last executing test programs:

1m9.130569124s ago: executing program 0 (id=3271):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
accept4$alg(r1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

58.625151889s ago: executing program 0 (id=3271):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
accept4$alg(r1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

45.642145006s ago: executing program 0 (id=3271):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
accept4$alg(r1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

33.494498813s ago: executing program 0 (id=3271):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
accept4$alg(r1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

22.275080281s ago: executing program 0 (id=3271):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
accept4$alg(r1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

11.160138519s ago: executing program 0 (id=3271):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
accept4$alg(r1, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

2.321471849s ago: executing program 1 (id=4345):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002200)={'wlan1\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002520702500000000690000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r2}, 0x10)
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00e7ff", @ANYRESDEC, @ANYBLOB="0100000000000200000098000000080003002bc0b703e67008c5717aa0b7f8a992bc590f93529c6f876da63415e45aafe80389661f1bcac3328038a70141f225791471d439059dd20c6552686d40c64845769b369c81ffa59130204d600c", @ANYRES32=r1, @ANYRES8=r2], 0x2c}, 0x1, 0x0, 0x0, 0x4a031}, 0x0)

2.211710886s ago: executing program 1 (id=4348):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002a0001000000000000000000040100800c00b9000000000000000000140001000000000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d94f1dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d97adf9e99f079767734f69ce475f55ac64337803f5ac015842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"], 0x114}], 0x1}, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f00000001c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x32)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000)={0x0, <r5=>0x0}, &(0x7f0000000040)=0x5)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@ipv6_delrule={0x28, 0x21, 0x121, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_UID_RANGE={0xc, 0x18, {r5, 0xffffffffffffffff}}]}, 0x28}}, 0x0)
r6 = accept$ax25(0xffffffffffffffff, &(0x7f0000000300)={{0x3, @netrom}, [@bcast, @rose, @bcast, @default, @bcast, @default, @netrom]}, &(0x7f00000000c0)=0x48)
setsockopt$ax25_SO_BINDTODEVICE(r6, 0x101, 0x19, &(0x7f0000000180)=@netrom={'nr', 0x0}, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000008000000080009000200000008000b"], 0x24}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b03000000000000140012800b00010067656e65766500000400028008000a00", @ANYRES32], 0x3c}}, 0x0)

2.159841975s ago: executing program 3 (id=4349):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x40000}, 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x22020400)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001300)={0x40, r5, 0x1, 0x0, 0x2, {0x2, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'team_slave_0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x40}, 0x1, 0x40030000000000}, 0x40080)
connect$rose(r3, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f00000007c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, r7, 0x313, 0x4}, 0x14}}, 0xc804)
sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r7, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xfc}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}]}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000009c0)={0x0, 0x7a, &(0x7f0000000100)={&(0x7f00000002c0)=@newtaction={0x4c, 0x1e, 0x109, 0x0, 0x0, {}, [{0x38, 0x1, [@m_mirred={0x34, 0x8, 0x0, 0x0, {{0xb, 0x9}, {0x4}, {0x6, 0x6, "0300"}, {0xc}, {0xc}}}]}]}, 0x4c}, 0x1, 0x2b1e}, 0x0)
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x54, 0x1, [@m_sample={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x300, 0xfffffffe, 0xffffffffffffffff}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x4}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
setsockopt$packet_rx_ring(r10, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r12 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r12, 0x8914, &(0x7f0000000500)={'syzkaller1\x00', @link_local})
write$tun(r11, &(0x7f0000000540)=ANY=[@ANYBLOB="000087dd0003110004"], 0x7a)
syz_genetlink_get_family_id$fou(&(0x7f0000000840), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r9, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.010248201s ago: executing program 4 (id=4351):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0xe400, &(0x7f0000000080)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x400}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x30, 0x3, "5fad843dc5c1efe84ced18d4422d5b0b86e8441958d3d2ea41149f1e55359af069a2a5e039ccf56f068a5a0b"}, @NFTA_TARGET_NAME={0x9, 0x1, 'SNAT\x00'}, @NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.904646863s ago: executing program 2 (id=4352):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000711229000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x4}]}, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xf, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000020000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000008000000bf0908000000000000000000000800009500000000000000bc91100000090000b70262020000000085000000ba000000b700005813011ce0acdf00000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4dbf934477770d5d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000063015fba0000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000000, @void, @value}, 0x94)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)

1.815745364s ago: executing program 1 (id=4353):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000001500)={0x2c, r1, 0x1, 0x0, 0x0, {0x22}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x2c}}, 0x0)
sendmsg$inet(r0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x2c081)

1.766672911s ago: executing program 2 (id=4354):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r0, &(0x7f00000085c0)=[{{&(0x7f0000000240)=@l2tp6={0xa, 0x0, 0xfffffff7, @ipv4={'\x00', '\xff\xff', @remote}, 0x77b, 0x4}, 0x80, 0x0}}, {{&(0x7f0000000580)=@xdp={0x2c, 0xb, 0x0, 0x12}, 0x80, 0x0}}], 0x2, 0x40)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x62, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd600a0100002c2b0000000000000000000000000000000000fe8000000000000000000000000000aa3a020201"], 0x0)

1.674747959s ago: executing program 4 (id=4355):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb01001800000000aa42d23283000000140000001400000008000000000000000100621a0000000004000000010000000000005f415f1000"], 0x0, 0x34, 0x0, 0x1, 0x1, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x4, 0x8, 0x20, 0x107, 0x42008, 0xffffffffffffffff, 0x3, '\x00', 0x0, r0, 0x5, 0x5, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$inet(0xa, 0x6, 0x7)
unshare(0x2000400)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, 0x0, 0x0)
listen(r2, 0x10008)
r4 = accept4(r2, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000000280), 0x8)
bind$unix(r1, &(0x7f0000003000)=@file={0x1}, 0x6e)
bind$unix(r1, &(0x7f0000003000)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x64}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xa0}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000dc0)=@flushpolicy={0x24, 0x1d, 0x800, 0x70bd27, 0x25dfdbfe, "", [@coaddr={0x14, 0xe, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x4001)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00'})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x89fb, &(0x7f0000000900)={'bond0\x00', @random="0600002000"})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newqdisc={0x68, 0x14, 0xf0b, 0x0, 0x8, {0x2, 0x0, 0x0, 0x0, {0xfff1}, {0x3}, {0x4, 0x6}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x0, 0x0, 0xa, 0x0, 0x0, 0x7e}}, {0x4}}, {{0x1c, 0x1, {0xa, 0x8, 0xc, 0x88, 0x0, 0x0, 0x5}}, {0x4}}]}]}, 0x68}}, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4000})
ioctl$TUNSETLINK(r7, 0x400454cd, 0x207)
close(r5)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r9, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x34, r10, 0x303, 0x0, 0x0, {0x2a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
getsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180), 0x10)

1.639403065s ago: executing program 1 (id=4356):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x1000000, &(0x7f000005ffe4)={0xa, 0x4e23, 0xfff, @loopback}, 0x1c)

1.602831201s ago: executing program 3 (id=4357):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r1=>0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@ipv6_delrule={0x28, 0x21, 0x121, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_UID_RANGE={0xc, 0x18, {r1, 0xffffffffffffffff}}]}, 0x28}}, 0x0)

1.314794592s ago: executing program 4 (id=4358):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4008094)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0xa00)

1.283321677s ago: executing program 2 (id=4359):
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000e80)="632a1eb3f0c0d7e1f3e8d83e8279b7e98f2a563510c1fcfd07c0d1e58d723f809bb0322337f15e8d329d0926517a3148030a1d29dd671ac729d9cef6e520827a2201ccd77c7dc703e9116d512859f12dceb0dad478a2369aba7403b262e45c11c1290b59d473d3beb8d3a31bc7f5dcd1a708ed0be6f4770112b98b16c93db109594b2a4b04efb89f5ef215ff6d9d93fb8edbcf8d1c62b39759c68e1a184914791d5462c363b80e38ea6cd8556c46c6252445e967b63edceb1040badab4eef2ef162c734cb8052dabd2bfedbdfd0b22bdc6b9dc0fca9b566b32c4dc85d26161877f60652000000031ae091ccaa53c0faf409dee0d109e684a93bc32e715052d24d7349df7bdaa7aea658d7b0a53376ca1c71ad1a878ceacf5ce8a8c64ace50f4d18f1027b9efc61a4b4a61e4b323fad5c47e4341c1292d0d1c1e15582399572a3f2983e1a15eb78767b87da6d3da400d215326419919de0df00007736000000000000000000edd0c789d37a7dcf3f5b8c9aa5329c38e2ed4c0fe3a0eae2a169c0322b4e5b96dd251a4477da4961b81a965463617e444bfac080d03ac4fbf2d0c40e22aed01bea5ce1b4ca5e0b249366f1b777a13fcfad3d0a047371d2169230d0d0597e10f58c8e2b20cf205740044c15fab6d52121b0a6b2c122096848d4e29e968e20c1615b1e11c61d8e0c58fe667224e89b83ef29e04c0c6fdf73c50bf051d8651613e5bf65f9e91a91f5ce1080bcbad3aa36f82e9d367cb537444e25cdc8c21b60216d540ac605f39e02950b5af27d81a80cddc1a96754465fe43887165f7dc70939eefaf15dce85857c9329b2bbdcf10f5c85f110a42bcc3489b45f3ffd8a8fadf90cf9a6e35674a89b740ddc", 0x26f}, {&(0x7f0000000580)="1eac4d20f8509e8f36d2842c8fae7bbe58c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d0558de77df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bbbe0131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d964b0161c1856697820eb52f55c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d09d0f74e180df6eaa94651336e7713414e49956fcb68a973e8239e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fbe071de646385dcf5cb7adf1ec70baef4061d2da93d2f5eef8b1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c109db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab58978eb8b269ba2ef764d4505ed495fe156f0dcbb79d177e4f0b476", 0x212}], 0x2, 0x0, 0x0, 0x4090}, 0x0)
sendmsg$alg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
read$alg(r0, &(0x7f0000003780)=""/4096, 0x1000)

1.231743634s ago: executing program 2 (id=4360):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002a0001000000000000000000040100800c00b9000000000000000000140001000000000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d94f1dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d97adf9e99f079767734f69ce475f55ac64337803f5ac015842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"], 0x114}], 0x1}, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f00000001c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x32)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000)={0x0, <r5=>0x0}, &(0x7f0000000040)=0x5)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@ipv6_delrule={0x28, 0x21, 0x121, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_UID_RANGE={0xc, 0x18, {r5, 0xffffffffffffffff}}]}, 0x28}}, 0x0)
r6 = accept$ax25(0xffffffffffffffff, &(0x7f0000000300)={{0x3, @netrom}, [@bcast, @rose, @bcast, @default, @bcast, @default, @netrom]}, &(0x7f00000000c0)=0x48)
setsockopt$ax25_SO_BINDTODEVICE(r6, 0x101, 0x19, &(0x7f0000000180)=@netrom={'nr', 0x0}, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000080009000200000008000b"], 0x24}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b03000000000000140012800b00010067656e65766500000400028008000a00", @ANYRES32], 0x3c}}, 0x0)

1.187067701s ago: executing program 3 (id=4361):
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a0000000000080017"], 0x3c}}, 0x0)
syz_emit_ethernet(0xfc0, &(0x7f0000007940)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60f8a000000400000000000001200ffffe0000012fe8000000000000000000000000000aa8400000000000000223427d5c9a46b9f2e505b0c0a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386c020000000000000017fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b653d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b5295e93496a6fdf5af8122257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087aec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d44dee62c4fc1007bc5b0ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7"], 0x0)

1.032911898s ago: executing program 3 (id=4362):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSL2CALL(r0, 0x89e2, &(0x7f0000000000)=@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x558, 0x0, 0x0, 0x1a8, 0x3d8, 0x1a8, 0x4c0, 0x4c0, 0x4c0, 0x4c0, 0x4c0, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x20}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@osf={{0x50}, {'syz1\x00'}}]}, @TTL={0x28}}, {{@uncond, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@set={{0x40}}, @common=@ah={{0x30}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@remote}}}, {{@ip={@multicast1, @private, 0x0, 0x0, 'pim6reg0\x00', 'erspan0\x00'}, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x5b8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002280)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x40}}, 0x44800)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80000)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmmsg$inet(r4, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="040000549abebd0008eaffff0000000080ffff00", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r6, 0x26, 0x25, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800ff0018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000300)='GPL\x00', 0x4, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x90)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x13, 0x0, 0x2, 0x0, {0xa, 0x4e20, 0x10001, @local, 0x5}}}, 0x32)

947.766445ms ago: executing program 2 (id=4363):
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x20088c4)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000ef0000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$inet(0x2, 0x3, 0x9)
shutdown(r2, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)="0bc3", 0x2}, {&(0x7f0000000000)='G', 0x1}, {&(0x7f0000000240)='\x00\x00', 0x2}], 0x3)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="144e560000003700010324bd7002f9dbdf250600"], 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x40)
sendmsg$NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000900)={&(0x7f00000009c0)=ANY=[@ANYBLOB="f8020000d7b1ab912cb5670d528125ea245ae405bc04d504b080eb6ca360a81b582546dc2b624ac09e3b3a54086581e3c676f05bb10fe786ae84cd171292f5c42be29b9b3f957e105e44f8a49fe7e437d61646973df28a0115b9bc974df97fab06401b9122429c24488d68f4a694ceaee8522df02a809163d4171a6475f63415ca0546347fd1bce17f25f3c70ac6b1513d7ea81ef41233b17326412a84113a810913edbc140d61fac6b1b888e6b14b1d5f7ccfb1f1fedffdbbbc884231e260d78ebefe3d07abdfe370451a1861f6c32f0d5fe4d377", @ANYRES16=0x0, @ANYBLOB="100827bd7000fcdbdf2502000000b4000c801c000b8008000a00565b000008000900fb83a82608000a0099b600000c000b8008000900dc07ba601c000b8008000a009786000008000a002841000008000900d00bdd641c000b80080009003054914208000900e20a383f08000900d9dc080d44000b8008000a009bc70000080009002630c10808000900c9316a2b080009001045f12c08000900035ae50308000a00256a000008000a00000000000800090055e338090c000b80080009005ea9532054010c8024000b8008000a00c047000008000900b412a11208000900f166647f080009006300cb1e14000b8008000900ba9e407d08000900aeab2d7614000b8008000900b007c63e08000a006b7400000c000b800800090086ecbe231c000b80080009008007a42f08000a007f97000008000a0079de00004c000b8008000a002093000008000a00a714000008000a003aba000008000900b0d9266e08000a00d4770000080009003da4266408000a009444000008000a00a435000008000a001c2a000044000b8008000900e3264f0d080009000855ed1d08000a0029fc0000080009002369070708000a00d62f000008000900256ec20c080009005be1ec0f08000a009b1d00002c000b8008000900f9a9887208000a001630000008000900ed68403f0800090017c4006e08000a000e1b000014000b8008000a00c7c30000080009001b24a71a0c000b8008000900a3a8f81f08000100ffffffff0800020002000000a8000c8024000b8008000a00462700000800090016ed506c08000a004b1600000800090091788e1934000b800800090087c0d04608000900f615dc140800090079f10e5408000a00ca1f00000800090024014c74080009007fc2c6004c000b8008000a00dcd00000080009008fc74e29080009009321387508000a00ab10000008000900bf4d774108000a002f65000008000a00be9d000008000a008aab0000080009001811662a140004800500030004000000050003000500000008000200030000000800010003000000"], 0x2f8}, 0x1, 0x0, 0x0, 0x40000}, 0x20000041)
syz_genetlink_get_family_id$l2tp(&(0x7f00000001c0), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000980)=ANY=[@ANYRES16=r3], 0x24}}, 0x1)
sendmsg$L2TP_CMD_TUNNEL_GET(r5, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4571d7ce", @ANYRES16=0x0, @ANYBLOB="000229bd7000fddbdf250400000005000d000100000006000e000500000008001900ac1414bb"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000480)={r1, &(0x7f00000003c0)="e92b8d1e8a0ba238bc562de22a36c00fe46e06b76a63b1550b27f5ddd5a098398a8e697a4eb9b49a206674dd48c10cd87ee7833fe4c37e860d12a2848963f2158f7ee7edf78102063341c1eb", &(0x7f0000000280)=""/18, 0x4}, 0x20)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r8, &(0x7f00000003c0)='@', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x7b, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f00000000c0)={r10, @in6={{0xa, 0x4e23, 0x200, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffff}}}, &(0x7f0000000180)=0x9c)
getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000004c0)={r10, 0x6}, &(0x7f0000000500)=0x8)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000540), r11)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="0100000000000000000001e9ffffffffffff0141"], 0x30}}, 0x0)

870.462197ms ago: executing program 3 (id=4364):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000711229000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x4}]}, &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xf, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000020000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000008000000bf0908000000000000000000000800009500000000000000bc91100000090000b70262020000000085000000ba000000b700005813011ce0acdf00000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4dbf934477770d5d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000063015fba0000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000000, @void, @value}, 0x94)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)

673.759978ms ago: executing program 3 (id=4365):
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)={@fallback, 0xffffffffffffffff, 0x17, 0x0, 0x0, @void, @value}, 0x20)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000003940), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r3, &(0x7f0000003bc0)={0x0, 0x0, &(0x7f0000003b80)={&(0x7f0000003980)={0x58, r4, 0x11, 0x0, 0x0, {0x34}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0)
connect$bt_sco(r2, &(0x7f0000000000), 0x8)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
r5 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r5, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, 0x0}, 0x0)

546.892284ms ago: executing program 1 (id=4366):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0x4, 0x2}, 0x6)
r2 = socket(0x2, 0x80805, 0x0)
setsockopt(r2, 0xc0000, 0x40, &(0x7f0000001340)="41c3391d056713273812cdb32383d07c11491e5e6b64805249ad649702a59a1ca365ef30e423c96215b7ef00c59b88f8e09ac438fd2d662e4503994c802537227d7ea2a8638e2cf9a1859a2b9b0bc95b199f239af9ed062cf7fea2d37645207b608dbe5087a4597f031687e409e8a13e586bd7242c130e57de83c8d9a7b79874e444ab3c05d80512844544bddb74d305ce17f5150cbc9c2a7f7144792114627908899e9a9d0e833581027f4fd905b30fd0aa0e374732a4fe415d4ded74b23514b3f33932c70e1016094b7f54ea9f42004bad97c2cfb55d058d5a4eb544389b2e51c73a9a008835d32fb396a6b717989e8c3c88", 0xf3)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000001200)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x39}}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x25}}, @in6={0xa, 0x4e23, 0x0, @empty, 0x2}, @in6={0xa, 0x4e23, 0x3ff, @local, 0xfff}], 0x58)
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, &(0x7f00000010c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, 0x0, 0x0, 0x0)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="5300000002"], 0x8)
getsockopt$bt_hci(r2, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)
bind$alg(r0, &(0x7f0000001140)={0x26, 'skcipher\x00', 0x0, 0x0, 'salsa20-generic\x00'}, 0x9b)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e", 0x11)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000001300)={'erspan0\x00', &(0x7f0000001680)={'sit0\x00', <r7=>0x0, 0x8000, 0x8000, 0x3, 0x8, {{0x30, 0x4, 0x2, 0x9, 0xc0, 0x66, 0x0, 0x9, 0x4, 0x0, @empty, @multicast2, {[@cipso={0x86, 0x5c, 0x3, [{0x6, 0xe, "783c524dda2dd3f0a576f6a4"}, {0x1, 0x7, "28a674d322"}, {0x2, 0x7, "902c9131b1"}, {0x2, 0x12, "896fc40057efab85c940ac275db2dcdd"}, {0x5, 0xc, "0a8eacc7955bc9796430"}, {0x7, 0xb, "d3fffe4c9e2f03fd95"}, {0x1, 0x11, "1e2b44a37bd5c20318bdea41682dfc"}]}, @noop, @timestamp={0x44, 0x8, 0x8f, 0x0, 0x1, [0xa]}, @cipso={0x86, 0x44, 0x1, [{0x5, 0xb, "ca642ca8bce764914b"}, {0x0, 0xe, "c1c4ec8a65500ea7256ed06b"}, {0x5, 0x2}, {0x1, 0x5, "8ca42b"}, {0x5, 0xb, "b9ce179920907a55c9"}, {0x1, 0x3, 'U'}, {0x1, 0x10, "6debb867a5b2d08b47680f2f5174"}]}]}}}}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00'}, 0x10)
r8 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_TIOCOUTQ(r8, 0x5411, &(0x7f0000000240))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000001640)={'ip_vti0\x00', &(0x7f0000001780)={'syztnl1\x00', r7, 0x10, 0x20, 0x1, 0x200, {{0x1e, 0x4, 0x0, 0x3, 0x78, 0x67, 0x0, 0x91, 0x0, 0x0, @multicast1, @multicast1, {[@cipso={0x86, 0x64, 0x3, [{0x1, 0x12, "ca7cabb4bd0c2b13f29004cc5285e6ce"}, {0x2, 0xd, "e21a23605d1390c4c5cea3"}, {0x7, 0xfffffffffffffed4, "2b0cb79643b64ada36"}, {0x7, 0x9, "9790ab4ff07e3d"}, {0x5, 0x5, 'MKW'}, {0x118793f5b054084, 0x3, "82"}, {0x2, 0x2}, {0x5, 0xffffffffffffffbc, "e643c2ccfab365f3babb0a"}, {0x1, 0x2}, {0x0, 0x12, "45e8867748f857a07f8b7f9d4835c7f8"}]}]}}}}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000001840)=ANY=[@ANYBLOB="9feb010018000000000000007101000071010000050000000100000004000093070000000a000000040000000100000002000000010000006b2300000b00000063914b870800000008000000ff07000005000000090000000a0000060400000001000000010400000d000000020000000b000000810000000d0000000600000007000000050000000a000000f7ffffff0400000008000000050000000100000000000000008000000e000000060000000d00000004000085070000000f000000050000000f0000000f00000002000000060000000c00000004000000feffffff0000000000000000a40a0000090000000400001308000000060000000a000000000800000100000001000000050000000e00000006000000070000000500000066a0000002000000050000000000000700000000070000000600000f010000000200000001000000050000000400000006000000070000000300000005000000300000000400001000000400000008000000030000000400000004000000000000008d00000000302e2e005463e863064c511f8e117c000000000000"], &(0x7f0000001500)=""/103, 0x191, 0x67, 0x1, 0x6, 0x0, @void, @value}, 0x28)

438.302656ms ago: executing program 4 (id=4367):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)

321.475805ms ago: executing program 1 (id=4368):
socket(0x2b, 0x80801, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000340)=0x6, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r1], 0x24}}, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000800000002300000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
sendmmsg$inet(r5, &(0x7f0000002dc0)=[{{&(0x7f00000027c0)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000002b40)=ANY=[], 0x40}}, {{&(0x7f0000002bc0)={0x2, 0x4e22, @empty}, 0x10, 0x0}}], 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={<r7=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r6, 0x84, 0x79, &(0x7f0000000300)={r7, 0x5}, 0x8)
close(r4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988cafbe863cac5058031c97d70ccd0f76db9", 0x1e}, {&(0x7f0000000100)="e3f4e01bb64d88aff4c99218e5450df5392e79789c3968b1c72fc30961", 0x1d}], 0x2)

172.056997ms ago: executing program 4 (id=4369):
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="cf702e8cf675aaaaaaaaaabb86dd6000000000303afffe000000000000000000000000000001ff9bc5bd2aca0f28260000000000003d8900907800000000fe8000000000fe9600000000000000000000000000000201002b228078c827ee599287b55b02e63c10a196e9216c0417b24724f6b51ca365c89116e937230fe21b33df1a65d39000a828edef1810d24dd00b10584374725218b84b6433198cb815c8502efbd90bdec60b897932233102e1f512a3a02cd3d7a8bc6d85cd5efdad4a43dc6d9b2e26acfb92b5e4f677697d10045a0c9c0bf1b58f4d98840c5fb9aac68562b32de5f653a206a2f2c14c63b826485538a6391ea20fd5c2c5a4592500"/263], 0x0)

47.081056ms ago: executing program 4 (id=4370):
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000e80)="632a1eb3f0c0d7e1f3e8d83e8279b7e98f2a563510c1fcfd07c0d1e58d723f809bb0322337f15e8d329d0926517a3148030a1d29dd671ac729d9cef6e520827a2201ccd77c7dc703e9116d512859f12dceb0dad478a2369aba7403b262e45c11c1290b59d473d3beb8d3a31bc7f5dcd1a708ed0be6f4770112b98b16c93db109594b2a4b04efb89f5ef215ff6d9d93fb8edbcf8d1c62b39759c68e1a184914791d5462c363b80e38ea6cd8556c46c6252445e967b63edceb1040badab4eef2ef162c734cb8052dabd2bfedbdfd0b22bdc6b9dc0fca9b566b32c4dc85d26161877f60652000000031ae091ccaa53c0faf409dee0d109e684a93bc32e715052d24d7349df7bdaa7aea658d7b0a53376ca1c71ad1a878ceacf5ce8a8c64ace50f4d18f1027b9efc61a4b4a61e4b323fad5c47e4341c1292d0d1c1e15582399572a3f2983e1a15eb78767b87da6d3da400d215326419919de0df00007736000000000000000000edd0c789d37a7dcf3f5b8c9aa5329c38e2ed4c0fe3a0eae2a169c0322b4e5b96dd251a4477da4961b81a965463617e444bfac080d03ac4fbf2d0c40e22aed01bea5ce1b4ca5e0b249366f1b777a13fcfad3d0a047371d2169230d0d0597e10f58c8e2b20cf205740044c15fab6d52121b0a6b2c122096848d4e29e968e20c1615b1e11c61d8e0c58fe667224e89b83ef29e04c0c6fdf73c50bf051d8651613e5bf65f9e91a91f5ce1080bcbad3aa36f82e9d367cb537444e25cdc8c21b60216d540ac605f39e02950b5af27d81a80cddc1a96754465fe43887165f7dc70939eefaf15dce85857c9329b2bbdcf10f5c85f110a42bcc3489b45f3ffd8a8fadf90cf9a6e35674a89b740ddc", 0x26f}, {&(0x7f0000000580)="1eac4d20f8509e8f36d2842c8fae7bbe58c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d0558de77df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bbbe0131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d964b0161c1856697820eb52f55c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d09d0f74e180df6eaa94651336e7713414e49956fcb68a973e8239e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fbe071de646385dcf5cb7adf1ec70baef4061d2da93d2f5eef8b1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c109db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab58978eb8b269ba2ef764d4505ed495fe156f0dcbb79d177e4f0b476", 0x212}], 0x2, 0x0, 0x0, 0x4090}, 0x0)
sendmsg$alg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
read$alg(r0, &(0x7f0000003780)=""/4096, 0x1000)

0s ago: executing program 2 (id=4371):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x5)
sendmsg$nl_route(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

pfx_team_nl_options_set_doit+0x10/0x10
[  583.191235][T24190]  ? __nla_parse+0x40/0x60
[  583.195651][T24190]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  583.201985][T24190]  genl_rcv_msg+0xb14/0xec0
[  583.206499][T24190]  ? __pfx_genl_rcv_msg+0x10/0x10
[  583.211547][T24190]  ? __pfx_lock_acquire+0x10/0x10
[  583.216593][T24190]  ? __pfx_team_nl_options_set_doit+0x10/0x10
[  583.222695][T24190]  ? __pfx___might_resched+0x10/0x10
[  583.228001][T24190]  netlink_rcv_skb+0x1e3/0x430
[  583.232770][T24190]  ? __pfx_genl_rcv_msg+0x10/0x10
[  583.237800][T24190]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  583.243096][T24190]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  583.248565][T24190]  genl_rcv+0x28/0x40
[  583.252545][T24190]  netlink_unicast+0x7f6/0x990
[  583.257323][T24190]  ? __pfx_netlink_unicast+0x10/0x10
[  583.262611][T24190]  ? __virt_addr_valid+0x45f/0x530
[  583.267723][T24190]  ? __phys_addr_symbol+0x2f/0x70
[  583.272745][T24190]  ? __check_object_size+0x47a/0x730
[  583.278040][T24190]  netlink_sendmsg+0x8e4/0xcb0
[  583.282817][T24190]  ? __pfx_netlink_sendmsg+0x10/0x10
[  583.288103][T24190]  ? aa_sock_msg_perm+0x91/0x160
[  583.293044][T24190]  ? __pfx_netlink_sendmsg+0x10/0x10
[  583.298336][T24190]  __sock_sendmsg+0x221/0x270
[  583.303017][T24190]  ____sys_sendmsg+0x52a/0x7e0
[  583.307796][T24190]  ? __pfx_____sys_sendmsg+0x10/0x10
[  583.313077][T24190]  ? __fget_files+0x2a/0x410
[  583.317672][T24190]  ? __fget_files+0x2a/0x410
[  583.322270][T24190]  __sys_sendmsg+0x269/0x350
[  583.326857][T24190]  ? __pfx_lock_release+0x10/0x10
[  583.331894][T24190]  ? __pfx___sys_sendmsg+0x10/0x10
[  583.337015][T24190]  ? __pfx_vfs_write+0x10/0x10
[  583.341822][T24190]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  583.348182][T24190]  ? do_syscall_64+0x100/0x230
[  583.352955][T24190]  ? do_syscall_64+0xb6/0x230
[  583.357632][T24190]  do_syscall_64+0xf3/0x230
[  583.362134][T24190]  ? clear_bhb_loop+0x35/0x90
[  583.366811][T24190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.372697][T24190] RIP: 0033:0x7f4db3785d19
[  583.377109][T24190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.396713][T24190] RSP: 002b:00007f4db4624038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  583.405130][T24190] RAX: ffffffffffffffda RBX: 00007f4db3975fa0 RCX: 00007f4db3785d19
[  583.413102][T24190] RDX: 0000000000044084 RSI: 0000000020004bc0 RDI: 0000000000000003
[  583.421073][T24190] RBP: 00007f4db4624090 R08: 0000000000000000 R09: 0000000000000000
[  583.429042][T24190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.437007][T24190] R13: 0000000000000000 R14: 00007f4db3975fa0 R15: 00007fff014bd788
[  583.444989][T24190]  </TASK>
[  583.515996][T24196] __nla_validate_parse: 3 callbacks suppressed
[  583.516016][T24196] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3813'.
[  583.637024][T24118] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.646269][T24118] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.653523][T24118] bridge_slave_0: entered allmulticast mode
[  583.702130][T24118] bridge_slave_0: entered promiscuous mode
[  583.729399][T24118] bridge0: port 2(bridge_slave_1) entered blocking state
[  583.744426][T24118] bridge0: port 2(bridge_slave_1) entered disabled state
[  583.751860][T24118] bridge_slave_1: entered allmulticast mode
[  583.758405][T22869] Bluetooth: hci0: command tx timeout
[  583.771855][T24118] bridge_slave_1: entered promiscuous mode
[  583.865802][T24118] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  583.887566][T24118] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  583.945425][T24118] team0: Port device team_slave_0 added
[  583.963719][T24118] team0: Port device team_slave_1 added
[  584.042317][T24118] batman_adv: batadv0: Adding interface: batadv_slave_0
[  584.060769][T24118] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  584.064868][T24233] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3822'.
[  584.102379][T24118] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  584.127225][T24118] batman_adv: batadv0: Adding interface: batadv_slave_1
[  584.144351][T24118] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  584.193534][T24118] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  584.279124][T24118] hsr_slave_0: entered promiscuous mode
[  584.286319][T24118] hsr_slave_1: entered promiscuous mode
[  584.854413][T24254] xt_limit: Overflow, try lower: 262144/524288
[  584.918407][T24118] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  584.951963][T24118] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  584.976631][T24118] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  584.988363][T24118] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  585.171638][T24118] 8021q: adding VLAN 0 to HW filter on device bond0
[  585.201649][T24118] 8021q: adding VLAN 0 to HW filter on device team0
[  585.271072][T16039] bridge0: port 1(bridge_slave_0) entered blocking state
[  585.278353][T16039] bridge0: port 1(bridge_slave_0) entered forwarding state
[  585.301983][T16039] bridge0: port 2(bridge_slave_1) entered blocking state
[  585.309266][T16039] bridge0: port 2(bridge_slave_1) entered forwarding state
[  585.371024][T24279] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3831'.
[  585.834264][T22869] Bluetooth: hci0: command tx timeout
[  586.068962][T24316] netlink: 'syz.1.3834': attribute type 10 has an invalid length.
[  586.099568][T24316] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3834'.
[  586.115083][T24118] 8021q: adding VLAN 0 to HW filter on device batadv0
[  586.148555][T24319] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551607)
[  586.162684][T24319] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647
[  586.307993][T24118] veth0_vlan: entered promiscuous mode
[  586.339597][T24118] veth1_vlan: entered promiscuous mode
[  586.415416][T24329] netlink: 'syz.2.3840': attribute type 4 has an invalid length.
[  586.448100][T24118] veth0_macvtap: entered promiscuous mode
[  586.474907][T24118] veth1_macvtap: entered promiscuous mode
[  586.533500][T24118] batman_adv: batadv0: Interface activated: batadv_slave_0
[  586.564425][T24118] batman_adv: batadv0: Interface activated: batadv_slave_1
[  586.587419][T24118] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  586.621861][T24118] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  586.644090][T24118] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  586.652845][T24118] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  586.921704][T16039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  586.947132][T16039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.111594][ T2910] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.135526][ T2910] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.524877][T24372] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3850'.
[  587.756696][T24384] xt_bpf: check failed: parse error
[  588.173108][ T3556] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.450983][ T3556] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.649671][ T3556] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  588.837205][ T3556] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  589.004849][ T3556] bridge_slave_1: left allmulticast mode
[  589.010562][ T3556] bridge_slave_1: left promiscuous mode
[  589.025543][ T3556] bridge0: port 2(bridge_slave_1) entered disabled state
[  589.041173][ T3556] bridge_slave_0: left allmulticast mode
[  589.047132][ T3556] bridge_slave_0: left promiscuous mode
[  589.052873][ T3556] bridge0: port 1(bridge_slave_0) entered disabled state
[  589.215821][T24443] FAULT_INJECTION: forcing a failure.
[  589.215821][T24443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  589.222337][T24439] ipt_ECN: cannot use operation on non-tcp rule
[  589.272907][T24443] CPU: 1 UID: 0 PID: 24443 Comm: syz.3.3862 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  589.283730][T24443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  589.293794][T24443] Call Trace:
[  589.297076][T24443]  <TASK>
[  589.300008][T24443]  dump_stack_lvl+0x241/0x360
[  589.304693][T24443]  ? __pfx_dump_stack_lvl+0x10/0x10
[  589.309889][T24443]  ? __pfx__printk+0x10/0x10
[  589.314494][T24443]  ? __pfx_lock_release+0x10/0x10
[  589.319522][T24443]  should_fail_ex+0x3b0/0x4e0
[  589.324205][T24443]  _copy_from_iter+0x1e9/0x1c20
[  589.329057][T24443]  ? __virt_addr_valid+0x183/0x530
[  589.334174][T24443]  ? __alloc_skb+0x28f/0x440
[  589.338758][T24443]  ? __pfx__copy_from_iter+0x10/0x10
[  589.344041][T24443]  ? __virt_addr_valid+0x183/0x530
[  589.349154][T24443]  ? __virt_addr_valid+0x183/0x530
[  589.354265][T24443]  ? __virt_addr_valid+0x45f/0x530
[  589.359378][T24443]  ? __phys_addr_symbol+0x2f/0x70
[  589.364400][T24443]  ? __check_object_size+0x47a/0x730
[  589.369684][T24443]  netlink_sendmsg+0x73d/0xcb0
[  589.374459][T24443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  589.379742][T24443]  ? aa_sock_msg_perm+0x91/0x160
[  589.384681][T24443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  589.389958][T24443]  __sock_sendmsg+0x221/0x270
[  589.394635][T24443]  ____sys_sendmsg+0x52a/0x7e0
[  589.399399][T24443]  ? __pfx_____sys_sendmsg+0x10/0x10
[  589.404677][T24443]  ? __fget_files+0x2a/0x410
[  589.409267][T24443]  ? __fget_files+0x2a/0x410
[  589.413867][T24443]  __sys_sendmsg+0x269/0x350
[  589.418459][T24443]  ? __pfx_lock_release+0x10/0x10
[  589.423486][T24443]  ? __pfx___sys_sendmsg+0x10/0x10
[  589.428601][T24443]  ? __pfx_vfs_write+0x10/0x10
[  589.433376][T24443]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  589.439705][T24443]  ? do_syscall_64+0x100/0x230
[  589.444468][T24443]  ? do_syscall_64+0xb6/0x230
[  589.449144][T24443]  do_syscall_64+0xf3/0x230
[  589.453643][T24443]  ? clear_bhb_loop+0x35/0x90
[  589.458318][T24443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.464209][T24443] RIP: 0033:0x7f0971b85d19
[  589.468622][T24443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  589.488231][T24443] RSP: 002b:00007f09729f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  589.496645][T24443] RAX: ffffffffffffffda RBX: 00007f0971d75fa0 RCX: 00007f0971b85d19
[  589.504621][T24443] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000006
[  589.512587][T24443] RBP: 00007f09729f2090 R08: 0000000000000000 R09: 0000000000000000
[  589.520554][T24443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  589.528521][T24443] R13: 0000000000000000 R14: 00007f0971d75fa0 R15: 00007fffc1ae0ab8
[  589.536499][T24443]  </TASK>
[  589.825392][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  589.851694][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  589.860967][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  589.890231][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  589.898038][ T5839] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  589.906279][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  589.980468][ T3556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  589.991781][ T3556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  590.002590][ T3556] bond0 (unregistering): Released all slaves
[  590.027818][T24442] tipc: Enabled bearer <ib:ip_vti0>, priority 10
[  590.224751][T24459] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  590.268190][T24460] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3864'.
[  590.294137][T24460] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3864'.
[  590.328876][   T11] tipc: Subscription rejected, illegal request
[  590.355400][T24469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3865'.
[  590.451863][T24474] ipt_ECN: cannot use operation on non-tcp rule
[  590.549210][T24454] lo speed is unknown, defaulting to 1000
[  590.694449][T24480] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3870'.
[  590.718549][T24480] netlink: 7 bytes leftover after parsing attributes in process `syz.1.3870'.
[  590.916254][T24493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3872'.
[  591.154733][ T3556] hsr_slave_0: left promiscuous mode
[  591.161744][ T3556] hsr_slave_1: left promiscuous mode
[  591.173233][ T3556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  591.180775][ T3556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  591.189015][ T3556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  591.197902][ T3556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  591.230420][ T3556] veth1_macvtap: left promiscuous mode
[  591.236283][ T3556] veth0_macvtap: left promiscuous mode
[  591.242363][ T3556] veth1_vlan: left promiscuous mode
[  591.262565][ T3556] veth0_vlan: left promiscuous mode
[  591.279734][T24514] xt_TPROXY: Can be used only with -p tcp or -p udp
[  591.322413][T24516] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3877'.
[  591.332434][T24516] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3877'.
[  591.773422][ T3556] team0 (unregistering): Port device team_slave_1 removed
[  591.821341][ T3556] team0 (unregistering): Port device team_slave_0 removed
[  592.000502][T22869] Bluetooth: hci0: command tx timeout
[  592.307886][T24454] chnl_net:caif_netlink_parms(): no params data found
[  592.508466][T24528] team0: Unable to change to the same mode the team is in
[  592.701546][T24531] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3880'.
[  592.868688][T24454] bridge0: port 1(bridge_slave_0) entered blocking state
[  592.876188][T24454] bridge0: port 1(bridge_slave_0) entered disabled state
[  592.902162][T24454] bridge_slave_0: entered allmulticast mode
[  592.925521][T24454] bridge_slave_0: entered promiscuous mode
[  592.949011][T24454] bridge0: port 2(bridge_slave_1) entered blocking state
[  592.994173][T24554] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3886'.
[  592.996439][T24454] bridge0: port 2(bridge_slave_1) entered disabled state
[  593.044256][T24454] bridge_slave_1: entered allmulticast mode
[  593.056337][T24454] bridge_slave_1: entered promiscuous mode
[  593.103477][T24531] netlink: 'syz.3.3880': attribute type 21 has an invalid length.
[  593.125691][T24554] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  593.252233][T24454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  593.291733][T24454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  593.417345][T24454] team0: Port device team_slave_0 added
[  593.428142][T24573] xt_CT: You must specify a L4 protocol and not use inversions on it
[  593.476663][T24454] team0: Port device team_slave_1 added
[  593.620274][   T52] tipc: Subscription rejected, illegal request
[  593.662558][T24454] batman_adv: batadv0: Adding interface: batadv_slave_0
[  593.683943][T24454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.750179][T24454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  593.778842][T24454] batman_adv: batadv0: Adding interface: batadv_slave_1
[  593.798292][T24454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.855260][T24454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  593.884983][T24596] netlink: 'syz.4.3898': attribute type 21 has an invalid length.
[  594.051909][T24454] hsr_slave_0: entered promiscuous mode
[  594.084022][T22869] Bluetooth: hci0: command tx timeout
[  594.113427][T24454] hsr_slave_1: entered promiscuous mode
[  594.513537][T24628] Cannot find add_set index 3 as target
[  594.717998][T24454] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  594.740120][T24454] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  594.755064][T24454] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  594.769969][T24454] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  594.952437][T24454] 8021q: adding VLAN 0 to HW filter on device bond0
[  595.012412][T24454] 8021q: adding VLAN 0 to HW filter on device team0
[  595.065499][T16043] bridge0: port 1(bridge_slave_0) entered blocking state
[  595.072906][T16043] bridge0: port 1(bridge_slave_0) entered forwarding state
[  595.083063][ T3556] tipc: Subscription rejected, illegal request
[  595.090053][T16043] bridge0: port 2(bridge_slave_1) entered blocking state
[  595.097202][T16043] bridge0: port 2(bridge_slave_1) entered forwarding state
[  595.282491][T24658] __nla_validate_parse: 9 callbacks suppressed
[  595.282515][T24658] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3913'.
[  595.381506][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.436979][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.487071][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.539771][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.602368][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.670305][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.691148][T24454] 8021q: adding VLAN 0 to HW filter on device batadv0
[  595.732736][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.758138][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.806639][T24454] veth0_vlan: entered promiscuous mode
[  595.846246][T24454] veth1_vlan: entered promiscuous mode
[  595.870624][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.920504][T24454] veth0_macvtap: entered promiscuous mode
[  595.937853][T24662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  595.950401][T24454] veth1_macvtap: entered promiscuous mode
[  596.000778][T24454] batman_adv: batadv0: Interface activated: batadv_slave_0
[  596.030968][T24454] batman_adv: batadv0: Interface activated: batadv_slave_1
[  596.079763][T24454] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  596.104096][T24454] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  596.133999][T24454] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  596.142754][T24454] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  596.154659][T22869] Bluetooth: hci0: command tx timeout
[  596.421192][T24707] netlink: 'syz.3.3922': attribute type 2 has an invalid length.
[  596.439607][T24706] Bluetooth: MGMT ver 1.23
[  596.441095][T16037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  596.477456][T16037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  596.520645][ T2910] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  596.539199][ T2910] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  596.654298][T24713] FAULT_INJECTION: forcing a failure.
[  596.654298][T24713] name failslab, interval 1, probability 0, space 0, times 0
[  596.668763][T24713] CPU: 0 UID: 0 PID: 24713 Comm: syz.3.3924 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  596.679586][T24713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  596.689668][T24713] Call Trace:
[  596.692970][T24713]  <TASK>
[  596.695921][T24713]  dump_stack_lvl+0x241/0x360
[  596.700630][T24713]  ? __pfx_dump_stack_lvl+0x10/0x10
[  596.705862][T24713]  ? __pfx__printk+0x10/0x10
[  596.710488][T24713]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  596.716505][T24713]  ? __pfx___might_resched+0x10/0x10
[  596.721828][T24713]  should_fail_ex+0x3b0/0x4e0
[  596.726548][T24713]  should_failslab+0xac/0x100
[  596.731254][T24713]  kmem_cache_alloc_node_noprof+0x77/0x380
[  596.737098][T24713]  ? __alloc_skb+0x1c3/0x440
[  596.741719][T24713]  __alloc_skb+0x1c3/0x440
[  596.746169][T24713]  ? __pfx___alloc_skb+0x10/0x10
[  596.751132][T24713]  ? netlink_autobind+0xd6/0x2f0
[  596.756091][T24713]  ? netlink_autobind+0x2b0/0x2f0
[  596.761147][T24713]  netlink_sendmsg+0x638/0xcb0
[  596.765949][T24713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  596.771268][T24713]  ? aa_sock_msg_perm+0x91/0x160
[  596.776238][T24713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  596.781547][T24713]  __sock_sendmsg+0x221/0x270
[  596.786256][T24713]  ____sys_sendmsg+0x52a/0x7e0
[  596.791055][T24713]  ? __pfx_____sys_sendmsg+0x10/0x10
[  596.796364][T24713]  ? __fget_files+0x2a/0x410
[  596.800984][T24713]  ? __fget_files+0x2a/0x410
[  596.805612][T24713]  __sys_sendmmsg+0x36a/0x720
[  596.810329][T24713]  ? __pfx___sys_sendmmsg+0x10/0x10
[  596.815563][T24713]  ? __pfx_lock_release+0x10/0x10
[  596.820616][T24713]  ? kstrtouint_from_user+0x128/0x190
[  596.826035][T24713]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  596.831962][T24713]  ? ksys_write+0x22a/0x2b0
[  596.836528][T24713]  ? __pfx_lock_release+0x10/0x10
[  596.841585][T24713]  ? vfs_write+0x730/0xd30
[  596.846033][T24713]  ? __mutex_unlock_slowpath+0x21e/0x790
[  596.851717][T24713]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  596.857731][T24713]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  596.864096][T24713]  ? do_syscall_64+0x100/0x230
[  596.868889][T24713]  __x64_sys_sendmmsg+0xa0/0xb0
[  596.873768][T24713]  do_syscall_64+0xf3/0x230
[  596.878300][T24713]  ? clear_bhb_loop+0x35/0x90
[  596.883037][T24713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  596.888950][T24713] RIP: 0033:0x7f0971b85d19
[  596.893386][T24713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  596.913026][T24713] RSP: 002b:00007f09729f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  596.921486][T24713] RAX: ffffffffffffffda RBX: 00007f0971d75fa0 RCX: 00007f0971b85d19
[  596.929494][T24713] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005
[  596.937491][T24713] RBP: 00007f09729f2090 R08: 0000000000000000 R09: 0000000000000000
[  596.945493][T24713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  596.953503][T24713] R13: 0000000000000000 R14: 00007f0971d75fa0 R15: 00007fffc1ae0ab8
[  596.961523][T24713]  </TASK>
[  597.248359][T24734] tipc: Failed to remove unknown binding: 66,1,1/0:94215014/94215016
[  597.280175][T24734] tipc: Failed to remove unknown binding: 66,1,1/0:94215014/94215016
[  598.285650][T24783] ipt_ECN: cannot use operation on non-tcp rule
[  598.625282][T24790] netlink: 'syz.1.3938': attribute type 4 has an invalid length.
[  598.710269][T24797] netlink: 'syz.1.3938': attribute type 4 has an invalid length.
[  598.867960][   T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.326978][   T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.455995][   T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.593685][   T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.916535][T24831] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3944'.
[  600.030676][   T52] bridge_slave_1: left allmulticast mode
[  600.036497][   T52] bridge_slave_1: left promiscuous mode
[  600.042313][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.126727][   T52] bridge_slave_0: left allmulticast mode
[  600.132565][   T52] bridge_slave_0: left promiscuous mode
[  600.142355][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.276256][T24849] FAULT_INJECTION: forcing a failure.
[  600.276256][T24849] name failslab, interval 1, probability 0, space 0, times 0
[  600.313272][T24849] CPU: 1 UID: 0 PID: 24849 Comm: syz.1.3948 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  600.324203][T24849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  600.334283][T24849] Call Trace:
[  600.337575][T24849]  <TASK>
[  600.340520][T24849]  dump_stack_lvl+0x241/0x360
[  600.345235][T24849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  600.350477][T24849]  ? __pfx__printk+0x10/0x10
[  600.355100][T24849]  ? __kmalloc_cache_noprof+0x48/0x390
[  600.360592][T24849]  ? __pfx___might_resched+0x10/0x10
[  600.365898][T24849]  ? arch_stack_walk+0xfd/0x150
[  600.370790][T24849]  should_fail_ex+0x3b0/0x4e0
[  600.375513][T24849]  should_failslab+0xac/0x100
[  600.380225][T24849]  __kmalloc_cache_noprof+0x70/0x390
[  600.385542][T24849]  ? rtnl_newlink+0x131/0x2150
[  600.390338][T24849]  rtnl_newlink+0x131/0x2150
[  600.394964][T24849]  ? kasan_save_track+0x51/0x80
[  600.399839][T24849]  ? kasan_save_free_info+0x40/0x50
[  600.405068][T24849]  ? __kasan_slab_free+0x59/0x70
[  600.410040][T24849]  ? __pfx_rtnl_newlink+0x10/0x10
[  600.415090][T24849]  ? __netlink_deliver_tap+0x56b/0x7f0
[  600.420582][T24849]  ? __pfx_validate_chain+0x10/0x10
[  600.425810][T24849]  ? __sock_sendmsg+0x221/0x270
[  600.430686][T24849]  ? ____sys_sendmsg+0x52a/0x7e0
[  600.435645][T24849]  ? __sys_sendmsg+0x269/0x350
[  600.440434][T24849]  ? do_syscall_64+0xf3/0x230
[  600.445136][T24849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.451247][T24849]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  600.457259][T24849]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  600.459395][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  600.463606][T24849]  ? mark_lock+0x9a/0x360
[  600.463644][T24849]  ? __lock_acquire+0x1397/0x2100
[  600.463687][T24849]  ? rcu_read_unlock+0x87/0xa0
[  600.478385][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  600.480108][T24849]  ? __dev_queue_xmit+0x1775/0x3f50
[  600.480141][T24849]  ? __pfx_lock_release+0x10/0x10
[  600.486780][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  600.491823][T24849]  ? __pfx_rtnl_newlink+0x10/0x10
[  600.500005][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  600.502025][T24849]  rtnetlink_rcv_msg+0x791/0xcf0
[  600.502059][T24849]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  600.512154][ T5839] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  600.513983][T24849]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  600.514020][T24849]  ? ref_tracker_free+0x643/0x7e0
[  600.514047][T24849]  netlink_rcv_skb+0x1e3/0x430
[  600.514069][T24849]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  600.514093][T24849]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  600.514132][T24849]  ? netlink_deliver_tap+0x2e/0x1b0
[  600.514155][T24849]  netlink_unicast+0x7f6/0x990
[  600.514188][T24849]  ? __pfx_netlink_unicast+0x10/0x10
[  600.523813][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  600.526028][T24849]  ? __virt_addr_valid+0x45f/0x530
[  600.526060][T24849]  ? __phys_addr_symbol+0x2f/0x70
[  600.596308][T24849]  ? __check_object_size+0x47a/0x730
[  600.601600][T24849]  netlink_sendmsg+0x8e4/0xcb0
[  600.606378][T24849]  ? __pfx_netlink_sendmsg+0x10/0x10
[  600.611675][T24849]  ? aa_sock_msg_perm+0x91/0x160
[  600.616636][T24849]  ? __pfx_netlink_sendmsg+0x10/0x10
[  600.621923][T24849]  __sock_sendmsg+0x221/0x270
[  600.626602][T24849]  ____sys_sendmsg+0x52a/0x7e0
[  600.631371][T24849]  ? __pfx_____sys_sendmsg+0x10/0x10
[  600.636659][T24849]  ? __fget_files+0x2a/0x410
[  600.641257][T24849]  ? __fget_files+0x2a/0x410
[  600.645853][T24849]  __sys_sendmsg+0x269/0x350
[  600.650455][T24849]  ? __pfx_lock_release+0x10/0x10
[  600.655496][T24849]  ? __pfx___sys_sendmsg+0x10/0x10
[  600.660631][T24849]  ? __pfx_vfs_write+0x10/0x10
[  600.665416][T24849]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  600.671736][T24849]  ? do_syscall_64+0x100/0x230
[  600.676499][T24849]  ? do_syscall_64+0xb6/0x230
[  600.681193][T24849]  do_syscall_64+0xf3/0x230
[  600.685687][T24849]  ? clear_bhb_loop+0x35/0x90
[  600.690355][T24849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.696245][T24849] RIP: 0033:0x7fcaf6385d19
[  600.700650][T24849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  600.720267][T24849] RSP: 002b:00007fcaf41f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  600.728712][T24849] RAX: ffffffffffffffda RBX: 00007fcaf6575fa0 RCX: 00007fcaf6385d19
[  600.736697][T24849] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004
[  600.744672][T24849] RBP: 00007fcaf41f6090 R08: 0000000000000000 R09: 0000000000000000
[  600.752652][T24849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.760626][T24849] R13: 0000000000000000 R14: 00007fcaf6575fa0 R15: 00007ffe2e572658
[  600.768619][T24849]  </TASK>
[  601.124287][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  601.138023][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  601.148294][   T52] bond0 (unregistering): Released all slaves
[  601.176314][T24858] FAULT_INJECTION: forcing a failure.
[  601.176314][T24858] name failslab, interval 1, probability 0, space 0, times 0
[  601.219632][T24858] CPU: 0 UID: 0 PID: 24858 Comm: syz.1.3950 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  601.230469][T24858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  601.240557][T24858] Call Trace:
[  601.243862][T24858]  <TASK>
[  601.246818][T24858]  dump_stack_lvl+0x241/0x360
[  601.251532][T24858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  601.256764][T24858]  ? __pfx__printk+0x10/0x10
[  601.261393][T24858]  ? ref_tracker_alloc+0x332/0x490
[  601.266538][T24858]  should_fail_ex+0x3b0/0x4e0
[  601.271254][T24858]  should_failslab+0xac/0x100
[  601.275964][T24858]  ? skb_clone+0x20c/0x390
[  601.280408][T24858]  kmem_cache_alloc_noprof+0x70/0x380
[  601.285820][T24858]  skb_clone+0x20c/0x390
[  601.290105][T24858]  __netlink_deliver_tap+0x3cc/0x7f0
[  601.295432][T24858]  ? netlink_deliver_tap+0x2e/0x1b0
[  601.300662][T24858]  netlink_deliver_tap+0x19d/0x1b0
[  601.305805][T24858]  netlink_sendskb+0x68/0x140
[  601.310528][T24858]  netlink_unicast+0x39d/0x990
[  601.315339][T24858]  ? __pfx_netlink_unicast+0x10/0x10
[  601.320673][T24858]  netlink_rcv_skb+0x262/0x430
[  601.325476][T24858]  ? __pfx_genl_rcv_msg+0x10/0x10
[  601.330539][T24858]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  601.335868][T24858]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  601.341377][T24858]  genl_rcv+0x28/0x40
[  601.345393][T24858]  netlink_unicast+0x7f6/0x990
[  601.350206][T24858]  ? __pfx_netlink_unicast+0x10/0x10
[  601.355529][T24858]  ? __virt_addr_valid+0x45f/0x530
[  601.360675][T24858]  ? __phys_addr_symbol+0x2f/0x70
[  601.365733][T24858]  ? __check_object_size+0x47a/0x730
[  601.371053][T24858]  netlink_sendmsg+0x8e4/0xcb0
[  601.375869][T24858]  ? __pfx_netlink_sendmsg+0x10/0x10
[  601.381191][T24858]  ? aa_sock_msg_perm+0x91/0x160
[  601.386167][T24858]  ? __pfx_netlink_sendmsg+0x10/0x10
[  601.391481][T24858]  __sock_sendmsg+0x221/0x270
[  601.396195][T24858]  ____sys_sendmsg+0x52a/0x7e0
[  601.401006][T24858]  ? __pfx_____sys_sendmsg+0x10/0x10
[  601.406352][T24858]  ? __fget_files+0x2a/0x410
[  601.410987][T24858]  ? __fget_files+0x2a/0x410
[  601.415620][T24858]  __sys_sendmsg+0x269/0x350
[  601.420245][T24858]  ? __pfx_lock_release+0x10/0x10
[  601.425309][T24858]  ? __pfx___sys_sendmsg+0x10/0x10
[  601.430466][T24858]  ? __pfx_vfs_write+0x10/0x10
[  601.435288][T24858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  601.441647][T24858]  ? do_syscall_64+0x100/0x230
[  601.446443][T24858]  ? do_syscall_64+0xb6/0x230
[  601.451152][T24858]  do_syscall_64+0xf3/0x230
[  601.455683][T24858]  ? clear_bhb_loop+0x35/0x90
[  601.460393][T24858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.466316][T24858] RIP: 0033:0x7fcaf6385d19
[  601.470764][T24858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  601.490396][T24858] RSP: 002b:00007fcaf41f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  601.498846][T24858] RAX: ffffffffffffffda RBX: 00007fcaf6575fa0 RCX: 00007fcaf6385d19
[  601.506851][T24858] RDX: 0000000000000040 RSI: 0000000020000340 RDI: 0000000000000004
[  601.514856][T24858] RBP: 00007fcaf41f6090 R08: 0000000000000000 R09: 0000000000000000
[  601.522858][T24858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.530859][T24858] R13: 0000000000000000 R14: 00007fcaf6575fa0 R15: 00007ffe2e572658
[  601.538880][T24858]  </TASK>
[  601.694424][T24853] lo speed is unknown, defaulting to 1000
[  601.898541][T24884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3954'.
[  601.924788][T24884] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3954'.
[  601.970103][T24884] 8021q: adding VLAN 0 to HW filter on device macvlan11
[  602.526816][T24924] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3958'.
[  602.564601][ T5839] Bluetooth: hci0: command tx timeout
[  602.567933][T24924] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3958'.
[  602.692212][T24853] chnl_net:caif_netlink_parms(): no params data found
[  602.816059][T24929] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3960'.
[  602.916476][   T52] hsr_slave_0: left promiscuous mode
[  602.932010][   T52] hsr_slave_1: left promiscuous mode
[  602.939482][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  602.952935][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  602.976197][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  602.983719][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  603.018813][   T52] veth1_macvtap: left promiscuous mode
[  603.042259][   T52] veth0_macvtap: left promiscuous mode
[  603.048015][   T52] veth1_vlan: left promiscuous mode
[  603.053336][   T52] veth0_vlan: left promiscuous mode
[  603.460730][T24945] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3964'.
[  603.790680][   T52] team0 (unregistering): Port device team_slave_1 removed
[  603.831846][   T52] team0 (unregistering): Port device team_slave_0 removed
[  604.298127][T24939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3963'.
[  604.506207][T24955] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3965'.
[  604.637236][T24853] bridge0: port 1(bridge_slave_0) entered blocking state
[  604.645041][ T5839] Bluetooth: hci0: command tx timeout
[  604.679701][T24853] bridge0: port 1(bridge_slave_0) entered disabled state
[  604.689217][T24957] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3966'.
[  604.702989][T24853] bridge_slave_0: entered allmulticast mode
[  604.710341][T24853] bridge_slave_0: entered promiscuous mode
[  604.727690][T24957] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3966'.
[  604.816729][T24957] batadv0: entered promiscuous mode
[  604.827169][T24976] netlink: 'syz.2.3970': attribute type 10 has an invalid length.
[  604.836021][T24957] dummy0: entered promiscuous mode
[  604.849671][T24957] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  604.895720][T24957] Cannot create hsr debugfs directory
[  604.929005][T24966] net_ratelimit: 55 callbacks suppressed
[  604.929027][T24966] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  604.973292][T24853] bridge0: port 2(bridge_slave_1) entered blocking state
[  604.980771][T24853] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.994442][T24853] bridge_slave_1: entered allmulticast mode
[  605.001572][T24853] bridge_slave_1: entered promiscuous mode
[  605.083708][T24976] bridge0: entered promiscuous mode
[  605.121337][T24976] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  605.234637][T24853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  605.262346][T24853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  605.411562][T24853] team0: Port device team_slave_0 added
[  605.621531][T24853] team0: Port device team_slave_1 added
[  605.794846][T24853] batman_adv: batadv0: Adding interface: batadv_slave_0
[  605.830505][T24853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.871075][T24853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  605.929923][T24853] batman_adv: batadv0: Adding interface: batadv_slave_1
[  605.969566][T24853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.016510][T24853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  606.143632][T24853] hsr_slave_0: entered promiscuous mode
[  606.160760][T24853] hsr_slave_1: entered promiscuous mode
[  606.397916][T25040] FAULT_INJECTION: forcing a failure.
[  606.397916][T25040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  606.454150][T25040] CPU: 1 UID: 0 PID: 25040 Comm: syz.2.3983 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  606.464983][T25040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  606.475069][T25040] Call Trace:
[  606.478364][T25040]  <TASK>
[  606.481311][T25040]  dump_stack_lvl+0x241/0x360
[  606.486027][T25040]  ? __pfx_dump_stack_lvl+0x10/0x10
[  606.491267][T25040]  ? __pfx__printk+0x10/0x10
[  606.495898][T25040]  ? __pfx_lock_release+0x10/0x10
[  606.500961][T25040]  should_fail_ex+0x3b0/0x4e0
[  606.505673][T25040]  _copy_from_user+0x2f/0xc0
[  606.510301][T25040]  copy_msghdr_from_user+0xae/0x680
[  606.515543][T25040]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  606.521381][T25040]  ? __fget_files+0x2a/0x410
[  606.526006][T25040]  ? __fget_files+0x2a/0x410
[  606.530633][T25040]  __sys_sendmsg+0x209/0x350
[  606.535250][T25040]  ? __pfx_lock_release+0x10/0x10
[  606.540304][T25040]  ? __pfx___sys_sendmsg+0x10/0x10
[  606.545458][T25040]  ? __pfx_vfs_write+0x10/0x10
[  606.550269][T25040]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  606.556632][T25040]  ? do_syscall_64+0x100/0x230
[  606.561427][T25040]  ? do_syscall_64+0xb6/0x230
[  606.566136][T25040]  do_syscall_64+0xf3/0x230
[  606.570671][T25040]  ? clear_bhb_loop+0x35/0x90
[  606.575381][T25040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.581302][T25040] RIP: 0033:0x7f3d3cb85d19
[  606.585746][T25040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  606.605389][T25040] RSP: 002b:00007f3d3d952038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  606.613840][T25040] RAX: ffffffffffffffda RBX: 00007f3d3cd75fa0 RCX: 00007f3d3cb85d19
[  606.621839][T25040] RDX: 0000000000004004 RSI: 00000000200001c0 RDI: 0000000000000003
[  606.629844][T25040] RBP: 00007f3d3d952090 R08: 0000000000000000 R09: 0000000000000000
[  606.637851][T25040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  606.645852][T25040] R13: 0000000000000000 R14: 00007f3d3cd75fa0 R15: 00007ffe9a22aa58
[  606.653872][T25040]  </TASK>
[  606.714221][ T5839] Bluetooth: hci0: command tx timeout
[  606.723390][T25047] netlink: 'syz.4.3984': attribute type 1 has an invalid length.
[  606.791441][T25050] Bluetooth: MGMT ver 1.23
[  606.808988][T25055] netlink: 'syz.2.3986': attribute type 1 has an invalid length.
[  606.870808][T25047] geneve2: entered promiscuous mode
[  606.884341][T25047] geneve2: entered allmulticast mode
[  607.054088][T25065] FAULT_INJECTION: forcing a failure.
[  607.054088][T25065] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  607.068081][T25066] netlink: 'syz.1.3987': attribute type 9 has an invalid length.
[  607.104175][T25065] CPU: 1 UID: 0 PID: 25065 Comm: syz.2.3988 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  607.115005][T25065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  607.125086][T25065] Call Trace:
[  607.128392][T25065]  <TASK>
[  607.131347][T25065]  dump_stack_lvl+0x241/0x360
[  607.136064][T25065]  ? __pfx_dump_stack_lvl+0x10/0x10
[  607.141295][T25065]  ? __pfx__printk+0x10/0x10
[  607.145926][T25065]  ? snprintf+0xda/0x120
[  607.150194][T25065]  should_fail_ex+0x3b0/0x4e0
[  607.154904][T25065]  _copy_to_user+0x31/0xb0
[  607.159351][T25065]  simple_read_from_buffer+0xca/0x150
[  607.164754][T25065]  proc_fail_nth_read+0x1e9/0x250
[  607.169803][T25065]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  607.175377][T25065]  ? rw_verify_area+0x55e/0x6f0
[  607.180246][T25065]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  607.185816][T25065]  vfs_read+0x1fc/0xb70
[  607.190005][T25065]  ? __pfx___mutex_lock+0x10/0x10
[  607.195053][T25065]  ? __pfx_vfs_read+0x10/0x10
[  607.199754][T25065]  ? __fget_files+0x2a/0x410
[  607.204371][T25065]  ? __fget_files+0x395/0x410
[  607.209076][T25065]  ? __fget_files+0x2a/0x410
[  607.213713][T25065]  ksys_read+0x18f/0x2b0
[  607.217996][T25065]  ? __pfx_ksys_read+0x10/0x10
[  607.222787][T25065]  ? do_syscall_64+0x100/0x230
[  607.227581][T25065]  ? do_syscall_64+0xb6/0x230
[  607.232284][T25065]  do_syscall_64+0xf3/0x230
[  607.236816][T25065]  ? clear_bhb_loop+0x35/0x90
[  607.241522][T25065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  607.247441][T25065] RIP: 0033:0x7f3d3cb8472c
[  607.251881][T25065] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  607.271521][T25065] RSP: 002b:00007f3d3d952030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  607.279972][T25065] RAX: ffffffffffffffda RBX: 00007f3d3cd75fa0 RCX: 00007f3d3cb8472c
[  607.287982][T25065] RDX: 000000000000000f RSI: 00007f3d3d9520a0 RDI: 0000000000000004
[  607.296076][T25065] RBP: 00007f3d3d952090 R08: 0000000000000000 R09: 0000000000000000
[  607.304079][T25065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  607.312080][T25065] R13: 0000000000000000 R14: 00007f3d3cd75fa0 R15: 00007ffe9a22aa58
[  607.320098][T25065]  </TASK>
[  607.629938][T24853] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  607.702498][T24853] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  607.758526][T24853] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  607.808807][T24853] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  608.007976][T25102] FAULT_INJECTION: forcing a failure.
[  608.007976][T25102] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  608.050379][T25102] CPU: 1 UID: 0 PID: 25102 Comm: syz.3.3996 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  608.061222][T25102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  608.071308][T25102] Call Trace:
[  608.074638][T25102]  <TASK>
[  608.077589][T25102]  dump_stack_lvl+0x241/0x360
[  608.082735][T25102]  ? __pfx_dump_stack_lvl+0x10/0x10
[  608.087962][T25102]  ? __pfx__printk+0x10/0x10
[  608.092582][T25102]  ? __pfx_lock_release+0x10/0x10
[  608.097639][T25102]  should_fail_ex+0x3b0/0x4e0
[  608.102357][T25102]  _copy_from_user+0x2f/0xc0
[  608.106977][T25102]  copy_msghdr_from_user+0xae/0x680
[  608.112215][T25102]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  608.112799][T24853] 8021q: adding VLAN 0 to HW filter on device bond0
[  608.118025][T25102]  ? __fget_files+0x2a/0x410
[  608.118057][T25102]  ? __fget_files+0x2a/0x410
[  608.118086][T25102]  __sys_sendmmsg+0x32b/0x720
[  608.118118][T25102]  ? __pfx___sys_sendmmsg+0x10/0x10
[  608.118149][T25102]  ? __pfx_lock_release+0x10/0x10
[  608.118169][T25102]  ? kstrtouint_from_user+0x128/0x190
[  608.118212][T25102]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  608.118239][T25102]  ? ksys_write+0x22a/0x2b0
[  608.118257][T25102]  ? __pfx_lock_release+0x10/0x10
[  608.118282][T25102]  ? vfs_write+0x730/0xd30
[  608.174088][T25102]  ? __mutex_unlock_slowpath+0x21e/0x790
[  608.179785][T25102]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  608.185805][T25102]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  608.192170][T25102]  ? do_syscall_64+0x100/0x230
[  608.195252][T24853] 8021q: adding VLAN 0 to HW filter on device team0
[  608.196947][T25102]  __x64_sys_sendmmsg+0xa0/0xb0
[  608.208414][T25102]  do_syscall_64+0xf3/0x230
[  608.212948][T25102]  ? clear_bhb_loop+0x35/0x90
[  608.214840][T16037] bridge0: port 1(bridge_slave_0) entered blocking state
[  608.217635][T25102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.217662][T25102] RIP: 0033:0x7f0971b85d19
[  608.217681][T25102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  608.217698][T25102] RSP: 002b:00007f09729d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  608.217720][T25102] RAX: ffffffffffffffda RBX: 00007f0971d76080 RCX: 00007f0971b85d19
[  608.224816][T16037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  608.230581][T25102] RDX: 00000000000101d0 RSI: 00000000200030c0 RDI: 000000000000000b
[  608.279593][T16037] bridge0: port 2(bridge_slave_1) entered blocking state
[  608.286116][T25102] RBP: 00007f09729d1090 R08: 0000000000000000 R09: 0000000000000000
[  608.286134][T25102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  608.286146][T25102] R13: 0000000000000000 R14: 00007f0971d76080 R15: 00007fffc1ae0ab8
[  608.286174][T25102]  </TASK>
[  608.320533][T16037] bridge0: port 2(bridge_slave_1) entered forwarding state
[  608.437320][T25110] netlink: 'syz.2.3998': attribute type 1 has an invalid length.
[  608.445368][T25110] __nla_validate_parse: 4 callbacks suppressed
[  608.445385][T25110] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3998'.
[  608.495388][T24853] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  608.795031][ T5839] Bluetooth: hci0: command tx timeout
[  608.800984][T25129] syz.1.4000[25129] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  608.801075][T25129] syz.1.4000[25129] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  608.814495][T24853] 8021q: adding VLAN 0 to HW filter on device batadv0
[  608.822414][T25129] syz.1.4000[25129] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  608.996205][T24853] veth0_vlan: entered promiscuous mode
[  609.022087][T24853] veth1_vlan: entered promiscuous mode
[  609.155735][T25139] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4002'.
[  609.180862][T24853] veth0_macvtap: entered promiscuous mode
[  609.192970][T24853] veth1_macvtap: entered promiscuous mode
[  609.227617][T24853] batman_adv: batadv0: Interface activated: batadv_slave_0
[  609.251171][T25140] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4002'.
[  609.271262][T25139] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4002'.
[  609.290240][T25140] netlink: 'syz.2.4002': attribute type 3 has an invalid length.
[  609.296470][T24853] batman_adv: batadv0: Interface activated: batadv_slave_1
[  609.325128][T25140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4002'.
[  609.329331][T24853] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  609.366296][T24853] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  609.383959][T24853] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  609.397886][T24853] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  609.831335][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  609.839674][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  609.962193][T25165] netlink: 'syz.2.4009': attribute type 1 has an invalid length.
[  609.970220][T16037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  609.970248][T16037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  609.986077][T25165] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4009'.
[  610.225430][T25179] FAULT_INJECTION: forcing a failure.
[  610.225430][T25179] name failslab, interval 1, probability 0, space 0, times 0
[  610.278960][T25179] CPU: 1 UID: 0 PID: 25179 Comm: syz.2.4015 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  610.289798][T25179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  610.299883][T25179] Call Trace:
[  610.303185][T25179]  <TASK>
[  610.306154][T25179]  dump_stack_lvl+0x241/0x360
[  610.310867][T25179]  ? __pfx_dump_stack_lvl+0x10/0x10
[  610.316099][T25179]  ? __pfx__printk+0x10/0x10
[  610.320731][T25179]  ? __kmalloc_cache_noprof+0x48/0x390
[  610.326231][T25179]  ? __pfx___might_resched+0x10/0x10
[  610.331559][T25179]  should_fail_ex+0x3b0/0x4e0
[  610.336282][T25179]  should_failslab+0xac/0x100
[  610.340994][T25179]  __kmalloc_cache_noprof+0x70/0x390
[  610.346322][T25179]  ? nfnetlink_rcv+0x1265/0x2ab0
[  610.351435][T25179]  nfnetlink_rcv+0x1265/0x2ab0
[  610.356270][T25179]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  610.361472][T25179]  ? netlink_deliver_tap+0x2e/0x1b0
[  610.366701][T25179]  ? skb_clone+0x240/0x390
[  610.371149][T25179]  ? __pfx_lock_release+0x10/0x10
[  610.376221][T25179]  ? netlink_deliver_tap+0x2e/0x1b0
[  610.381454][T25179]  netlink_unicast+0x7f6/0x990
[  610.386263][T25179]  ? __pfx_netlink_unicast+0x10/0x10
[  610.391585][T25179]  ? __virt_addr_valid+0x45f/0x530
[  610.396742][T25179]  ? __phys_addr_symbol+0x2f/0x70
[  610.402065][T25179]  ? __check_object_size+0x47a/0x730
[  610.407392][T25179]  netlink_sendmsg+0x8e4/0xcb0
[  610.412202][T25179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  610.417526][T25179]  ? aa_sock_msg_perm+0x91/0x160
[  610.422503][T25179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  610.427822][T25179]  __sock_sendmsg+0x221/0x270
[  610.432539][T25179]  ____sys_sendmsg+0x52a/0x7e0
[  610.437347][T25179]  ? __pfx_____sys_sendmsg+0x10/0x10
[  610.442675][T25179]  ? __fget_files+0x2a/0x410
[  610.447304][T25179]  ? __fget_files+0x2a/0x410
[  610.451952][T25179]  __sys_sendmsg+0x269/0x350
[  610.456582][T25179]  ? __pfx_lock_release+0x10/0x10
[  610.461649][T25179]  ? __pfx___sys_sendmsg+0x10/0x10
[  610.466813][T25179]  ? __pfx_vfs_write+0x10/0x10
[  610.471634][T25179]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  610.478002][T25179]  ? do_syscall_64+0x100/0x230
[  610.482805][T25179]  ? do_syscall_64+0xb6/0x230
[  610.487515][T25179]  do_syscall_64+0xf3/0x230
[  610.492046][T25179]  ? clear_bhb_loop+0x35/0x90
[  610.496746][T25179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  610.502655][T25179] RIP: 0033:0x7f3d3cb85d19
[  610.507082][T25179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  610.526697][T25179] RSP: 002b:00007f3d3d952038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  610.535116][T25179] RAX: ffffffffffffffda RBX: 00007f3d3cd75fa0 RCX: 00007f3d3cb85d19
[  610.543086][T25179] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003
[  610.551057][T25179] RBP: 00007f3d3d952090 R08: 0000000000000000 R09: 0000000000000000
[  610.559034][T25179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  610.567007][T25179] R13: 0000000000000000 R14: 00007f3d3cd75fa0 R15: 00007ffe9a22aa58
[  610.574990][T25179]  </TASK>
[  610.691589][T25188] tipc: Resetting bearer <ib:ip_vti0>
[  610.795375][T25198] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4021'.
[  610.844058][T25198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4021'.
[  610.867118][T25204] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  610.883670][T25198] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4021'.
[  610.965450][T25198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4021'.
[  610.997097][T25198] netlink: 'syz.3.4021': attribute type 12 has an invalid length.
[  611.106816][T25217] netlink: 'syz.2.4025': attribute type 1 has an invalid length.
[  611.882473][   T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.229623][   T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.442792][   T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.610083][   T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.903505][   T52] bridge_slave_1: left allmulticast mode
[  612.911813][   T52] bridge_slave_1: left promiscuous mode
[  612.923706][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.009874][   T52] bridge_slave_0: left allmulticast mode
[  613.047752][   T52] bridge_slave_0: left promiscuous mode
[  613.055472][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.098775][T25323] xt_cgroup: invalid path, errno=-2
[  613.289670][T22869] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  613.301337][T22869] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  613.333729][T22869] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  613.351300][T22869] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  613.378632][T22869] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  613.390868][T22869] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  614.391936][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  614.409309][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  614.423114][   T52] bond0 (unregistering): Released all slaves
[  614.444931][T25319] batadv_slave_1: entered promiscuous mode
[  614.476581][T25326] __nla_validate_parse: 3 callbacks suppressed
[  614.476603][T25326] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4034'.
[  614.498700][T25325] netlink: 'syz.2.4038': attribute type 1 has an invalid length.
[  614.551149][T25325] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4038'.
[  614.630950][T25335] lo speed is unknown, defaulting to 1000
[  614.636502][T25403] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  615.082334][T25424] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4045'.
[  615.436194][ T5839] Bluetooth: hci0: command tx timeout
[  615.669202][T25447] netlink: 'syz.2.4052': attribute type 1 has an invalid length.
[  615.690843][T25447] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4052'.
[  616.047128][T25443] batadv_slave_1: left promiscuous mode
[  616.219233][T25443] macsec0: left promiscuous mode
[  616.260870][T25443] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  616.280116][T25443] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  616.290884][T25443] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  616.306954][T25443] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  616.400512][T25443] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  616.440076][T25443] netdevsim netdevsim3 netdevsim0: unset [1, 2] type 2 family 0 port 36445 - 0
[  616.452542][T25443] netdevsim netdevsim3 netdevsim1: unset [1, 2] type 2 family 0 port 36445 - 0
[  616.462187][T25443] netdevsim netdevsim3 netdevsim2: unset [1, 2] type 2 family 0 port 36445 - 0
[  616.471451][T25443] netdevsim netdevsim3 netdevsim3: unset [1, 2] type 2 family 0 port 36445 - 0
[  616.488023][T25443] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 40588 - 0
[  616.497642][T25443] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 40588 - 0
[  616.506933][T25443] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 40588 - 0
[  616.516172][T25443] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 40588 - 0
[  616.525605][T25443] geneve2: left promiscuous mode
[  616.530550][T25443] geneve2: left allmulticast mode
[  616.545667][T25443] xfrm1: left allmulticast mode
[  616.572820][   T52] hsr_slave_0: left promiscuous mode
[  616.580583][   T52] hsr_slave_1: left promiscuous mode
[  616.587573][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  616.596230][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  616.605809][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  616.613272][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  616.652898][   T52] veth1_macvtap: left promiscuous mode
[  616.662027][   T52] veth0_macvtap: left promiscuous mode
[  616.671242][   T52] veth1_vlan: left promiscuous mode
[  616.676882][   T52] veth0_vlan: left promiscuous mode
[  616.748074][T25471] netlink: 'syz.2.4055': attribute type 10 has an invalid length.
[  617.189790][   T52] team0 (unregistering): Port device team_slave_1 removed
[  617.240172][   T52] team0 (unregistering): Port device team_slave_0 removed
[  617.528586][ T5839] Bluetooth: hci0: command tx timeout
[  617.736412][T25471] team0: Device ipvlan1 failed to register rx_handler
[  617.772068][T25335] chnl_net:caif_netlink_parms(): no params data found
[  617.960631][T25480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4058'.
[  618.064014][T25335] bridge0: port 1(bridge_slave_0) entered blocking state
[  618.072509][T25335] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.103203][T25335] bridge_slave_0: entered allmulticast mode
[  618.110260][T25335] bridge_slave_0: entered promiscuous mode
[  618.134551][T25335] bridge0: port 2(bridge_slave_1) entered blocking state
[  618.144194][T25335] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.151463][T25335] bridge_slave_1: entered allmulticast mode
[  618.199046][T25335] bridge_slave_1: entered promiscuous mode
[  618.318641][T25496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4061'.
[  618.337261][T25496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4061'.
[  618.570838][T25335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  618.624768][T25335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  618.715600][T25335] team0: Port device team_slave_0 added
[  618.766462][T25335] team0: Port device team_slave_1 added
[  618.904768][T25335] batman_adv: batadv0: Adding interface: batadv_slave_0
[  618.933477][T25503] netlink: 'syz.2.4064': attribute type 1 has an invalid length.
[  618.948994][T25335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  618.992634][T25503] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4064'.
[  619.039996][T25335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  619.065976][T25335] batman_adv: batadv0: Adding interface: batadv_slave_1
[  619.083613][T25335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  619.130193][T25335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  619.235164][T25515] FAULT_INJECTION: forcing a failure.
[  619.235164][T25515] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  619.238448][T25505] lo speed is unknown, defaulting to 1000
[  619.277182][T25515] CPU: 1 UID: 0 PID: 25515 Comm: syz.1.4068 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  619.288012][T25515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  619.298093][T25515] Call Trace:
[  619.301392][T25515]  <TASK>
[  619.304343][T25515]  dump_stack_lvl+0x241/0x360
[  619.309150][T25515]  ? __pfx_dump_stack_lvl+0x10/0x10
[  619.314381][T25515]  ? __pfx__printk+0x10/0x10
[  619.319013][T25515]  ? snprintf+0xda/0x120
[  619.323294][T25515]  should_fail_ex+0x3b0/0x4e0
[  619.328014][T25515]  _copy_to_user+0x31/0xb0
[  619.332454][T25515]  simple_read_from_buffer+0xca/0x150
[  619.337850][T25515]  proc_fail_nth_read+0x1e9/0x250
[  619.342882][T25515]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  619.348432][T25515]  ? rw_verify_area+0x55e/0x6f0
[  619.353279][T25515]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  619.358830][T25515]  vfs_read+0x1fc/0xb70
[  619.362987][T25515]  ? __pfx___mutex_lock+0x10/0x10
[  619.368008][T25515]  ? __pfx_vfs_read+0x10/0x10
[  619.372683][T25515]  ? __fget_files+0x2a/0x410
[  619.377273][T25515]  ? __fget_files+0x395/0x410
[  619.381954][T25515]  ? __fget_files+0x2a/0x410
[  619.386550][T25515]  ksys_read+0x18f/0x2b0
[  619.390789][T25515]  ? __pfx_ksys_read+0x10/0x10
[  619.395546][T25515]  ? do_syscall_64+0x100/0x230
[  619.400314][T25515]  ? do_syscall_64+0xb6/0x230
[  619.405015][T25515]  do_syscall_64+0xf3/0x230
[  619.409513][T25515]  ? clear_bhb_loop+0x35/0x90
[  619.414190][T25515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.420075][T25515] RIP: 0033:0x7fcaf638472c
[  619.424486][T25515] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  619.444368][T25515] RSP: 002b:00007fcaf41f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  619.452791][T25515] RAX: ffffffffffffffda RBX: 00007fcaf6575fa0 RCX: 00007fcaf638472c
[  619.460761][T25515] RDX: 000000000000000f RSI: 00007fcaf41f60a0 RDI: 0000000000000004
[  619.468732][T25515] RBP: 00007fcaf41f6090 R08: 0000000000000000 R09: 0000000000000000
[  619.476705][T25515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  619.485456][T25515] R13: 0000000000000000 R14: 00007fcaf6575fa0 R15: 00007ffe2e572658
[  619.493439][T25515]  </TASK>
[  619.519273][T25335] hsr_slave_0: entered promiscuous mode
[  619.568657][T25335] hsr_slave_1: entered promiscuous mode
[  619.609026][T25523] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4070'.
[  619.614302][ T5839] Bluetooth: hci0: command tx timeout
[  619.697412][T25523] netlink: 10 bytes leftover after parsing attributes in process `syz.4.4070'.
[  620.093343][T25540] bridge6: entered promiscuous mode
[  620.108515][T25540] bridge6: entered allmulticast mode
[  620.664147][T25335] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  620.688538][T25335] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  620.708888][T25335] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  620.725610][T25335] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  620.917450][T25563] netlink: 'syz.1.4079': attribute type 1 has an invalid length.
[  620.946222][T25563] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4079'.
[  620.968814][T25335] 8021q: adding VLAN 0 to HW filter on device bond0
[  620.986714][T25335] 8021q: adding VLAN 0 to HW filter on device team0
[  620.997649][ T2910] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.004825][ T2910] bridge0: port 1(bridge_slave_0) entered forwarding state
[  621.048703][ T3556] bridge0: port 2(bridge_slave_1) entered blocking state
[  621.055885][ T3556] bridge0: port 2(bridge_slave_1) entered forwarding state
[  621.091330][T25569] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4082'.
[  621.179557][T25573] netlink: 'syz.4.4083': attribute type 1 has an invalid length.
[  621.532743][T25335] 8021q: adding VLAN 0 to HW filter on device batadv0
[  621.619567][T25335] veth0_vlan: entered promiscuous mode
[  621.651204][T25335] veth1_vlan: entered promiscuous mode
[  621.674352][ T5839] Bluetooth: hci0: command tx timeout
[  621.699573][T25335] veth0_macvtap: entered promiscuous mode
[  621.709260][T25335] veth1_macvtap: entered promiscuous mode
[  621.725655][T25335] batman_adv: batadv0: Interface activated: batadv_slave_0
[  621.741748][T25335] batman_adv: batadv0: Interface activated: batadv_slave_1
[  621.813685][T25335] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  621.854894][T25335] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  621.881099][T25335] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  621.903946][T25335] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  622.298015][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  622.327499][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  622.440029][T16039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  622.453501][T16039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  622.728626][T25616] batadv0: mtu less than device minimum
[  623.091199][T25633] FAULT_INJECTION: forcing a failure.
[  623.091199][T25633] name failslab, interval 1, probability 0, space 0, times 0
[  623.136669][T25633] CPU: 1 UID: 0 PID: 25633 Comm: syz.3.4102 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  623.147495][T25633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  623.157552][T25633] Call Trace:
[  623.160832][T25633]  <TASK>
[  623.163760][T25633]  dump_stack_lvl+0x241/0x360
[  623.168448][T25633]  ? __pfx_dump_stack_lvl+0x10/0x10
[  623.173647][T25633]  ? __pfx__printk+0x10/0x10
[  623.178239][T25633]  ? __kmalloc_cache_noprof+0x48/0x390
[  623.183698][T25633]  ? __pfx___might_resched+0x10/0x10
[  623.188985][T25633]  should_fail_ex+0x3b0/0x4e0
[  623.193670][T25633]  should_failslab+0xac/0x100
[  623.198350][T25633]  __kmalloc_cache_noprof+0x70/0x390
[  623.203634][T25633]  ? nft_trans_rule_add+0x5a/0x430
[  623.208769][T25633]  nft_trans_rule_add+0x5a/0x430
[  623.213720][T25633]  nf_tables_newrule+0x1c52/0x2980
[  623.218854][T25633]  ? nfnl_pernet+0x23/0x240
[  623.223371][T25633]  ? __pfx_nf_tables_newrule+0x10/0x10
[  623.228853][T25633]  ? __nla_parse+0x40/0x60
[  623.233277][T25633]  nfnetlink_rcv+0x14e3/0x2ab0
[  623.238043][T25633]  ? __pfx_validate_chain+0x10/0x10
[  623.243269][T25633]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  623.248388][T25633]  ? __lock_acquire+0x1397/0x2100
[  623.253458][T25633]  ? netlink_deliver_tap+0x2e/0x1b0
[  623.258684][T25633]  ? __pfx_lock_release+0x10/0x10
[  623.263733][T25633]  ? netlink_deliver_tap+0x2e/0x1b0
[  623.268935][T25633]  netlink_unicast+0x7f6/0x990
[  623.273710][T25633]  ? __pfx_netlink_unicast+0x10/0x10
[  623.278998][T25633]  ? __virt_addr_valid+0x45f/0x530
[  623.284114][T25633]  ? __phys_addr_symbol+0x2f/0x70
[  623.289137][T25633]  ? __check_object_size+0x47a/0x730
[  623.294426][T25633]  netlink_sendmsg+0x8e4/0xcb0
[  623.299199][T25633]  ? __pfx_netlink_sendmsg+0x10/0x10
[  623.304484][T25633]  ? aa_sock_msg_perm+0x91/0x160
[  623.309427][T25633]  ? __pfx_netlink_sendmsg+0x10/0x10
[  623.314711][T25633]  __sock_sendmsg+0x221/0x270
[  623.319396][T25633]  ____sys_sendmsg+0x52a/0x7e0
[  623.324163][T25633]  ? __pfx_____sys_sendmsg+0x10/0x10
[  623.329442][T25633]  ? __fget_files+0x2a/0x410
[  623.334034][T25633]  ? __fget_files+0x2a/0x410
[  623.338759][T25633]  __sys_sendmsg+0x269/0x350
[  623.343361][T25633]  ? __pfx_lock_release+0x10/0x10
[  623.348413][T25633]  ? __pfx___sys_sendmsg+0x10/0x10
[  623.353545][T25633]  ? __pfx_vfs_write+0x10/0x10
[  623.358339][T25633]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  623.364670][T25633]  ? do_syscall_64+0x100/0x230
[  623.369433][T25633]  ? do_syscall_64+0xb6/0x230
[  623.374112][T25633]  do_syscall_64+0xf3/0x230
[  623.378613][T25633]  ? clear_bhb_loop+0x35/0x90
[  623.383291][T25633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.389181][T25633] RIP: 0033:0x7f0971b85d19
[  623.393595][T25633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.413204][T25633] RSP: 002b:00007f09729f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  623.421625][T25633] RAX: ffffffffffffffda RBX: 00007f0971d75fa0 RCX: 00007f0971b85d19
[  623.429598][T25633] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
[  623.437570][T25633] RBP: 00007f09729f2090 R08: 0000000000000000 R09: 0000000000000000
[  623.445539][T25633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.453506][T25633] R13: 0000000000000000 R14: 00007f0971d75fa0 R15: 00007fffc1ae0ab8
[  623.461493][T25633]  </TASK>
[  623.530860][T25629] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4100'.
[  623.540096][T25629] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4100'.
[  623.831611][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  623.867328][T25647] netlink: 'syz.2.4107': attribute type 21 has an invalid length.
[  623.876252][T25647] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4107'.
[  623.899506][T25647] netlink: 'syz.2.4107': attribute type 4 has an invalid length.
[  623.914162][T25647] netlink: 'syz.2.4107': attribute type 3 has an invalid length.
[  623.922614][T25647] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4107'.
[  623.938563][T25645] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  624.011951][T25649] Cannot find del_set index 4 as target
[  624.071174][T25649] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4108'.
[  624.932581][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.014718][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.092661][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.468477][T22869] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  625.478358][T22869] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  625.495074][T22869] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  625.570601][T22869] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  625.588509][   T11] bridge_slave_1: left allmulticast mode
[  625.595864][T22869] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  625.604590][T22869] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  625.612763][   T11] bridge_slave_1: left promiscuous mode
[  625.620011][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  625.672835][   T11] bridge_slave_0: left allmulticast mode
[  625.678865][   T11] bridge_slave_0: left promiscuous mode
[  625.693453][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.762270][T25683] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4118'.
[  625.772748][T25683] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4118'.
[  626.173723][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  626.189073][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  626.199579][   T11] bond0 (unregistering): Released all slaves
[  626.370996][T25672] lo speed is unknown, defaulting to 1000
[  626.462742][T25694] ipt_ECN: cannot use operation on non-tcp rule
[  626.558058][ T2910] tipc: Subscription rejected, illegal request
[  626.585149][T25700] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4125'.
[  626.611888][T25704] Bluetooth: MGMT ver 1.23
[  626.747382][T25709] FAULT_INJECTION: forcing a failure.
[  626.747382][T25709] name failslab, interval 1, probability 0, space 0, times 0
[  626.768129][T25709] CPU: 1 UID: 0 PID: 25709 Comm: syz.2.4128 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  626.778954][T25709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  626.789037][T25709] Call Trace:
[  626.792330][T25709]  <TASK>
[  626.795286][T25709]  dump_stack_lvl+0x241/0x360
[  626.800023][T25709]  ? __pfx_dump_stack_lvl+0x10/0x10
[  626.805261][T25709]  ? __pfx__printk+0x10/0x10
[  626.809887][T25709]  ? __kmalloc_cache_noprof+0x48/0x390
[  626.815392][T25709]  ? __pfx___might_resched+0x10/0x10
[  626.820710][T25709]  should_fail_ex+0x3b0/0x4e0
[  626.825424][T25709]  should_failslab+0xac/0x100
[  626.830135][T25709]  __kmalloc_cache_noprof+0x70/0x390
[  626.835455][T25709]  ? ovs_ct_limit_cmd_set+0x2f9/0xaf0
[  626.840870][T25709]  ovs_ct_limit_cmd_set+0x2f9/0xaf0
[  626.846109][T25709]  genl_rcv_msg+0xb14/0xec0
[  626.850630][T25709]  ? __pfx_genl_rcv_msg+0x10/0x10
[  626.855660][T25709]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  626.861568][T25709]  ? __pfx_lock_acquire+0x10/0x10
[  626.866598][T25709]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  626.872316][T25709]  ? __pfx___might_resched+0x10/0x10
[  626.877611][T25709]  netlink_rcv_skb+0x1e3/0x430
[  626.882375][T25709]  ? __pfx_genl_rcv_msg+0x10/0x10
[  626.887407][T25709]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  626.892700][T25709]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  626.898169][T25709]  genl_rcv+0x28/0x40
[  626.902153][T25709]  netlink_unicast+0x7f6/0x990
[  626.906943][T25709]  ? __pfx_netlink_unicast+0x10/0x10
[  626.912229][T25709]  ? __virt_addr_valid+0x45f/0x530
[  626.917342][T25709]  ? __phys_addr_symbol+0x2f/0x70
[  626.922365][T25709]  ? __check_object_size+0x47a/0x730
[  626.927656][T25709]  netlink_sendmsg+0x8e4/0xcb0
[  626.932427][T25709]  ? __pfx_netlink_sendmsg+0x10/0x10
[  626.937713][T25709]  ? aa_sock_msg_perm+0x91/0x160
[  626.942651][T25709]  ? __pfx_netlink_sendmsg+0x10/0x10
[  626.947935][T25709]  __sock_sendmsg+0x221/0x270
[  626.952619][T25709]  ____sys_sendmsg+0x52a/0x7e0
[  626.957391][T25709]  ? __pfx_____sys_sendmsg+0x10/0x10
[  626.962675][T25709]  ? __fget_files+0x2a/0x410
[  626.967279][T25709]  ? __fget_files+0x2a/0x410
[  626.971880][T25709]  __sys_sendmsg+0x269/0x350
[  626.976468][T25709]  ? __pfx_lock_release+0x10/0x10
[  626.981493][T25709]  ? __pfx___sys_sendmsg+0x10/0x10
[  626.986632][T25709]  ? __pfx_vfs_write+0x10/0x10
[  626.991441][T25709]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  626.997784][T25709]  ? do_syscall_64+0x100/0x230
[  627.002551][T25709]  ? do_syscall_64+0xb6/0x230
[  627.007228][T25709]  do_syscall_64+0xf3/0x230
[  627.011737][T25709]  ? clear_bhb_loop+0x35/0x90
[  627.016415][T25709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  627.022305][T25709] RIP: 0033:0x7f3d3cb85d19
[  627.026718][T25709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  627.046356][T25709] RSP: 002b:00007f3d3d952038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  627.054800][T25709] RAX: ffffffffffffffda RBX: 00007f3d3cd75fa0 RCX: 00007f3d3cb85d19
[  627.062781][T25709] RDX: 0000000000044014 RSI: 0000000020000100 RDI: 0000000000000003
[  627.070756][T25709] RBP: 00007f3d3d952090 R08: 0000000000000000 R09: 0000000000000000
[  627.078728][T25709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  627.086699][T25709] R13: 0000000000000000 R14: 00007f3d3cd75fa0 R15: 00007ffe9a22aa58
[  627.094686][T25709]  </TASK>
[  627.440589][   T11] hsr_slave_0: left promiscuous mode
[  627.457460][   T11] hsr_slave_1: left promiscuous mode
[  627.481772][T25727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4132'.
[  627.499123][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  627.517818][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  627.522253][T25729] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4135'.
[  627.534686][T25729] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4135'.
[  627.561129][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  627.569785][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  627.607732][   T11] veth1_macvtap: left promiscuous mode
[  627.613273][   T11] veth0_macvtap: left promiscuous mode
[  627.622178][   T11] veth1_vlan: left promiscuous mode
[  627.627988][   T11] veth0_vlan: left promiscuous mode
[  627.666699][T25733] ipt_ECN: cannot use operation on non-tcp rule
[  627.674393][T22869] Bluetooth: hci0: command tx timeout
[  628.068507][   T11] team0 (unregistering): Port device team_slave_1 removed
[  628.119982][   T11] team0 (unregistering): Port device team_slave_0 removed
[  628.415266][ T3556] tipc: Subscription rejected, illegal request
[  628.426284][T25738] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4138'.
[  628.736547][T25672] chnl_net:caif_netlink_parms(): no params data found
[  628.871133][T25747] lo speed is unknown, defaulting to 1000
[  628.925627][T25755] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4143'.
[  628.960965][T25755] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4143'.
[  629.014377][T25762] atomic_op ffff8880332a0998 conn xmit_atomic 0000000000000000
[  629.056007][T25672] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.063155][T25672] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.086196][T25672] bridge_slave_0: entered allmulticast mode
[  629.093669][T25672] bridge_slave_0: entered promiscuous mode
[  629.209716][T25672] bridge0: port 2(bridge_slave_1) entered blocking state
[  629.217255][T25672] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.224912][T25672] bridge_slave_1: entered allmulticast mode
[  629.231973][T25672] bridge_slave_1: entered promiscuous mode
[  629.301325][T25773] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4148'.
[  629.353039][T25775] netlink: 'syz.1.4148': attribute type 1 has an invalid length.
[  629.484563][T25775] 8021q: adding VLAN 0 to HW filter on device bond1
[  629.564804][T25776] netlink: 'syz.3.4147': attribute type 10 has an invalid length.
[  629.582923][T25777] 8021q: adding VLAN 0 to HW filter on device bond1
[  629.596347][T25777] bond1: (slave vcan0): The slave device specified does not support setting the MAC address
[  629.614973][T25777] bond1: (slave vcan0): Error -95 calling set_mac_address
[  629.657737][T25672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  629.675535][T25770] netlink: 'syz.3.4147': attribute type 12 has an invalid length.
[  629.754152][T22869] Bluetooth: hci0: command tx timeout
[  629.761468][T25776] batman_adv: batadv0: Removing interface: team0
[  629.790899][T25793] ipt_ECN: cannot use operation on non-tcp rule
[  629.814979][T25672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.091093][T25672] team0: Port device team_slave_0 added
[  630.124766][T25672] team0: Port device team_slave_1 added
[  630.166243][T25672] batman_adv: batadv0: Adding interface: batadv_slave_0
[  630.185450][T25672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  630.285149][T25672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  630.338890][T25672] batman_adv: batadv0: Adding interface: batadv_slave_1
[  630.348361][T25672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  630.403917][T25672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  630.446006][T25816] netlink: 'syz.3.4158': attribute type 1 has an invalid length.
[  630.485408][T25816] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  630.504345][T25816] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  630.513398][T25816] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  630.522694][T25816] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  630.532016][T25816] geneve3: entered promiscuous mode
[  630.538175][T25816] geneve3: entered allmulticast mode
[  630.546215][T25816] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.555495][T25816] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.565047][T25816] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.574625][T25816] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  630.660265][T25672] hsr_slave_0: entered promiscuous mode
[  630.676581][T25672] hsr_slave_1: entered promiscuous mode
[  630.975734][T25831] openvswitch: netlink: IP tunnel dst address not specified
[  631.043003][T25831] __nla_validate_parse: 5 callbacks suppressed
[  631.043024][T25831] netlink: 260 bytes leftover after parsing attributes in process `syz.3.4163'.
[  631.106690][T25837] FAULT_INJECTION: forcing a failure.
[  631.106690][T25837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  631.121663][T25837] CPU: 1 UID: 0 PID: 25837 Comm: syz.2.4167 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  631.132482][T25837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  631.142572][T25837] Call Trace:
[  631.145879][T25837]  <TASK>
[  631.148837][T25837]  dump_stack_lvl+0x241/0x360
[  631.153557][T25837]  ? __pfx_dump_stack_lvl+0x10/0x10
[  631.158791][T25837]  ? __pfx__printk+0x10/0x10
[  631.163424][T25837]  ? __pfx_lock_release+0x10/0x10
[  631.168485][T25837]  should_fail_ex+0x3b0/0x4e0
[  631.173216][T25837]  _copy_from_user+0x2f/0xc0
[  631.177842][T25837]  __sys_bpf+0x1a4/0x810
[  631.182115][T25837]  ? __pfx___sys_bpf+0x10/0x10
[  631.186918][T25837]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  631.192929][T25837]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  631.199288][T25837]  ? do_syscall_64+0x100/0x230
[  631.204086][T25837]  __x64_sys_bpf+0x7c/0x90
[  631.208532][T25837]  do_syscall_64+0xf3/0x230
[  631.213061][T25837]  ? clear_bhb_loop+0x35/0x90
[  631.217762][T25837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.223676][T25837] RIP: 0033:0x7f3d3cb85d19
[  631.228108][T25837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  631.247745][T25837] RSP: 002b:00007f3d3d952038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  631.256199][T25837] RAX: ffffffffffffffda RBX: 00007f3d3cd75fa0 RCX: 00007f3d3cb85d19
[  631.264198][T25837] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a
[  631.272201][T25837] RBP: 00007f3d3d952090 R08: 0000000000000000 R09: 0000000000000000
[  631.280202][T25837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  631.288200][T25837] R13: 0000000000000000 R14: 00007f3d3cd75fa0 R15: 00007ffe9a22aa58
[  631.296216][T25837]  </TASK>
[  631.449267][T25672] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  631.480642][T25672] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  631.496638][T25672] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  631.506447][T25672] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  631.662268][T25672] 8021q: adding VLAN 0 to HW filter on device bond0
[  631.699878][T25672] 8021q: adding VLAN 0 to HW filter on device team0
[  631.725583][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  631.732731][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  631.781458][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  631.788662][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  631.803955][T16039] tipc: Subscription rejected, illegal request
[  631.811135][T25855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4171'.
[  631.834265][T22869] Bluetooth: hci0: command tx timeout
[  632.115558][T25875] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4174'.
[  632.128957][T25875] netlink: 120 bytes leftover after parsing attributes in process `syz.2.4174'.
[  632.481661][T25672] 8021q: adding VLAN 0 to HW filter on device batadv0
[  632.492348][T25898] netlink: 'syz.3.4178': attribute type 2 has an invalid length.
[  632.502741][T25898] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4178'.
[  632.543514][T25672] veth0_vlan: entered promiscuous mode
[  632.567536][T25672] veth1_vlan: entered promiscuous mode
[  632.665709][T25672] veth0_macvtap: entered promiscuous mode
[  632.675250][T25672] veth1_macvtap: entered promiscuous mode
[  632.691295][T25672] batman_adv: batadv0: Interface activated: batadv_slave_0
[  632.701813][T25672] batman_adv: batadv0: Interface activated: batadv_slave_1
[  632.718707][ T2910] tipc: Subscription rejected, illegal request
[  632.726193][T25904] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4180'.
[  632.727606][T25672] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  632.744613][T25672] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  632.753330][T25672] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  632.762665][T25672] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  633.010448][T16039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  633.060459][T16039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.154856][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  633.169054][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.332535][T25930] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4187'.
[  633.568775][T25938] netlink: 120 bytes leftover after parsing attributes in process `syz.2.4189'.
[  633.593206][T25938] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  633.726099][T25949] FAULT_INJECTION: forcing a failure.
[  633.726099][T25949] name failslab, interval 1, probability 0, space 0, times 0
[  633.745474][T25949] CPU: 0 UID: 0 PID: 25949 Comm: syz.2.4191 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  633.756301][T25949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  633.766390][T25949] Call Trace:
[  633.769700][T25949]  <TASK>
[  633.772660][T25949]  dump_stack_lvl+0x241/0x360
[  633.777381][T25949]  ? __pfx_dump_stack_lvl+0x10/0x10
[  633.782622][T25949]  ? __pfx__printk+0x10/0x10
[  633.787254][T25949]  ? __kmalloc_noprof+0xb5/0x4c0
[  633.792234][T25949]  ? __pfx___might_resched+0x10/0x10
[  633.797557][T25949]  should_fail_ex+0x3b0/0x4e0
[  633.802282][T25949]  should_failslab+0xac/0x100
[  633.806992][T25949]  __kmalloc_noprof+0xdd/0x4c0
[  633.811768][T25949]  ? nla_strdup+0x9c/0x140
[  633.816192][T25949]  ? __kasan_kmalloc+0x98/0xb0
[  633.820960][T25949]  nla_strdup+0x9c/0x140
[  633.825205][T25949]  nf_tables_newchain+0x2102/0x3310
[  633.830422][T25949]  ? __pfx_nf_tables_newchain+0x10/0x10
[  633.835986][T25949]  ? __pfx_lock_acquire+0x10/0x10
[  633.841013][T25949]  ? nfnl_pernet+0x23/0x240
[  633.845515][T25949]  ? __pfx_lock_release+0x10/0x10
[  633.850545][T25949]  ? __nla_parse+0x40/0x60
[  633.854965][T25949]  nfnetlink_rcv+0x14e3/0x2ab0
[  633.859755][T25949]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  633.864907][T25949]  ? netlink_deliver_tap+0x2e/0x1b0
[  633.870103][T25949]  ? skb_clone+0x240/0x390
[  633.874517][T25949]  ? __pfx_lock_release+0x10/0x10
[  633.879549][T25949]  ? netlink_deliver_tap+0x2e/0x1b0
[  633.884746][T25949]  netlink_unicast+0x7f6/0x990
[  633.889522][T25949]  ? __pfx_netlink_unicast+0x10/0x10
[  633.894819][T25949]  ? __virt_addr_valid+0x45f/0x530
[  633.899933][T25949]  ? __phys_addr_symbol+0x2f/0x70
[  633.904962][T25949]  ? __check_object_size+0x47a/0x730
[  633.910253][T25949]  netlink_sendmsg+0x8e4/0xcb0
[  633.915026][T25949]  ? __pfx_netlink_sendmsg+0x10/0x10
[  633.920310][T25949]  ? aa_sock_msg_perm+0x91/0x160
[  633.925251][T25949]  ? __pfx_netlink_sendmsg+0x10/0x10
[  633.930530][T25949]  __sock_sendmsg+0x221/0x270
[  633.935210][T25949]  ____sys_sendmsg+0x52a/0x7e0
[  633.939978][T25949]  ? __pfx_____sys_sendmsg+0x10/0x10
[  633.945259][T25949]  ? __fget_files+0x2a/0x410
[  633.949852][T25949]  ? __fget_files+0x2a/0x410
[  633.954448][T25949]  __sys_sendmsg+0x269/0x350
[  633.959035][T25949]  ? __pfx_lock_release+0x10/0x10
[  633.964063][T25949]  ? __pfx___sys_sendmsg+0x10/0x10
[  633.969182][T25949]  ? __pfx_vfs_write+0x10/0x10
[  633.973963][T25949]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  633.980289][T25949]  ? do_syscall_64+0x100/0x230
[  633.985050][T25949]  ? do_syscall_64+0xb6/0x230
[  633.989732][T25949]  do_syscall_64+0xf3/0x230
[  633.994238][T25949]  ? clear_bhb_loop+0x35/0x90
[  633.998916][T25949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.004807][T25949] RIP: 0033:0x7f3d3cb85d19
[  634.009220][T25949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  634.028840][T25949] RSP: 002b:00007f3d3d952038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  634.037280][T25949] RAX: ffffffffffffffda RBX: 00007f3d3cd75fa0 RCX: 00007f3d3cb85d19
[  634.045267][T25949] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003
[  634.053245][T25949] RBP: 00007f3d3d952090 R08: 0000000000000000 R09: 0000000000000000
[  634.061218][T25949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  634.069189][T25949] R13: 0000000000000000 R14: 00007f3d3cd75fa0 R15: 00007ffe9a22aa58
[  634.077178][T25949]  </TASK>
[  634.402212][T25959] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4193'.
[  634.434795][T25959] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4193'.
[  634.849203][T25993] netlink: 'syz.1.4201': attribute type 2 has an invalid length.
[  635.167752][T15638] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.226552][T15638] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.276321][T15638] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.333296][T15638] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.536261][T15638] bridge_slave_1: left allmulticast mode
[  636.541980][T15638] bridge_slave_1: left promiscuous mode
[  636.563081][T15638] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.588306][T15638] bridge_slave_0: left allmulticast mode
[  636.597363][T15638] bridge_slave_0: left promiscuous mode
[  636.603123][T15638] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.936524][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  636.952723][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  636.965115][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  636.983341][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  637.003025][ T5836] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  637.011486][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  637.209801][T15638] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  637.220555][T15638] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  637.231468][T15638] bond0 (unregistering): Released all slaves
[  637.310604][T26068] lo speed is unknown, defaulting to 1000
[  637.672971][T26090] Bluetooth: MGMT ver 1.23
[  637.709359][T26084] vlan3: entered promiscuous mode
[  637.719457][T26084] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  638.050552][T26111] tipc: Enabling <eth:lo> not permitted
[  638.074871][T26111] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  638.118003][T26102] bridge0: port 2(veth0_to_bridge) entered blocking state
[  638.128882][T26102] bridge0: port 2(veth0_to_bridge) entered disabled state
[  638.138220][T26102] veth0_to_bridge: entered allmulticast mode
[  638.159768][T26102] veth0_to_bridge: entered promiscuous mode
[  638.175608][T26102] bridge0: port 2(veth0_to_bridge) entered blocking state
[  638.182892][T26102] bridge0: port 2(veth0_to_bridge) entered forwarding state
[  638.359241][T15638] hsr_slave_0: left promiscuous mode
[  638.370669][T15638] hsr_slave_1: left promiscuous mode
[  638.387702][T15638] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  638.399457][T15638] batman_adv: batadv0: Removing interface: batadv_slave_0
[  638.414969][T15638] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  638.422600][T15638] batman_adv: batadv0: Removing interface: batadv_slave_1
[  638.458673][T15638] veth1_macvtap: left promiscuous mode
[  638.464531][T15638] veth0_macvtap: left promiscuous mode
[  638.471281][T15638] veth1_vlan: left promiscuous mode
[  638.477099][T15638] veth0_vlan: left promiscuous mode
[  638.501798][ T2910] tipc: Subscription rejected, illegal request
[  638.509046][T26130] __nla_validate_parse: 2 callbacks suppressed
[  638.509063][T26130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4223'.
[  638.804558][T26135] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4225'.
[  639.029639][T15638] team0 (unregistering): Port device team_slave_1 removed
[  639.075725][T15638] team0 (unregistering): Port device team_slave_0 removed
[  639.114676][T22869] Bluetooth: hci0: command tx timeout
[  639.810513][T26068] chnl_net:caif_netlink_parms(): no params data found
[  640.082579][T26068] bridge0: port 1(bridge_slave_0) entered blocking state
[  640.109894][T26068] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.117647][T26068] bridge_slave_0: entered allmulticast mode
[  640.130643][T26068] bridge_slave_0: entered promiscuous mode
[  640.151458][T26068] bridge0: port 2(bridge_slave_1) entered blocking state
[  640.175601][T26068] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.187078][T26068] bridge_slave_1: entered allmulticast mode
[  640.194897][T26068] bridge_slave_1: entered promiscuous mode
[  640.267505][T26068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  640.306462][T26068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  640.461434][T26068] team0: Port device team_slave_0 added
[  640.481475][T26068] team0: Port device team_slave_1 added
[  640.588363][T26068] batman_adv: batadv0: Adding interface: batadv_slave_0
[  640.602484][T26196] FAULT_INJECTION: forcing a failure.
[  640.602484][T26196] name failslab, interval 1, probability 0, space 0, times 0
[  640.618490][T26068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  640.663604][T26196] CPU: 0 UID: 0 PID: 26196 Comm: syz.3.4241 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  640.674436][T26196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  640.684523][T26196] Call Trace:
[  640.687833][T26196]  <TASK>
[  640.690796][T26196]  dump_stack_lvl+0x241/0x360
[  640.695517][T26196]  ? __pfx_dump_stack_lvl+0x10/0x10
[  640.700759][T26196]  ? __pfx__printk+0x10/0x10
[  640.705393][T26196]  ? __kmalloc_noprof+0xb5/0x4c0
[  640.710412][T26196]  ? __pfx___might_resched+0x10/0x10
[  640.715745][T26196]  should_fail_ex+0x3b0/0x4e0
[  640.720474][T26196]  should_failslab+0xac/0x100
[  640.725195][T26196]  __kmalloc_noprof+0xdd/0x4c0
[  640.730009][T26196]  ? iter_file_splice_write+0x303/0x1510
[  640.735683][T26196]  iter_file_splice_write+0x303/0x1510
[  640.741210][T26196]  ? __pfx_iter_file_splice_write+0x10/0x10
[  640.747157][T26196]  ? rcu_read_lock_any_held+0xb7/0x160
[  640.752658][T26196]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  640.758599][T26196]  ? __pfx_iter_file_splice_write+0x10/0x10
[  640.764522][T26196]  do_splice+0xd68/0x18e0
[  640.768891][T26196]  ? __pfx_lock_release+0x10/0x10
[  640.773963][T26196]  ? vfs_write+0x730/0xd30
[  640.778410][T26196]  ? __mutex_unlock_slowpath+0x21e/0x790
[  640.784084][T26196]  ? pipe_clear_nowait+0x196/0x220
[  640.789243][T26196]  ? __pfx_do_splice+0x10/0x10
[  640.794033][T26196]  ? __fget_files+0x2a/0x410
[  640.798656][T26196]  __se_sys_splice+0x2e0/0x450
[  640.803455][T26196]  ? __pfx___se_sys_splice+0x10/0x10
[  640.808774][T26196]  ? do_syscall_64+0x100/0x230
[  640.813571][T26196]  ? __x64_sys_splice+0x21/0xf0
[  640.818456][T26196]  do_syscall_64+0xf3/0x230
[  640.822985][T26196]  ? clear_bhb_loop+0x35/0x90
[  640.827696][T26196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.833615][T26196] RIP: 0033:0x7f0971b85d19
[  640.838049][T26196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.857654][T26196] RSP: 002b:00007f09729f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  640.864069][T26068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  640.866056][T26196] RAX: ffffffffffffffda RBX: 00007f0971d75fa0 RCX: 00007f0971b85d19
[  640.866105][T26196] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004
[  640.882809][T26068] batman_adv: batadv0: Adding interface: batadv_slave_1
[  640.884530][T26196] RBP: 00007f09729f2090 R08: 001100000000f336 R09: 0000000000000000
[  640.884549][T26196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  640.884561][T26196] R13: 0000000000000000 R14: 00007f0971d75fa0 R15: 00007fffc1ae0ab8
[  640.884591][T26196]  </TASK>
[  640.896507][T26068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  640.957662][T26068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  640.977516][T26200] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4240'.
[  641.193367][T26068] hsr_slave_0: entered promiscuous mode
[  641.194080][T22869] Bluetooth: hci0: command tx timeout
[  641.254556][T26068] hsr_slave_1: entered promiscuous mode
[  641.265474][T26212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4244'.
[  641.469778][T26215] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4245'.
[  641.570171][T26212] macvtap1: entered promiscuous mode
[  641.576041][T26212] macvtap1: entered allmulticast mode
[  641.581644][T26212] erspan0: entered allmulticast mode
[  641.605615][T26222] erspan0: left allmulticast mode
[  641.841875][T26250] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4250'.
[  641.939729][T26257] netlink: 'syz.3.4252': attribute type 10 has an invalid length.
[  641.964881][T26250] FAULT_INJECTION: forcing a failure.
[  641.964881][T26250] name failslab, interval 1, probability 0, space 0, times 0
[  641.994777][T26250] CPU: 1 UID: 0 PID: 26250 Comm: syz.2.4250 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  642.005613][T26250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  642.015702][T26250] Call Trace:
[  642.019011][T26250]  <TASK>
[  642.021976][T26250]  dump_stack_lvl+0x241/0x360
[  642.026690][T26250]  ? __pfx_dump_stack_lvl+0x10/0x10
[  642.031923][T26250]  ? __pfx__printk+0x10/0x10
[  642.036563][T26250]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  642.041967][T26250]  ? __pfx___might_resched+0x10/0x10
[  642.047273][T26250]  should_fail_ex+0x3b0/0x4e0
[  642.051980][T26250]  should_failslab+0xac/0x100
[  642.056671][T26250]  __kmalloc_node_noprof+0xe1/0x4d0
[  642.061922][T26250]  ? __kvmalloc_node_noprof+0x72/0x190
[  642.067399][T26250]  ? __pfx_macvlan_setup+0x10/0x10
[  642.072566][T26250]  __kvmalloc_node_noprof+0x72/0x190
[  642.077854][T26250]  alloc_netdev_mqs+0xa4/0x1080
[  642.082732][T26250]  ? __pfx_macvlan_setup+0x10/0x10
[  642.087966][T26250]  ? __pfx_snprintf+0x10/0x10
[  642.092670][T26250]  ? rcu_is_watching+0x15/0xb0
[  642.097460][T26250]  rtnl_create_link+0x2f9/0xc20
[  642.102332][T26250]  rtnl_newlink_create+0x210/0xa40
[  642.104481][T26262] netlink: 'syz.4.4253': attribute type 1 has an invalid length.
[  642.107451][T26250]  ? __pfx___mutex_lock+0x10/0x10
[  642.120197][T26250]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  642.121733][T26262] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4253'.
[  642.125853][T26250]  ? ns_capable+0x8a/0xf0
[  642.125891][T26250]  rtnl_newlink+0x160d/0x2150
[  642.125928][T26250]  ? __pfx_rtnl_newlink+0x10/0x10
[  642.125948][T26250]  ? __netlink_deliver_tap+0x56b/0x7f0
[  642.125969][T26250]  ? __pfx_validate_chain+0x10/0x10
[  642.125989][T26250]  ? __sock_sendmsg+0x221/0x270
[  642.126011][T26250]  ? ____sys_sendmsg+0x52a/0x7e0
[  642.126029][T26250]  ? __sys_sendmsg+0x269/0x350
[  642.126056][T26250]  ? do_syscall_64+0xf3/0x230
[  642.178910][T26250]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.185029][T26250]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  642.191065][T26250]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  642.197439][T26250]  ? mark_lock+0x9a/0x360
[  642.201806][T26250]  ? __lock_acquire+0x1397/0x2100
[  642.206897][T26250]  ? __pfx_lock_release+0x10/0x10
[  642.211971][T26250]  ? __pfx_rtnl_newlink+0x10/0x10
[  642.217028][T26250]  rtnetlink_rcv_msg+0x791/0xcf0
[  642.221997][T26250]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  642.227144][T26250]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  642.232633][T26250]  ? ref_tracker_free+0x643/0x7e0
[  642.237684][T26250]  netlink_rcv_skb+0x1e3/0x430
[  642.242466][T26250]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  642.247945][T26250]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  642.253290][T26250]  ? netlink_deliver_tap+0x2e/0x1b0
[  642.258507][T26250]  netlink_unicast+0x7f6/0x990
[  642.263322][T26250]  ? __pfx_netlink_unicast+0x10/0x10
[  642.268619][T26250]  ? __virt_addr_valid+0x45f/0x530
[  642.273739][T26250]  ? __phys_addr_symbol+0x2f/0x70
[  642.278772][T26250]  ? __check_object_size+0x47a/0x730
[  642.284080][T26250]  netlink_sendmsg+0x8e4/0xcb0
[  642.288858][T26250]  ? __pfx_netlink_sendmsg+0x10/0x10
[  642.294159][T26250]  ? aa_sock_msg_perm+0x91/0x160
[  642.299127][T26250]  ? __pfx_netlink_sendmsg+0x10/0x10
[  642.304456][T26250]  __sock_sendmsg+0x221/0x270
[  642.309174][T26250]  ____sys_sendmsg+0x52a/0x7e0
[  642.313975][T26250]  ? __pfx_____sys_sendmsg+0x10/0x10
[  642.319291][T26250]  ? __fget_files+0x2a/0x410
[  642.323901][T26250]  ? __fget_files+0x2a/0x410
[  642.328510][T26250]  __sys_sendmsg+0x269/0x350
[  642.333099][T26250]  ? __pfx_lock_release+0x10/0x10
[  642.338125][T26250]  ? __pfx___sys_sendmsg+0x10/0x10
[  642.343247][T26250]  ? __pfx_vfs_write+0x10/0x10
[  642.348036][T26250]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  642.354364][T26250]  ? do_syscall_64+0x100/0x230
[  642.359137][T26250]  ? do_syscall_64+0xb6/0x230
[  642.363812][T26250]  do_syscall_64+0xf3/0x230
[  642.368321][T26250]  ? clear_bhb_loop+0x35/0x90
[  642.373001][T26250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.378899][T26250] RIP: 0033:0x7f3d3cb85d19
[  642.383312][T26250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.402930][T26250] RSP: 002b:00007f3d3d952038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  642.411349][T26250] RAX: ffffffffffffffda RBX: 00007f3d3cd75fa0 RCX: 00007f3d3cb85d19
[  642.419334][T26250] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 000000000000000b
[  642.427302][T26250] RBP: 00007f3d3d952090 R08: 0000000000000000 R09: 0000000000000000
[  642.435274][T26250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.443243][T26250] R13: 0000000000000000 R14: 00007f3d3cd75fa0 R15: 00007ffe9a22aa58
[  642.451229][T26250]  </TASK>
[  642.477436][T26257] team0: Device ipvlan1 failed to register rx_handler
[  642.521867][T26263] veth0_vlan: entered allmulticast mode
[  642.761006][T26272] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4255'.
[  642.925146][T26278] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4257'.
[  642.989865][T26278] 8021q: adding VLAN 0 to HW filter on device bond3
[  643.015585][T26278] bond3: (slave bridge3): Enslaving as an active interface with an up link
[  643.037644][T26068] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  643.074512][T26068] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  643.148334][T26068] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  643.172399][T26068] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  643.274146][T22869] Bluetooth: hci0: command tx timeout
[  643.329846][T26068] 8021q: adding VLAN 0 to HW filter on device bond0
[  643.346042][T26068] 8021q: adding VLAN 0 to HW filter on device team0
[  643.388186][T16039] bridge0: port 1(bridge_slave_0) entered blocking state
[  643.395385][T16039] bridge0: port 1(bridge_slave_0) entered forwarding state
[  643.445562][T15638] bridge0: port 2(bridge_slave_1) entered blocking state
[  643.452740][T15638] bridge0: port 2(bridge_slave_1) entered forwarding state
[  643.548134][T26306] tipc: Enabled bearer <ib:ip_vti0>, priority 10
[  643.570320][T26308] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4263'.
[  643.977768][   T35] tipc: Subscription rejected, illegal request
[  643.999520][T26325] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4268'.
[  644.002851][T26068] 8021q: adding VLAN 0 to HW filter on device batadv0
[  644.208931][T26068] veth0_vlan: entered promiscuous mode
[  644.219767][T26068] veth1_vlan: entered promiscuous mode
[  644.243137][T26068] veth0_macvtap: entered promiscuous mode
[  644.255707][T26068] veth1_macvtap: entered promiscuous mode
[  644.276115][T26068] batman_adv: batadv0: Interface activated: batadv_slave_0
[  644.286800][T26068] batman_adv: batadv0: Interface activated: batadv_slave_1
[  644.302344][T26068] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  644.311342][T26068] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  644.320180][T26068] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  644.328996][T26068] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  644.675988][T25460] tipc: Node number set to 4278255617
[  644.704571][T26357] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4275'.
[  644.705468][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  644.784089][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  644.881285][T16039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  644.904046][T16039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  645.236307][ T2910] tipc: Subscription rejected, illegal request
[  645.247297][T26380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4281'.
[  645.443384][T26382] infiniband s: set active
[  645.477907][T26382] team0: left allmulticast mode
[  645.490820][T26382] team0: left promiscuous mode
[  645.516163][T26382] bridge0: port 1(team0) entered disabled state
[  645.567835][T26382] veth0_to_bridge: left allmulticast mode
[  645.597722][T26382] veth0_to_bridge: left promiscuous mode
[  645.618516][T26382] bridge0: port 2(veth0_to_bridge) entered disabled state
[  645.703182][T26382] bond0: (slave wlan1): Releasing backup interface
[  645.763449][T26382] bond1: (slave vti0): Releasing backup interface
[  645.813104][  T973] lo speed is unknown, defaulting to 1000
[  646.019592][T26412] FAULT_INJECTION: forcing a failure.
[  646.019592][T26412] name failslab, interval 1, probability 0, space 0, times 0
[  646.084098][T26412] CPU: 1 UID: 0 PID: 26412 Comm: syz.1.4286 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  646.094925][T26412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  646.105012][T26412] Call Trace:
[  646.108302][T26412]  <TASK>
[  646.111252][T26412]  dump_stack_lvl+0x241/0x360
[  646.115961][T26412]  ? __pfx_dump_stack_lvl+0x10/0x10
[  646.121181][T26412]  ? __pfx__printk+0x10/0x10
[  646.125884][T26412]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  646.131283][T26412]  ? __pfx___might_resched+0x10/0x10
[  646.136584][T26412]  should_fail_ex+0x3b0/0x4e0
[  646.141276][T26412]  should_failslab+0xac/0x100
[  646.145955][T26412]  __kmalloc_node_noprof+0xe1/0x4d0
[  646.151155][T26412]  ? __kvmalloc_node_noprof+0x72/0x190
[  646.156617][T26412]  __kvmalloc_node_noprof+0x72/0x190
[  646.161898][T26412]  nf_tables_newchain+0x22eb/0x3310
[  646.167113][T26412]  ? __pfx_nf_tables_newchain+0x10/0x10
[  646.172671][T26412]  ? __pfx_lock_acquire+0x10/0x10
[  646.177694][T26412]  ? nfnl_pernet+0x23/0x240
[  646.182217][T26412]  ? __pfx_lock_release+0x10/0x10
[  646.187275][T26412]  ? __nla_parse+0x40/0x60
[  646.191707][T26412]  nfnetlink_rcv+0x14e3/0x2ab0
[  646.196504][T26412]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  646.201655][T26412]  ? netlink_deliver_tap+0x2e/0x1b0
[  646.206848][T26412]  ? skb_clone+0x240/0x390
[  646.211264][T26412]  ? __pfx_lock_release+0x10/0x10
[  646.216306][T26412]  ? netlink_deliver_tap+0x2e/0x1b0
[  646.221503][T26412]  netlink_unicast+0x7f6/0x990
[  646.226272][T26412]  ? __pfx_netlink_unicast+0x10/0x10
[  646.231589][T26412]  ? __virt_addr_valid+0x45f/0x530
[  646.236735][T26412]  ? __phys_addr_symbol+0x2f/0x70
[  646.241797][T26412]  ? __check_object_size+0x47a/0x730
[  646.247102][T26412]  netlink_sendmsg+0x8e4/0xcb0
[  646.251879][T26412]  ? __pfx_netlink_sendmsg+0x10/0x10
[  646.257168][T26412]  ? aa_sock_msg_perm+0x91/0x160
[  646.262108][T26412]  ? __pfx_netlink_sendmsg+0x10/0x10
[  646.267387][T26412]  __sock_sendmsg+0x221/0x270
[  646.272069][T26412]  ____sys_sendmsg+0x52a/0x7e0
[  646.276837][T26412]  ? __pfx_____sys_sendmsg+0x10/0x10
[  646.282120][T26412]  ? __fget_files+0x2a/0x410
[  646.286724][T26412]  ? __fget_files+0x2a/0x410
[  646.291321][T26412]  __sys_sendmsg+0x269/0x350
[  646.295910][T26412]  ? __pfx_lock_release+0x10/0x10
[  646.300935][T26412]  ? __pfx___sys_sendmsg+0x10/0x10
[  646.306099][T26412]  ? __pfx_vfs_write+0x10/0x10
[  646.310916][T26412]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  646.317259][T26412]  ? do_syscall_64+0x100/0x230
[  646.322026][T26412]  ? do_syscall_64+0xb6/0x230
[  646.326726][T26412]  do_syscall_64+0xf3/0x230
[  646.331252][T26412]  ? clear_bhb_loop+0x35/0x90
[  646.335943][T26412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.341838][T26412] RIP: 0033:0x7fcaf6385d19
[  646.346252][T26412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.365859][T26412] RSP: 002b:00007fcaf41f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  646.374279][T26412] RAX: ffffffffffffffda RBX: 00007fcaf6575fa0 RCX: 00007fcaf6385d19
[  646.382247][T26412] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003
[  646.390219][T26412] RBP: 00007fcaf41f6090 R08: 0000000000000000 R09: 0000000000000000
[  646.398194][T26412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  646.406167][T26412] R13: 0000000000000000 R14: 00007fcaf6575fa0 R15: 00007ffe2e572658
[  646.414154][T26412]  </TASK>
[  646.469104][T15638] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  646.528818][T26415] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4287'.
[  646.625010][T26415] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4287'.
[  646.655248][T16039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  646.663122][T16039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  647.235665][T15638] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.468586][T15638] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.556985][T15638] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.712016][T15638] bridge_slave_1: left allmulticast mode
[  647.719885][T15638] bridge_slave_1: left promiscuous mode
[  647.725756][T15638] bridge0: port 2(bridge_slave_1) entered disabled state
[  647.735659][T15638] bridge_slave_0: left allmulticast mode
[  647.741349][T15638] bridge_slave_0: left promiscuous mode
[  647.747993][T15638] bridge0: port 1(bridge_slave_0) entered disabled state
[  648.192233][T16039] tipc: Subscription rejected, illegal request
[  648.211439][T26482] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4292'.
[  648.375378][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  648.387216][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  648.403254][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  648.414358][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  648.423016][ T5836] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  648.436976][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  648.631413][T15638] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  648.642675][T15638] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  648.653292][T15638] bond0 (unregistering): Released all slaves
[  648.665695][T26473] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4291'.
[  648.740164][T26487] lo speed is unknown, defaulting to 1000
[  648.925396][T26499] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4293'.
[  649.008631][T26501] tipc: Enabled bearer <udp:syz2>, priority 10
[  649.153719][T26506] lo speed is unknown, defaulting to 1000
[  649.659443][T26487] chnl_net:caif_netlink_parms(): no params data found
[  649.787834][T15638] hsr_slave_0: left promiscuous mode
[  649.819600][T15638] hsr_slave_1: left promiscuous mode
[  649.826491][T15638] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  649.834880][T15638] batman_adv: batadv0: Removing interface: batadv_slave_0
[  649.843419][T15638] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  649.855590][T15638] batman_adv: batadv0: Removing interface: batadv_slave_1
[  649.896271][T15638] veth1_macvtap: left promiscuous mode
[  649.901933][T15638] veth0_macvtap: left promiscuous mode
[  649.907976][T15638] veth1_vlan: left promiscuous mode
[  649.915718][T15638] veth0_vlan: left promiscuous mode
[  650.134168][T25460] tipc: Node number set to 4278255617
[  650.447709][T15638] team0 (unregistering): Port device team_slave_1 removed
[  650.475068][ T5836] Bluetooth: hci0: command tx timeout
[  650.510273][T15638] team0 (unregistering): Port device team_slave_0 removed
[  651.386741][T26562] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4305'.
[  651.584238][T26563] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4306'.
[  651.606560][T26487] bridge0: port 1(bridge_slave_0) entered blocking state
[  651.638546][T26487] bridge0: port 1(bridge_slave_0) entered disabled state
[  651.658069][T26487] bridge_slave_0: entered allmulticast mode
[  651.679837][T26487] bridge_slave_0: entered promiscuous mode
[  651.718392][T26487] bridge0: port 2(bridge_slave_1) entered blocking state
[  651.744720][T26487] bridge0: port 2(bridge_slave_1) entered disabled state
[  651.752012][T26487] bridge_slave_1: entered allmulticast mode
[  651.769699][T26487] bridge_slave_1: entered promiscuous mode
[  651.865601][T26487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  651.912606][T26487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  652.046878][T26487] team0: Port device team_slave_0 added
[  652.125174][T26487] team0: Port device team_slave_1 added
[  652.333972][T26603] netlink: set zone limit has 8 unknown bytes
[  652.351565][T26487] batman_adv: batadv0: Adding interface: batadv_slave_0
[  652.362436][T26487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  652.419728][T26487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  652.506304][T26487] batman_adv: batadv0: Adding interface: batadv_slave_1
[  652.554673][ T5836] Bluetooth: hci0: command tx timeout
[  652.556338][T26487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  652.677393][T26487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  652.908612][T26624] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4321'.
[  652.957228][T26622] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4319'.
[  652.969896][T26631] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4322'.
[  653.138011][T26640] netlink: 'syz.3.4326': attribute type 1 has an invalid length.
[  653.160811][T26487] hsr_slave_0: entered promiscuous mode
[  653.200003][T26487] hsr_slave_1: entered promiscuous mode
[  653.248652][T26651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4325'.
[  653.263471][T26640] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  653.633545][T26650] bridge7: the hash_elasticity option has been deprecated and is always 16
[  653.839727][T26683] netlink: 'syz.2.4334': attribute type 5 has an invalid length.
[  653.871179][T26683] netlink: 4542 bytes leftover after parsing attributes in process `syz.2.4334'.
[  654.269478][T26686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4335'.
[  654.308244][T26705] FAULT_INJECTION: forcing a failure.
[  654.308244][T26705] name failslab, interval 1, probability 0, space 0, times 0
[  654.321408][T26705] CPU: 0 UID: 0 PID: 26705 Comm: syz.1.4341 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  654.332206][T26705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  654.342290][T26705] Call Trace:
[  654.345596][T26705]  <TASK>
[  654.348547][T26705]  dump_stack_lvl+0x241/0x360
[  654.353257][T26705]  ? __pfx_dump_stack_lvl+0x10/0x10
[  654.358492][T26705]  ? __pfx__printk+0x10/0x10
[  654.363125][T26705]  ? __pfx_lock_acquire+0x10/0x10
[  654.368187][T26705]  should_fail_ex+0x3b0/0x4e0
[  654.372905][T26705]  should_failslab+0xac/0x100
[  654.377619][T26705]  ? skb_clone+0x20c/0x390
[  654.382064][T26705]  kmem_cache_alloc_noprof+0x70/0x380
[  654.387468][T26705]  skb_clone+0x20c/0x390
[  654.391727][T26705]  packet_rcv+0x633/0x14b0
[  654.396147][T26705]  ? __pfx_packet_rcv_fanout+0x10/0x10
[  654.401606][T26705]  dev_queue_xmit_nit+0x6b4/0xca0
[  654.406626][T26705]  ? dev_queue_xmit_nit+0x2b/0xca0
[  654.411740][T26705]  dev_hard_start_xmit+0x15f/0x7d0
[  654.416850][T26705]  ? __pfx_validate_xmit_skb+0x10/0x10
[  654.422312][T26705]  __dev_queue_xmit+0x1b73/0x3f50
[  654.427338][T26705]  ? kasan_save_track+0x51/0x80
[  654.432192][T26705]  ? ____sys_sendmsg+0x52a/0x7e0
[  654.437131][T26705]  ? __dev_queue_xmit+0x2f4/0x3f50
[  654.442243][T26705]  ? __pfx___dev_queue_xmit+0x10/0x10
[  654.447625][T26705]  ? __copy_skb_header+0x437/0x5b0
[  654.452734][T26705]  ? __asan_memcpy+0x40/0x70
[  654.457324][T26705]  ? __copy_skb_header+0x437/0x5b0
[  654.462437][T26705]  ? __skb_clone+0x454/0x6c0
[  654.467034][T26705]  ? skb_clone+0x240/0x390
[  654.471447][T26705]  __netlink_deliver_tap+0x56b/0x7f0
[  654.476740][T26705]  ? netlink_deliver_tap+0x2e/0x1b0
[  654.481941][T26705]  netlink_deliver_tap+0x19d/0x1b0
[  654.487050][T26705]  netlink_unicast+0x7c4/0x990
[  654.491820][T26705]  ? __pfx_netlink_unicast+0x10/0x10
[  654.497104][T26705]  ? __virt_addr_valid+0x45f/0x530
[  654.502212][T26705]  ? __phys_addr_symbol+0x2f/0x70
[  654.507232][T26705]  ? __check_object_size+0x47a/0x730
[  654.512522][T26705]  netlink_sendmsg+0x8e4/0xcb0
[  654.517291][T26705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  654.522577][T26705]  ? aa_sock_msg_perm+0x91/0x160
[  654.527517][T26705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  654.532804][T26705]  __sock_sendmsg+0x221/0x270
[  654.537494][T26705]  ____sys_sendmsg+0x52a/0x7e0
[  654.542262][T26705]  ? __pfx_____sys_sendmsg+0x10/0x10
[  654.547543][T26705]  ? __fget_files+0x2a/0x410
[  654.552137][T26705]  ? __fget_files+0x2a/0x410
[  654.556731][T26705]  __sys_sendmsg+0x269/0x350
[  654.561322][T26705]  ? __pfx_lock_release+0x10/0x10
[  654.566346][T26705]  ? __pfx___sys_sendmsg+0x10/0x10
[  654.571465][T26705]  ? __pfx_vfs_write+0x10/0x10
[  654.576247][T26705]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  654.582574][T26705]  ? do_syscall_64+0x100/0x230
[  654.587337][T26705]  ? do_syscall_64+0xb6/0x230
[  654.592014][T26705]  do_syscall_64+0xf3/0x230
[  654.596513][T26705]  ? clear_bhb_loop+0x35/0x90
[  654.601188][T26705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.607074][T26705] RIP: 0033:0x7fcaf6385d19
[  654.611488][T26705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.631091][T26705] RSP: 002b:00007fcaf41f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  654.639507][T26705] RAX: ffffffffffffffda RBX: 00007fcaf6575fa0 RCX: 00007fcaf6385d19
[  654.647474][T26705] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  654.655442][T26705] RBP: 00007fcaf41f6090 R08: 0000000000000000 R09: 0000000000000000
[  654.663410][T26705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  654.671378][T26705] R13: 0000000000000000 R14: 00007fcaf6575fa0 R15: 00007ffe2e572658
[  654.679360][T26705]  </TASK>
[  654.686857][ T5836] Bluetooth: hci0: command tx timeout
[  654.740675][T26709] ax25_connect(): syz.2.4342 uses autobind, please contact jreuter@yaina.de
[  654.758326][T26709] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4342'.
[  655.028435][T26487] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  655.061757][T26723] netlink: 'syz.1.4348': attribute type 1 has an invalid length.
[  655.073944][T26487] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  655.104123][T26723] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4348'.
[  655.111584][T26487] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  655.159002][T26723] geneve2: entered promiscuous mode
[  655.178526][T26723] geneve2: entered allmulticast mode
[  655.207647][T26727] netlink: 'syz.3.4349': attribute type 9 has an invalid length.
[  655.215892][T26727] netlink: 'syz.3.4349': attribute type 7 has an invalid length.
[  655.223658][T26727] netlink: 'syz.3.4349': attribute type 8 has an invalid length.
[  655.290482][T26735] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  655.299478][T26487] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  655.691533][T26487] 8021q: adding VLAN 0 to HW filter on device bond0
[  655.813215][T26487] 8021q: adding VLAN 0 to HW filter on device team0
[  655.885373][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  655.892578][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  655.985205][ T2910] bridge0: port 2(bridge_slave_1) entered blocking state
[  655.992356][ T2910] bridge0: port 2(bridge_slave_1) entered forwarding state
[  655.997921][T26770] netlink: 'syz.2.4360': attribute type 1 has an invalid length.
[  656.007664][T26770] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4360'.
[  656.046102][T26770] geneve3: entered promiscuous mode
[  656.051532][T26770] geneve3: entered allmulticast mode
[  656.280882][T26782] ipt_ECN: cannot use operation on non-tcp rule
[  656.510172][T26487] 8021q: adding VLAN 0 to HW filter on device batadv0
[  656.540330][T26487] veth0_vlan: entered promiscuous mode
[  656.554788][T26487] veth1_vlan: entered promiscuous mode
[  656.610636][T26487] veth0_macvtap: entered promiscuous mode
[  656.628881][T26487] veth1_macvtap: entered promiscuous mode
[  656.660188][T26487] batman_adv: batadv0: Interface activated: batadv_slave_0
[  656.687807][T26487] batman_adv: batadv0: Interface activated: batadv_slave_1
[  656.700082][T26487] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  656.710861][T26487] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  656.714176][T22869] Bluetooth: hci0: command tx timeout
[  656.719775][T26487] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  656.741821][T26487] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  656.751948][T26799] Bluetooth: MGMT ver 1.23
[  657.026656][T15638] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  657.035546][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  657.048048][T15638] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  657.048110][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  657.083621][T26809] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  657.180778][T26817] ------------[ cut here ]------------
[  657.186846][T26817] kernel BUG at net/core/skbuff.c:2849!
[  657.192480][T26817] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  657.199455][T26817] CPU: 0 UID: 0 PID: 26817 Comm: syz.1.4368 Not tainted 6.13.0-rc2-syzkaller-00378-g5098462fbac6 #0
[  657.210241][T26817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  657.214058][T26809] syzkaller0: entered promiscuous mode
[  657.220295][T26817] RIP: 0010:__pskb_pull_tail+0x1568/0x1570
[  657.220333][T26817] Code: 38 c1 0f 8c 32 f1 ff ff 4c 89 f7 e8 c2 38 78 f8 e9 25 f1 ff ff e8 f8 d7 11 f8 48 8b 5c 24 08 e9 eb fb ff ff e8 e9 d7 11 f8 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  657.231531][T26809] syzkaller0: entered allmulticast mode
[  657.231567][T26817] RSP: 0018:ffffc90004966f30 EFLAGS: 00010283
[  657.253021][T26809] tipc: Resetting bearer <eth:syzkaller0>
[  657.256714][T26817] 
[  657.256723][T26817] RAX: ffffffff898d8657 RBX: 00000000fffffff2 RCX: 0000000000080000
[  657.256739][T26817] RDX: ffffc9000df3c000 RSI: 00000000000001eb RDI: 00000000000001ec
[  657.256751][T26817] RBP: ffff888011f2586a R08: ffffffff898d7394 R09: 1ffff110023e4b5c
[  657.256764][T26817] R10: dffffc0000000000 R11: ffffed10023e4b5d R12: ffff88804ac9d850
[  657.256777][T26817] R13: ffff88804ac9d780 R14: ffff88804ac9d7f4 R15: ffff88804ac9d780
[  657.256791][T26817] FS:  00007fcaf41d56c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  657.256807][T26817] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  657.256821][T26817] CR2: 00007fcaf41d4f98 CR3: 0000000060852000 CR4: 00000000003526f0
[  657.256838][T26817] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  657.256850][T26817] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  657.256864][T26817] Call Trace:
[  657.256870][T26817]  <TASK>
[  657.256879][T26817]  ? __die_body+0x5f/0xb0
[  657.256904][T26817]  ? die+0x9e/0xc0
[  657.256923][T26817]  ? do_trap+0x15a/0x3a0
[  657.256941][T26817]  ? __pskb_pull_tail+0x1568/0x1570
[  657.256968][T26817]  ? do_error_trap+0x1dc/0x2c0
[  657.256986][T26817]  ? __pskb_pull_tail+0x1568/0x1570
[  657.257010][T26817]  ? __pfx_do_error_trap+0x10/0x10
[  657.257031][T26817]  ? handle_invalid_op+0x34/0x40
[  657.257046][T26817]  ? __pskb_pull_tail+0x1568/0x1570
[  657.257066][T26817]  ? exc_invalid_op+0x38/0x50
[  657.257085][T26817]  ? asm_exc_invalid_op+0x1a/0x20
[  657.257105][T26817]  ? __pskb_pull_tail+0x2a4/0x1570
[  657.257126][T26817]  ? __pskb_pull_tail+0x1567/0x1570
[  657.257150][T26817]  ? __pskb_pull_tail+0x1568/0x1570
[  657.257178][T26817]  skb_cow_data+0x2da/0xcb0
[  657.257196][T26817]  tipc_crypto_rcv+0x402/0x24e0
[  657.257224][T26817]  ? tipc_crypto_rcv+0x27f/0x24e0
[  657.438472][T26817]  ? __pfx_tipc_crypto_rcv+0x10/0x10
[  657.443765][T26817]  ? __pfx_tipc_node_find_by_id+0x10/0x10
[  657.449484][T26817]  ? tipc_ehdr_validate+0x186/0x340
[  657.454688][T26817]  tipc_rcv+0x57e/0x12a0
[  657.458931][T26817]  ? __pfx_tipc_rcv+0x10/0x10
[  657.463605][T26817]  ? tipc_l2_rcv_msg+0x28/0x450
[  657.468459][T26817]  tipc_l2_rcv_msg+0x2bd/0x450
[  657.473214][T26817]  ? __pfx_tipc_l2_rcv_msg+0x10/0x10
[  657.478488][T26817]  __netif_receive_skb_list_core+0x8b7/0x980
[  657.484469][T26817]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  657.490965][T26817]  ? dev_gro_receive+0x1318/0x2510
[  657.496075][T26817]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  657.502397][T26817]  netif_receive_skb_list_internal+0xa51/0xe30
[  657.508551][T26817]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  657.514875][T26817]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  657.521545][T26817]  ? eth_type_trans+0x3ce/0x7b0
[  657.526394][T26817]  napi_complete_done+0x2b5/0x870
[  657.531415][T26817]  ? __pfx_napi_complete_done+0x10/0x10
[  657.536958][T26817]  ? napi_gro_frags+0xa5f/0x1360
[  657.541892][T26817]  ? tun_get_user+0x2bbe/0x4890
[  657.546740][T26817]  tun_get_user+0x2ea0/0x4890
[  657.551436][T26817]  ? tun_get_user+0x2bbe/0x4890
[  657.556291][T26817]  ? __pfx_tun_get_user+0x10/0x10
[  657.561321][T26817]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  657.566770][T26817]  ? tun_get+0x1e/0x2f0
[  657.570919][T26817]  ? __pfx_lock_release+0x10/0x10
[  657.575942][T26817]  ? tun_get+0x1e/0x2f0
[  657.580093][T26817]  ? tun_get+0x27d/0x2f0
[  657.584330][T26817]  tun_chr_write_iter+0x10d/0x1f0
[  657.589349][T26817]  do_iter_readv_writev+0x600/0x880
[  657.594540][T26817]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  657.600255][T26817]  ? bpf_lsm_file_permission+0x9/0x10
[  657.605655][T26817]  ? security_file_permission+0x74/0x280
[  657.611290][T26817]  ? rw_verify_area+0x1c3/0x6f0
[  657.616133][T26817]  vfs_writev+0x376/0xba0
[  657.620462][T26817]  ? __pfx_lock_acquire+0x10/0x10
[  657.625480][T26817]  ? __pfx_vfs_writev+0x10/0x10
[  657.630332][T26817]  ? __fget_files+0x2a/0x410
[  657.634917][T26817]  ? __fget_files+0x395/0x410
[  657.639588][T26817]  ? __fget_files+0x2a/0x410
[  657.644176][T26817]  do_writev+0x1b6/0x360
[  657.648415][T26817]  ? __pfx_do_writev+0x10/0x10
[  657.653174][T26817]  ? exc_page_fault+0x590/0x8b0
[  657.658022][T26817]  ? do_syscall_64+0xb6/0x230
[  657.662707][T26817]  do_syscall_64+0xf3/0x230
[  657.667201][T26817]  ? clear_bhb_loop+0x35/0x90
[  657.671871][T26817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.677758][T26817] RIP: 0033:0x7fcaf6385d19
[  657.682166][T26817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  657.701764][T26817] RSP: 002b:00007fcaf41d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  657.710173][T26817] RAX: ffffffffffffffda RBX: 00007fcaf6576080 RCX: 00007fcaf6385d19
[  657.718140][T26817] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000006
[  657.726104][T26817] RBP: 00007fcaf6401a20 R08: 0000000000000000 R09: 0000000000000000
[  657.734066][T26817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  657.742028][T26817] R13: 0000000000000001 R14: 00007fcaf6576080 R15: 00007ffe2e572658
[  657.749997][T26817]  </TASK>
[  657.753009][T26817] Modules linked in:
[  657.756954][T26817] ---[ end trace 0000000000000000 ]---
[  657.762424][T26817] RIP: 0010:__pskb_pull_tail+0x1568/0x1570
[  657.768300][T26817] Code: 38 c1 0f 8c 32 f1 ff ff 4c 89 f7 e8 c2 38 78 f8 e9 25 f1 ff ff e8 f8 d7 11 f8 48 8b 5c 24 08 e9 eb fb ff ff e8 e9 d7 11 f8 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  657.787966][T26817] RSP: 0018:ffffc90004966f30 EFLAGS: 00010283
[  657.794083][T26817] RAX: ffffffff898d8657 RBX: 00000000fffffff2 RCX: 0000000000080000
[  657.802067][T26817] RDX: ffffc9000df3c000 RSI: 00000000000001eb RDI: 00000000000001ec
[  657.810079][T26817] RBP: ffff888011f2586a R08: ffffffff898d7394 R09: 1ffff110023e4b5c
[  657.818104][T26817] R10: dffffc0000000000 R11: ffffed10023e4b5d R12: ffff88804ac9d850
[  657.826139][T26817] R13: ffff88804ac9d780 R14: ffff88804ac9d7f4 R15: ffff88804ac9d780
[  657.834156][T26817] FS:  00007fcaf41d56c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  657.843107][T26817] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  657.849745][T26817] CR2: 00007fcaf41d4f98 CR3: 0000000060852000 CR4: 00000000003526f0
[  657.857773][T26817] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  657.865803][T26817] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  657.873858][T26817] Kernel panic - not syncing: Fatal exception in interrupt
[  657.881322][T26817] Kernel Offset: disabled
[  657.885666][T26817] Rebooting in 86400 seconds..