171] 
: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  389.660562][T15171] 8021q: adding VLAN 0 to HW filter on device 

[  389.681472][T15171] 
: (slave lo): Enslaving as an active interface with an up link
[  389.841653][T14944] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  389.869338][T14944] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  389.892428][T14944] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  389.919336][T15180] netlink: 'syz.1.3186': attribute type 1 has an invalid length.
[  389.953056][T14944] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  390.131030][T15189] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3189'.
[  390.276308][T15194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3192'.
[  390.291957][T14944] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.301684][T15194] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  390.332472][T15194] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  390.344735][T14944] 8021q: adding VLAN 0 to HW filter on device team0
[  390.366380][ T4569] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.373587][ T4569] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.432581][ T4569] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.439838][ T4569] bridge0: port 2(bridge_slave_1) entered forwarding state
[  390.497186][T14944] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  390.730877][T15215] 8021q: VLANs not supported on gre0
[  390.754546][T15217] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  390.770421][T14944] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.535117][ T5833] Bluetooth: hci2: command tx timeout
[  394.201056][T14944] veth0_vlan: entered promiscuous mode
[  394.221077][T15238] netlink: 280 bytes leftover after parsing attributes in process `syz.2.3205'.
[  394.251064][T14944] veth1_vlan: entered promiscuous mode
[  394.431902][T14944] veth0_macvtap: entered promiscuous mode
[  394.449645][T14944] veth1_macvtap: entered promiscuous mode
[  394.497072][T14944] batman_adv: batadv0: Interface activated: batadv_slave_0
[  394.519160][T14944] batman_adv: batadv0: Interface activated: batadv_slave_1
[  394.557075][T14944] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.566383][T14944] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  394.578636][T14944] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  394.587841][T14944] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.794418][T15253] netlink: 'syz.3.3211': attribute type 10 has an invalid length.
[  394.836362][ T1337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.851779][ T1337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  394.929158][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.957400][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.022181][T15284] IPVS: set_ctl: invalid protocol: 51 224.0.0.1:20003
[  398.030380][T15284] IPVS: set_ctl: invalid protocol: 98 10.1.1.1:20003
[  398.824030][T15294] tipc: Started in network mode
[  398.832697][T15294] tipc: Node identity ac1414aa, cluster identity 4711
[  398.841427][T15294] tipc: Enabled bearer <udp:s>, priority 10
[  398.935858][T15317] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3232'.
[  399.179996][ T1337] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.249780][ T1337] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.473171][ T1337] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.533788][ T1337] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.834139][T15335] netlink: 116 bytes leftover after parsing attributes in process `syz.1.3238'.
[  399.914625][ T1337] bridge_slave_1: left allmulticast mode
[  399.948605][ T1337] bridge_slave_1: left promiscuous mode
[  399.955869][ T1337] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.963759][ T1206] tipc: Node number set to 2886997162
[  399.989210][ T1337] bridge_slave_0: left allmulticast mode
[  399.999990][ T1337] bridge_slave_0: left promiscuous mode
[  400.020408][ T1337] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.342515][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  400.354094][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  400.363411][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  400.380361][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  400.389943][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  400.575207][ T5840] Bluetooth: hci4: command 0x0405 tx timeout
[  400.781882][   T30] audit: type=1800 audit(1746049297.061:7): pid=15361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3245" name="memory.events" dev="tmpfs" ino=3376 res=0 errno=0
[  401.331598][T15370] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3249'.
[  401.344715][ T1337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  401.358557][ T1337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  401.370424][ T1337] bond0 (unregistering): Released all slaves
[  402.495144][ T5833] Bluetooth: hci2: command tx timeout
[  404.579561][ T5833] Bluetooth: hci2: command tx timeout
[  404.899423][T15396] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3258'.
[  404.906361][T15397] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3260'.
[  405.042554][T15355] wg1 speed is unknown, defaulting to 1000
[  405.068247][T15400] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3262'.
[  405.101358][T15400] IPVS: Unknown mcast interface: wg0
[  405.211333][ T1337] hsr_slave_0: left promiscuous mode
[  405.221209][ T1337] hsr_slave_1: left promiscuous mode
[  405.236209][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  405.243825][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_0
[  405.259060][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  405.269251][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_1
[  405.308771][ T1337] veth1_macvtap: left promiscuous mode
[  405.314508][ T1337] veth0_macvtap: left promiscuous mode
[  405.321069][ T1337] veth1_vlan: left promiscuous mode
[  405.327791][ T1337] veth0_vlan: left promiscuous mode
[  405.463779][T15414] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[  406.026012][ T1337] team0 (unregistering): Port device team_slave_1 removed
[  406.084428][ T1337] team0 (unregistering): Port device team_slave_0 removed
[  406.655422][ T5833] Bluetooth: hci2: command tx timeout
[  406.906251][T15439] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3270'.
[  406.922807][T15436] sch_fq: defrate 0 ignored.
[  407.153656][T15355] chnl_net:caif_netlink_parms(): no params data found
[  407.228814][T15453] FAULT_INJECTION: forcing a failure.
[  407.228814][T15453] name failslab, interval 1, probability 0, space 0, times 0
[  407.242556][T15453] CPU: 1 UID: 0 PID: 15453 Comm: syz.1.3276 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  407.242584][T15453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  407.242595][T15453] Call Trace:
[  407.242603][T15453]  <TASK>
[  407.242612][T15453]  dump_stack_lvl+0x189/0x250
[  407.242646][T15453]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.242670][T15453]  ? __pfx__printk+0x10/0x10
[  407.242695][T15453]  ? __pfx___might_resched+0x10/0x10
[  407.242709][T15453]  ? fs_reclaim_acquire+0x7d/0x100
[  407.242740][T15453]  should_fail_ex+0x414/0x560
[  407.242771][T15453]  ? alloc_netdev_mqs+0xa6/0x11e0
[  407.242791][T15453]  should_failslab+0xa8/0x100
[  407.242816][T15453]  __kvmalloc_node_noprof+0x168/0x5e0
[  407.242838][T15453]  ? alloc_netdev_mqs+0xa6/0x11e0
[  407.242857][T15453]  ? snprintf+0xda/0x120
[  407.242878][T15453]  ? __pfx_vlan_setup+0x10/0x10
[  407.242895][T15453]  alloc_netdev_mqs+0xa6/0x11e0
[  407.242915][T15453]  ? __pfx_vlan_setup+0x10/0x10
[  407.242928][T15453]  ? __pfx_snprintf+0x10/0x10
[  407.242951][T15453]  rtnl_create_link+0x31f/0xd10
[  407.242985][T15453]  rtnl_newlink_create+0x25c/0xb00
[  407.243010][T15453]  ? __mutex_lock+0x51b/0xe80
[  407.243040][T15453]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  407.243056][T15453]  ? rtnl_newlink+0x8db/0x1c70
[  407.243075][T15453]  ? __pfx___mutex_lock+0x10/0x10
[  407.243108][T15453]  ? ns_capable+0x8a/0xf0
[  407.243129][T15453]  rtnl_newlink+0x16d6/0x1c70
[  407.243171][T15453]  ? __pfx_rtnl_newlink+0x10/0x10
[  407.243190][T15453]  ? is_bpf_text_address+0x26/0x2b0
[  407.243219][T15453]  ? is_bpf_text_address+0x292/0x2b0
[  407.243245][T15453]  ? __lock_acquire+0xaac/0xd20
[  407.243281][T15453]  ? __lock_acquire+0xaac/0xd20
[  407.243323][T15453]  ? is_bpf_text_address+0x26/0x2b0
[  407.243350][T15453]  ? is_bpf_text_address+0x292/0x2b0
[  407.243371][T15453]  ? is_bpf_text_address+0x26/0x2b0
[  407.243401][T15453]  ? aa_get_newest_label+0xf7/0x5d0
[  407.243423][T15453]  ? __lock_acquire+0xaac/0xd20
[  407.243470][T15453]  ? __pfx_rtnl_newlink+0x10/0x10
[  407.243486][T15453]  rtnetlink_rcv_msg+0x7cc/0xb70
[  407.243502][T15453]  ? kasan_save_track+0x4f/0x80
[  407.243522][T15453]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  407.243538][T15453]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  407.243556][T15453]  ? __lock_acquire+0xaac/0xd20
[  407.243592][T15453]  netlink_rcv_skb+0x219/0x490
[  407.243611][T15453]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  407.243630][T15453]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  407.243669][T15453]  ? netlink_deliver_tap+0x2e/0x1b0
[  407.243686][T15453]  ? netlink_deliver_tap+0x2e/0x1b0
[  407.243710][T15453]  netlink_unicast+0x758/0x8d0
[  407.243742][T15453]  netlink_sendmsg+0x805/0xb30
[  407.243768][T15453]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.243790][T15453]  ? aa_sock_msg_perm+0x94/0x160
[  407.243810][T15453]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  407.243829][T15453]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.243847][T15453]  __sock_sendmsg+0x219/0x270
[  407.243876][T15453]  ____sys_sendmsg+0x505/0x830
[  407.243898][T15453]  ? __pfx_____sys_sendmsg+0x10/0x10
[  407.243925][T15453]  ? import_iovec+0x74/0xa0
[  407.243951][T15453]  ___sys_sendmsg+0x21f/0x2a0
[  407.243973][T15453]  ? __pfx____sys_sendmsg+0x10/0x10
[  407.244029][T15453]  ? __fget_files+0x2a/0x420
[  407.244047][T15453]  ? __fget_files+0x3a0/0x420
[  407.244080][T15453]  __x64_sys_sendmsg+0x19b/0x260
[  407.244104][T15453]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  407.244143][T15453]  ? do_syscall_64+0xba/0x210
[  407.244181][T15453]  do_syscall_64+0xf6/0x210
[  407.244205][T15453]  ? clear_bhb_loop+0x45/0xa0
[  407.244226][T15453]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.244242][T15453] RIP: 0033:0x7fe0ecb8e969
[  407.244259][T15453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.244274][T15453] RSP: 002b:00007fe0edaa7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.244293][T15453] RAX: ffffffffffffffda RBX: 00007fe0ecdb5fa0 RCX: 00007fe0ecb8e969
[  407.244306][T15453] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000e
[  407.244317][T15453] RBP: 00007fe0edaa7090 R08: 0000000000000000 R09: 0000000000000000
[  407.244328][T15453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.244339][T15453] R13: 0000000000000000 R14: 00007fe0ecdb5fa0 R15: 00007ffff19bc768
[  407.244370][T15453]  </TASK>
[  407.841886][T15464] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3281'.
[  408.038025][T15459] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3280'.
[  408.079969][T15355] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.087324][T15355] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.094612][T15355] bridge_slave_0: entered allmulticast mode
[  408.109157][T15355] bridge_slave_0: entered promiscuous mode
[  408.118084][T15355] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.125853][T15355] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.133135][T15355] bridge_slave_1: entered allmulticast mode
[  408.152390][T15355] bridge_slave_1: entered promiscuous mode
[  408.255876][T15477] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  408.442339][T15355] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  408.458554][T15355] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  408.504486][T15481] wg1 speed is unknown, defaulting to 1000
[  408.631333][T15355] team0: Port device team_slave_0 added
[  408.708864][T15355] team0: Port device team_slave_1 added
[  408.735145][ T5833] Bluetooth: hci2: command tx timeout
[  409.044211][T15355] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.064573][T15355] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.095393][T15355] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  409.167001][T15355] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.178543][T15355] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.208028][T15355] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.346058][T15355] hsr_slave_0: entered promiscuous mode
[  409.362944][T15355] hsr_slave_1: entered promiscuous mode
[  409.379940][T15355] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  409.407266][T15355] Cannot create hsr debugfs directory
[  409.474486][T15539] FAULT_INJECTION: forcing a failure.
[  409.474486][T15539] name failslab, interval 1, probability 0, space 0, times 0
[  409.538675][T15539] CPU: 1 UID: 0 PID: 15539 Comm: syz.2.3302 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  409.538701][T15539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  409.538710][T15539] Call Trace:
[  409.538718][T15539]  <TASK>
[  409.538726][T15539]  dump_stack_lvl+0x189/0x250
[  409.538758][T15539]  ? __pfx_dump_stack_lvl+0x10/0x10
[  409.538781][T15539]  ? __pfx__printk+0x10/0x10
[  409.538803][T15539]  ? __pfx___might_resched+0x10/0x10
[  409.538824][T15539]  should_fail_ex+0x414/0x560
[  409.538854][T15539]  should_failslab+0xa8/0x100
[  409.538878][T15539]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  409.538907][T15539]  ? __alloc_skb+0x112/0x2d0
[  409.538928][T15539]  __alloc_skb+0x112/0x2d0
[  409.538947][T15539]  netlink_dump+0x245/0xe70
[  409.538965][T15539]  ? trace_contention_end+0x39/0x120
[  409.538983][T15539]  ? __mutex_lock+0x330/0xe80
[  409.539008][T15539]  ? __netlink_lookup+0xbd/0x810
[  409.539026][T15539]  ? __pfx_netlink_dump+0x10/0x10
[  409.539056][T15539]  ? netlink_lookup+0x30/0x200
[  409.539071][T15539]  ? netlink_lookup+0x30/0x200
[  409.539085][T15539]  ? netlink_lookup+0x30/0x200
[  409.539106][T15539]  __netlink_dump_start+0x5cb/0x7e0
[  409.539129][T15539]  xsk_diag_handler_dump+0x183/0x220
[  409.539158][T15539]  ? __pfx_xsk_diag_handler_dump+0x10/0x10
[  409.539182][T15539]  ? __pfx_xsk_diag_dump+0x10/0x10
[  409.539209][T15539]  ? sock_diag_lock_handler+0x19/0x290
[  409.539231][T15539]  ? sock_diag_lock_handler+0x19/0x290
[  409.539253][T15539]  sock_diag_rcv_msg+0x4c9/0x600
[  409.539276][T15539]  netlink_rcv_skb+0x219/0x490
[  409.539292][T15539]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  409.539317][T15539]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  409.539355][T15539]  ? netlink_deliver_tap+0x2e/0x1b0
[  409.539372][T15539]  ? netlink_deliver_tap+0x2e/0x1b0
[  409.539394][T15539]  netlink_unicast+0x758/0x8d0
[  409.539424][T15539]  netlink_sendmsg+0x805/0xb30
[  409.539447][T15539]  ? __pfx_netlink_sendmsg+0x10/0x10
[  409.539466][T15539]  ? aa_sock_msg_perm+0x94/0x160
[  409.539482][T15539]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  409.539498][T15539]  ? __pfx_netlink_sendmsg+0x10/0x10
[  409.539514][T15539]  __sock_sendmsg+0x219/0x270
[  409.539539][T15539]  sock_write_iter+0x258/0x330
[  409.539562][T15539]  ? __pfx_sock_write_iter+0x10/0x10
[  409.539597][T15539]  ? __pfx_aa_file_perm+0x10/0x10
[  409.539622][T15539]  do_iter_readv_writev+0x56b/0x7f0
[  409.539645][T15539]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  409.539671][T15539]  ? bpf_lsm_file_permission+0x9/0x20
[  409.539690][T15539]  ? security_file_permission+0x75/0x290
[  409.539715][T15539]  ? rw_verify_area+0x258/0x650
[  409.539737][T15539]  vfs_writev+0x306/0x9a0
[  409.539759][T15539]  ? vfs_write+0x8d8/0xa90
[  409.539781][T15539]  ? __pfx_vfs_writev+0x10/0x10
[  409.539819][T15539]  ? __fget_files+0x2a/0x420
[  409.539846][T15539]  ? __fget_files+0x3a0/0x420
[  409.539865][T15539]  ? __fget_files+0x2a/0x420
[  409.539894][T15539]  do_writev+0x14d/0x2d0
[  409.539924][T15539]  ? __pfx_do_writev+0x10/0x10
[  409.539949][T15539]  ? do_syscall_64+0xba/0x210
[  409.539975][T15539]  do_syscall_64+0xf6/0x210
[  409.539997][T15539]  ? clear_bhb_loop+0x45/0xa0
[  409.540017][T15539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.540034][T15539] RIP: 0033:0x7f365e78e969
[  409.540050][T15539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.540064][T15539] RSP: 002b:00007f365f6de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  409.540083][T15539] RAX: ffffffffffffffda RBX: 00007f365e9b5fa0 RCX: 00007f365e78e969
[  409.540096][T15539] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  409.540106][T15539] RBP: 00007f365f6de090 R08: 0000000000000000 R09: 0000000000000000
[  409.540116][T15539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.540127][T15539] R13: 0000000000000000 R14: 00007f365e9b5fa0 R15: 00007fffe27f61e8
[  409.540156][T15539]  </TASK>
[  410.838847][T15355] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  410.861980][T15355] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  410.883431][T15355] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  410.922103][T15586] netlink: 148 bytes leftover after parsing attributes in process `syz.2.3319'.
[  410.931642][T15586] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  410.950651][T15355] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  411.168326][T15595] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3322'.
[  411.213097][T15595] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  411.259439][T15595] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  411.398912][T15355] 8021q: adding VLAN 0 to HW filter on device bond0
[  411.451077][T15355] 8021q: adding VLAN 0 to HW filter on device team0
[  411.490947][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.498213][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  411.524524][ T1337] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.531801][ T1337] bridge0: port 2(bridge_slave_1) entered forwarding state
[  411.552170][T15610] FAULT_INJECTION: forcing a failure.
[  411.552170][T15610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  411.570371][T15610] CPU: 0 UID: 0 PID: 15610 Comm: syz.2.3328 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  411.570399][T15610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  411.570410][T15610] Call Trace:
[  411.570417][T15610]  <TASK>
[  411.570425][T15610]  dump_stack_lvl+0x189/0x250
[  411.570451][T15610]  ? __lock_acquire+0xaac/0xd20
[  411.570477][T15610]  ? __pfx_dump_stack_lvl+0x10/0x10
[  411.570513][T15610]  ? __pfx__printk+0x10/0x10
[  411.570530][T15610]  ? __might_fault+0xb0/0x130
[  411.570561][T15610]  should_fail_ex+0x414/0x560
[  411.570591][T15610]  _copy_from_user+0x2d/0xb0
[  411.570613][T15610]  ___sys_recvmsg+0x12e/0x510
[  411.570637][T15610]  ? __pfx____sys_recvmsg+0x10/0x10
[  411.570676][T15610]  ? __fget_files+0x3a0/0x420
[  411.570706][T15610]  do_recvmmsg+0x307/0x760
[  411.570733][T15610]  ? __pfx_do_recvmmsg+0x10/0x10
[  411.570793][T15610]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  411.570822][T15610]  __x64_sys_recvmmsg+0x190/0x240
[  411.570837][T15610]  ? rcu_is_watching+0x15/0xb0
[  411.570860][T15610]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  411.570883][T15610]  ? do_syscall_64+0xba/0x210
[  411.570907][T15610]  do_syscall_64+0xf6/0x210
[  411.570930][T15610]  ? clear_bhb_loop+0x45/0xa0
[  411.570951][T15610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.570967][T15610] RIP: 0033:0x7f365e78e969
[  411.570982][T15610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.570995][T15610] RSP: 002b:00007f365f6de038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  411.571011][T15610] RAX: ffffffffffffffda RBX: 00007f365e9b5fa0 RCX: 00007f365e78e969
[  411.571021][T15610] RDX: 000000000000000a RSI: 0000200000000d80 RDI: 0000000000000003
[  411.571030][T15610] RBP: 00007f365f6de090 R08: 0000000000000000 R09: 0000000000000000
[  411.571039][T15610] R10: 0000000000010162 R11: 0000000000000246 R12: 0000000000000001
[  411.571050][T15610] R13: 0000000000000000 R14: 00007f365e9b5fa0 R15: 00007fffe27f61e8
[  411.571080][T15610]  </TASK>
[  411.863269][T15617] 8021q: VLANs not supported on 

[  411.961898][T15623] netlink: 'syz.0.3330': attribute type 10 has an invalid length.
[  411.992260][T15623] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3330'.
[  412.115113][T15630] batadv_slave_1: left promiscuous mode
[  412.145396][T15630] mac80211_hwsim hwsim42 wlan9: entered allmulticast mode
[  412.208524][T15355] 8021q: adding VLAN 0 to HW filter on device batadv0
[  412.672875][T15355] veth0_vlan: entered promiscuous mode
[  412.695580][T15355] veth1_vlan: entered promiscuous mode
[  412.789235][T15355] veth0_macvtap: entered promiscuous mode
[  412.804598][T15355] veth1_macvtap: entered promiscuous mode
[  412.841556][T15355] batman_adv: batadv0: Interface activated: batadv_slave_0
[  412.860905][T15355] batman_adv: batadv0: Interface activated: batadv_slave_1
[  412.882280][T15355] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  412.896538][T15355] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  412.910860][T15355] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  412.920886][T15355] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  415.518167][T15649] netlink: 'syz.0.3337': attribute type 10 has an invalid length.
[  415.579544][T15655] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3339'.
[  415.593851][ T3533] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.602909][ T3533] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.654607][T15657] netlink: 'syz.2.3339': attribute type 1 has an invalid length.
[  415.824903][ T1337] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.858750][ T1337] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.940245][T15663] FAULT_INJECTION: forcing a failure.
[  415.940245][T15663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  415.984435][T15663] CPU: 1 UID: 0 PID: 15663 Comm: syz.3.3341 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  415.984463][T15663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  415.984474][T15663] Call Trace:
[  415.984482][T15663]  <TASK>
[  415.984490][T15663]  dump_stack_lvl+0x189/0x250
[  415.984519][T15663]  ? __lock_acquire+0xaac/0xd20
[  415.984546][T15663]  ? __pfx_dump_stack_lvl+0x10/0x10
[  415.984568][T15663]  ? __pfx__printk+0x10/0x10
[  415.984585][T15663]  ? __might_fault+0xb0/0x130
[  415.984617][T15663]  should_fail_ex+0x414/0x560
[  415.984648][T15663]  _copy_from_user+0x2d/0xb0
[  415.984678][T15663]  ___sys_sendmsg+0x158/0x2a0
[  415.984701][T15663]  ? __pfx____sys_sendmsg+0x10/0x10
[  415.984760][T15663]  ? __fget_files+0x2a/0x420
[  415.984777][T15663]  ? __fget_files+0x3a0/0x420
[  415.984801][T15663]  __x64_sys_sendmsg+0x19b/0x260
[  415.984823][T15663]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  415.984855][T15663]  ? do_syscall_64+0xba/0x210
[  415.984879][T15663]  do_syscall_64+0xf6/0x210
[  415.984900][T15663]  ? clear_bhb_loop+0x45/0xa0
[  415.984918][T15663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.984933][T15663] RIP: 0033:0x7fb1e4b8e969
[  415.984948][T15663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.984963][T15663] RSP: 002b:00007fb1e5a09038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  415.984981][T15663] RAX: ffffffffffffffda RBX: 00007fb1e4db5fa0 RCX: 00007fb1e4b8e969
[  415.984994][T15663] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000003
[  415.985005][T15663] RBP: 00007fb1e5a09090 R08: 0000000000000000 R09: 0000000000000000
[  415.985015][T15663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  415.985023][T15663] R13: 0000000000000000 R14: 00007fb1e4db5fa0 R15: 00007ffc8c8a9928
[  415.985052][T15663]  </TASK>
[  418.622903][T15673] netlink: 'syz.0.3345': attribute type 2 has an invalid length.
[  418.631371][T15673] netlink: 'syz.0.3345': attribute type 8 has an invalid length.
[  418.652690][T15673] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3345'.
[  419.731581][T15696] siw: device registration error -23
[  422.091773][   T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.442792][   T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.586182][   T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.674063][   T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.697431][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  422.708982][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  422.718054][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  422.728835][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  422.740829][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  422.814435][T15718] wg1 speed is unknown, defaulting to 1000
[  422.820479][   T36] bridge_slave_1: left allmulticast mode
[  422.820536][   T36] bridge_slave_1: left promiscuous mode
[  422.820730][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.841528][   T36] bridge_slave_0: left allmulticast mode
[  422.847969][   T36] bridge_slave_0: left promiscuous mode
[  422.853728][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.540349][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  423.563937][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  423.573566][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  423.586146][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  423.594019][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  423.614498][T15740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3363'.
[  423.623855][T15740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3363'.
[  423.777732][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  423.791682][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  423.802423][   T36] bond0 (unregistering): Released all slaves
[  423.829514][T15736] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  423.963542][T15737] wg1 speed is unknown, defaulting to 1000
[  424.141680][T15746] 8021q: VLANs not supported on ip_vti0
[  424.222245][T15755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3368'.
[  424.368158][T15760] netlink: 'syz.0.3369': attribute type 1 has an invalid length.
[  424.489529][T15765] bond1: (slave ip6gretap3): Enslaving as a backup interface with an up link
[  424.539686][   T36] hsr_slave_0: left promiscuous mode
[  424.550516][   T36] hsr_slave_1: left promiscuous mode
[  424.553515][T15769] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3372'.
[  424.556793][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  424.572922][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  424.584586][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  424.592666][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  424.633371][   T36] veth1_macvtap: left promiscuous mode
[  424.639892][T15775] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  424.645006][   T36] veth0_macvtap: left promiscuous mode
[  424.655215][   T36] veth1_vlan: left promiscuous mode
[  424.662673][   T36] veth0_vlan: left promiscuous mode
[  424.816119][ T5833] Bluetooth: hci2: command tx timeout
[  425.031049][T15785] SET target dimension over the limit!
[  425.540160][   T36] team0 (unregistering): Port device team_slave_1 removed
[  425.597501][   T36] team0 (unregistering): Port device team_slave_0 removed
[  425.619937][ T5833] Bluetooth: hci4: command tx timeout
[  426.153833][T15760] 8021q: adding VLAN 0 to HW filter on device bond1
[  426.156904][ T8673] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  426.180444][T15765] veth3: entered promiscuous mode
[  426.190234][T15765] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  426.266420][T15718] chnl_net:caif_netlink_parms(): no params data found
[  426.285908][ T8673] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  426.611056][T15737] chnl_net:caif_netlink_parms(): no params data found
[  426.713443][T15718] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.752015][T15718] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.771935][T15718] bridge_slave_0: entered allmulticast mode
[  426.791956][T15718] bridge_slave_0: entered promiscuous mode
[  426.805106][T15811] netlink: 'syz.2.3383': attribute type 5 has an invalid length.
[  426.810992][T15718] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.823823][T15718] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.835003][T15718] bridge_slave_1: entered allmulticast mode
[  426.842739][T15718] bridge_slave_1: entered promiscuous mode
[  426.882550][T15809] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  426.913519][ T5833] Bluetooth: hci2: command tx timeout
[  426.959718][T15811] ip6erspan0: entered promiscuous mode
[  427.195809][T15718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  427.218935][T15718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  427.391317][T15842] netlink: 'syz.0.3391': attribute type 12 has an invalid length.
[  427.406584][T15842] netlink: 'syz.0.3391': attribute type 12 has an invalid length.
[  427.414590][T15842] netlink: 'syz.0.3391': attribute type 12 has an invalid length.
[  427.424494][T15737] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.444565][T15737] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.459589][T15737] bridge_slave_0: entered allmulticast mode
[  427.481865][T15737] bridge_slave_0: entered promiscuous mode
[  427.506730][T15849] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3394'.
[  427.517304][T15737] bridge0: port 2(bridge_slave_1) entered blocking state
[  427.524488][T15737] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.561803][T15737] bridge_slave_1: entered allmulticast mode
[  427.574618][T15737] bridge_slave_1: entered promiscuous mode
[  427.602934][T15718] team0: Port device team_slave_0 added
[  427.614332][T15718] team0: Port device team_slave_1 added
[  427.697159][ T5833] Bluetooth: hci4: command tx timeout
[  427.721130][T15737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  427.734650][T15859] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3398'.
[  427.757790][T15737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  427.777005][T15718] batman_adv: batadv0: Adding interface: batadv_slave_0
[  427.784632][T15718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  427.786704][T15857] netlink: 'syz.0.3397': attribute type 9 has an invalid length.
[  427.819274][T15718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  427.819729][T15857] netlink: 'syz.0.3397': attribute type 1 has an invalid length.
[  427.847240][T15857] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.3397'.
[  427.848095][T15863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3397'.
[  427.926329][T15718] batman_adv: batadv0: Adding interface: batadv_slave_1
[  427.944941][T15718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  427.985414][T15718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  428.006142][T15737] team0: Port device team_slave_0 added
[  428.034328][T15737] team0: Port device team_slave_1 added
[  428.035040][T15867] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3399'.
[  428.258412][T15718] hsr_slave_0: entered promiscuous mode
[  428.272815][T15718] hsr_slave_1: entered promiscuous mode
[  428.287196][T15718] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  428.310626][T15718] Cannot create hsr debugfs directory
[  428.320428][T15737] batman_adv: batadv0: Adding interface: batadv_slave_0
[  428.328908][T15737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  428.355980][T15737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  428.452184][T15737] batman_adv: batadv0: Adding interface: batadv_slave_1
[  428.463175][T15737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  428.490569][T15737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  428.559966][T15878] veth0_to_team: left allmulticast mode
[  428.655873][T15889] netlink: 'syz.3.3403': attribute type 16 has an invalid length.
[  428.663898][T15889] netlink: 'syz.3.3403': attribute type 17 has an invalid length.
[  428.679667][T15737] hsr_slave_0: entered promiscuous mode
[  428.689483][T15737] hsr_slave_1: entered promiscuous mode
[  428.697578][T15737] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  428.708544][T15737] Cannot create hsr debugfs directory
[  428.767491][T15889] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  428.976156][ T5833] Bluetooth: hci2: command tx timeout
[  429.775277][ T5833] Bluetooth: hci4: command tx timeout
[  430.015937][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  431.023696][   T36] 
 (unregistering): (slave lo): Releasing backup interface
[  431.031688][   T36] 
 (unregistering): (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  431.044369][   T36] 
 (unregistering): Released all slaves
[  431.054959][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  431.118365][   T36] tipc: Left network mode
[  431.462167][   T36] ------------[ cut here ]------------
[  431.468026][   T36] kernel BUG at net/8021q/vlan.c:99!
[  431.473362][   T36] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  431.479616][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.15.0-rc3-syzkaller-00644-gdeeed351e982 #0 PREEMPT(full) 
[  431.491616][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  431.501671][   T36] Workqueue: netns cleanup_net
[  431.506439][   T36] RIP: 0010:unregister_vlan_dev+0x4da/0x4e0
[  431.512323][   T36] Code: f7 e8 fa 4e 91 f7 e9 e7 fe ff ff e8 80 59 2f f7 48 c7 c7 40 90 50 8f 4c 89 ee e8 a1 d7 5c fa e9 c4 fd ff ff e8 67 59 2f f7 90 <0f> 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  431.531927][   T36] RSP: 0018:ffffc90000ad77f8 EFLAGS: 00010293
[  431.537995][   T36] RAX: ffffffff8a906419 RBX: ffff8880694be000 RCX: ffff888141aa1e00
[  431.545965][   T36] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  431.553933][   T36] RBP: 0000000000000001 R08: ffffffff8f2f3de7 R09: 1ffffffff1e5e7bc
[  431.561900][   T36] R10: dffffc0000000000 R11: fffffbfff1e5e7bd R12: ffff888054fb4000
[  431.569870][   T36] R13: ffffc90000ad7900 R14: ffff8880694be428 R15: 0000000000000000
[  431.577844][   T36] FS:  0000000000000000(0000) GS:ffff8881261c4000(0000) knlGS:0000000000000000
[  431.586768][   T36] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  431.593347][   T36] CR2: 000000110c3c6174 CR3: 0000000031874000 CR4: 00000000003526f0
[  431.601349][   T36] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  431.609324][   T36] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  431.617293][   T36] Call Trace:
[  431.620591][   T36]  <TASK>
[  431.623520][   T36]  ? __pfx_unregister_vlan_dev+0x10/0x10
[  431.629152][   T36]  default_device_exit_batch+0x766/0x890
[  431.634785][   T36]  ? __pfx___might_resched+0x10/0x10
[  431.640072][   T36]  ? __pfx_default_device_exit_batch+0x10/0x10
[  431.646223][   T36]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  431.651680][   T36]  ? net_generic+0x1e/0x240
[  431.656185][   T36]  ? __pfx_default_device_exit_batch+0x10/0x10
[  431.662338][   T36]  ops_undo_list+0x522/0x990
[  431.666929][   T36]  ? __pfx_ops_undo_list+0x10/0x10
[  431.672035][   T36]  cleanup_net+0x4c5/0x8a0
[  431.676444][   T36]  ? __pfx_cleanup_net+0x10/0x10
[  431.681384][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  431.686576][   T36]  ? process_scheduled_works+0x9ec/0x17a0
[  431.692298][   T36]  ? process_scheduled_works+0x9ec/0x17a0
[  431.698024][   T36]  process_scheduled_works+0xadb/0x17a0
[  431.703580][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  431.709569][   T36]  worker_thread+0x8a0/0xda0
[  431.714154][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  431.720480][   T36]  ? __kthread_parkme+0x7b/0x200
[  431.725417][   T36]  kthread+0x70e/0x8a0
[  431.729480][   T36]  ? __pfx_worker_thread+0x10/0x10
[  431.734586][   T36]  ? __pfx_kthread+0x10/0x10
[  431.739174][   T36]  ? __pfx_kthread+0x10/0x10
[  431.743760][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  431.748952][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.754148][   T36]  ? __pfx_kthread+0x10/0x10
[  431.758738][   T36]  ret_from_fork+0x4b/0x80
[  431.763237][   T36]  ? __pfx_kthread+0x10/0x10
[  431.767854][   T36]  ret_from_fork_asm+0x1a/0x30
[  431.772642][   T36]  </TASK>
[  431.775664][   T36] Modules linked in:
[  431.780071][   T36] ---[ end trace 0000000000000000 ]---
[  431.786544][   T36] RIP: 0010:unregister_vlan_dev+0x4da/0x4e0
[  431.792481][   T36] Code: f7 e8 fa 4e 91 f7 e9 e7 fe ff ff e8 80 59 2f f7 48 c7 c7 40 90 50 8f 4c 89 ee e8 a1 d7 5c fa e9 c4 fd ff ff e8 67 59 2f f7 90 <0f> 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  431.812204][   T36] RSP: 0018:ffffc90000ad77f8 EFLAGS: 00010293
[  431.818365][   T36] RAX: ffffffff8a906419 RBX: ffff8880694be000 RCX: ffff888141aa1e00
[  431.826422][   T36] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  431.834482][   T36] RBP: 0000000000000001 R08: ffffffff8f2f3de7 R09: 1ffffffff1e5e7bc
[  431.842689][   T36] R10: dffffc0000000000 R11: fffffbfff1e5e7bd R12: ffff888054fb4000
[  431.850744][   T36] R13: ffffc90000ad7900 R14: ffff8880694be428 R15: 0000000000000000
[  431.859515][   T36] FS:  0000000000000000(0000) GS:ffff8881261c4000(0000) knlGS:0000000000000000
[  431.868543][   T36] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  431.875273][   T36] CR2: 000000110c3c6174 CR3: 0000000031636000 CR4: 00000000003526f0
[  431.883272][   T36] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  431.891291][   T36] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  431.899494][   T36] Kernel panic - not syncing: Fatal exception
[  431.905833][   T36] Kernel Offset: disabled
[  431.910152][   T36] Rebooting in 86400 seconds..