last executing test programs:

4.064331256s ago: executing program 1 (id=3415):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r0, 0x8990, 0x0)
r1 = socket(0x18, 0x0, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x2, @local, 'geneve1\x00'}}, 0x1e)
sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x98, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x38d4d9b}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8001}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}]}, @TIPC_NLA_NODE={0x3c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x2b, 0x3, "7060d1cc19228ec77a67efee8b63bf3b4b9ab7988de7438cde18eb5bb48f980a9e079a77e263b8"}, @TIPC_NLA_NODE_ADDR={0x8}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x40040)
sendmsg$nl_xfrm(r1, &(0x7f00000006c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000300)=@updsa={0xf0, 0x1a, 0x20, 0x70bd29, 0x25dfdbfd, {{@in=@local, @in=@loopback, 0x4e21, 0x100, 0x4e20, 0x6, 0xa, 0x80, 0xc0, 0x2b, 0x0, 0xee01}, {@in=@remote, 0x4d2, 0x2b}, @in=@dev={0xac, 0x14, 0x14, 0x19}, {0x7fffffff, 0x6, 0x4, 0x8, 0x5, 0x2, 0xd89, 0x2}, {0x5, 0x1, 0x6a, 0x5}, {0x0, 0x53688d2b, 0x4}, 0x70bd26, 0x3503, 0x2, 0x2, 0x6f, 0x2}}, 0xf0}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4)

3.978685099s ago: executing program 1 (id=3417):
r0 = socket(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x806, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@RTM_DELMDB={0x18, 0x55, 0x1, 0x0, 0x0, {0x7, r4}}, 0x18}}, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r1, 0x3)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000140)=@filter={'filter\x00', 0xe, 0x4, 0x3d0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x300, 0x300, 0x300, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@uncond, 0x0, 0x108, 0x130, 0x0, {}, [@common=@srh={{0x30}, {0x2c, 0x8, 0x5, 0x2, 0x4, 0x1a0a, 0xa03}}, @common=@frag={{0x30}, {[0x9, 0x1], 0xfffffffe, 0xa, 0x1}}]}, @REJECT={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x1a}, [0xffffff00, 0xff000000, 0xff000000, 0xffffffff], [0xffffffff, 0xff, 0xffffffff], 'veth0_virt_wifi\x00', 'wg1\x00', {}, {0xff}, 0x8, 0x2, 0x3, 0x23}, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @multicast1}, [0xffffff00, 0xffffffff, 0x0, 0xffffffff], [0xffffff00, 0xffffff00, 0xffffff00, 0xffffff00], 'veth1_to_bridge\x00', 'veth0_to_team\x00', {0xff}, {}, 0x41, 0x1, 0x1, 0x20}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@srh={{0x30}, {0x2c, 0x80, 0x9e, 0x7, 0x3, 0x1000, 0x1c06}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x4}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x430)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r7, 0x1, 0x0, 0x0, {{}, {}, {0x4c, 0x18, {0x0, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x30, r7, 0x2, 0x70bd2d, 0x25dfdbfd, {{}, {}, {0x14, 0x19, {0xaaf, 0x1ff, 0x80000001, 0x9756}}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x200000c0}, 0xc4)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x7, 'veth0_macvtap\x00', {0x6}, 0x4})
r8 = socket$inet(0x2, 0x3, 0x33)
getsockopt$inet_mreqsrc(r8, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
r9 = accept$phonet_pipe(r0, &(0x7f00000000c0), &(0x7f0000000580)=0x10)
ioctl$SIOCPNADDRESOURCE(r9, 0x89e0, &(0x7f00000005c0)=0xf)
close(0x4)

3.336318852s ago: executing program 0 (id=3423):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xaf}]}, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe(&(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x8003, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000340))
socket(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540087001400b59500000000000000000a000000", @ANYRES32=r0, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa"], 0x54}, 0x1, 0x0, 0x0, 0x24008800}, 0x80)

2.75447252s ago: executing program 0 (id=3426):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="140100002d0001000000000000000000040100800c0000000000000000000000140001000000000000000000000010000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b"], 0x114}], 0x1}, 0x0)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000400)={0x1, {{0xa, 0x0, 0x6, @mcast1, 0x4000001}}, {{0xa, 0x1, 0xffffffff, @mcast2, 0x1}}}, 0xff75)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000007c0)=[@in6={0xa, 0x4e20, 0x0, @loopback, 0x4b26e94}, @in={0x2, 0x4e20, @local}], 0x2c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x2c, &(0x7f0000000900)=[@in6={0xa, 0x4e20, 0x0, @loopback}, @in={0x2, 0x4e20, @loopback=0xac1414aa}]}, &(0x7f00000002c0)=0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x13, &(0x7f0000000100)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_fd={0x18, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x6}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0x8, 0x4, 0x8000}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff, 0x1, 0x1, 0x1], &(0x7f0000000340)=[{0x2, 0x3, 0x8, 0x8}, {0x2, 0x3, 0x1}], 0x10, 0x9, @void, @value}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='cgroup.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)={@fallback=r1, r3, 0x19, 0x2018, 0x0, @value=r4}, 0x20)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e23, 0x4, @local}, @in6={0xa, 0x4e20, 0x4, @loopback, 0x1ff}, @in={0x2, 0x4e21, @local}], 0x48)

2.678758473s ago: executing program 1 (id=3428):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f000083b000/0x13000)=nil, 0x13000, 0x0, 0x13, r1, 0x0)
mmap(&(0x7f00004e7000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r3, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2002, 0x604, 0x11, r3, 0x80000000)

2.43908689s ago: executing program 2 (id=3433):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="260000000000000000ff"], 0x20)
sendto$inet6(r0, &(0x7f0000000000)="c5", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x15}, 0x1c)
setsockopt$inet6_mreq(r0, 0x29, 0x15, 0x0, 0x0)

2.438699629s ago: executing program 3 (id=3434):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newlink={0x50, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xe, 0xa}}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r3}]}, 0x50}}, 0xc2)

2.395638829s ago: executing program 0 (id=3435):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0x8, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4}}}]}, 0xffffffffffffffe6}}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@newtfilter={0x40, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x8, 0xfffc}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_fw={{0x7}, {0x14, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x0, 0x10}}, @TCA_FW_MASK={0x8, 0x5, 0x3ff}]}}]}, 0x40}}, 0x400c084)

2.393364411s ago: executing program 1 (id=3436):
r0 = socket$inet6(0xa, 0x2, 0x0)
readv(r0, &(0x7f0000000300)=[{&(0x7f00000003c0)=""/4096, 0x1000}], 0x1)
unshare(0xc020400)
r1 = epoll_create1(0x0)
epoll_wait(r1, &(0x7f0000000080)=[{}], 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r2=>0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000140)={{{@in6=@mcast2, @in=@remote, 0x4e21, 0x0, 0x4e24, 0x1, 0x2, 0x20, 0x20, 0x16, r2, 0xee01}, {0x100000000, 0x46, 0xdb8c, 0x5, 0x3, 0xe, 0x4, 0xff}, {0xffff, 0x100000000, 0x0, 0x2}, 0x2, 0x6e6bb1, 0x0, 0x1, 0x3}, {{@in6=@private1, 0x4d6, 0xff}, 0x2, @in6=@loopback, 0x3500, 0x1, 0x3, 0x5, 0x10000, 0x4, 0xf0}}, 0xe8)
bind$inet6(r0, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000005540)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="901240c26659aa66cdbf4f8f9f57ad7070c857acb9e3d346635baf03a38eef5a40288a17a2f80cdd5f9cfc6d8d9a9baba907c01998a0ab2660b9021822e432312b0fb31b", 0x44}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000013c0)="f8", 0x1}], 0x1}}], 0x2, 0x200c8000)
sendmmsg(r0, &(0x7f00000092c0), 0x0, 0x10)

2.179913543s ago: executing program 3 (id=3439):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_pid(r0, &(0x7f0000000340), 0x12)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$isdn(0x22, 0x3, 0x21)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @local, @local}, &(0x7f0000000240)=0xc)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="5400000010000304000000000000000000007400", @ANYRES32=r3, @ANYBLOB="0000000003120100340012800b0001006272696467650000240002800800050001000000060027"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080), 0x10)
sendmsg$L2TP_CMD_TUNNEL_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14200000", @ANYRES16=0x0, @ANYBLOB="000326bd7000fcdbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x40080)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x3, &(0x7f00000003c0)=""/161, &(0x7f0000000100)=0xa1)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000000000014000780080011400000000005001500030000000d"], 0x5c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000580)=@file={0x1, './file0\x00'}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@ipv4_delrule={0x24, 0x21, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_FLOW={0x8, 0xb, 0x5}]}, 0x24}}, 0x0)

1.816435295s ago: executing program 4 (id=3440):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000dc0)=[{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000080)="4b7e67cf6995e4e649c71b7f35e97ded968fea4f29bfacfc5f49f00551d27613e6d1c495b5101c0c9ad54fb9e405b2af23c9b667a250dcde64327645bccece99dc6240c7e73a2e39751c2400f34a6b4d5f", 0x51}], 0x1, 0x0, 0x0, 0x404200d}], 0x1, 0x40091)
recvmmsg(r1, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x5100}, 0x5}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)=""/83, 0x53}], 0x1}, 0xffffff0b}], 0x2, 0x2001, 0x0)

1.726816348s ago: executing program 4 (id=3441):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000007c0)=[@in6={0xa, 0x4e20, 0x0, @loopback, 0x4b26e94}, @in={0x2, 0x4e20, @local}], 0x2c)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0x8, 0x8, 0x0, 0x0, 0x101}}]}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x210, 0x0, 0x0, 0x148, 0x180, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x11}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x270)
setsockopt$inet_msfilter(r1, 0x0, 0x29, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000006112210000000000950bc9feeed587dec2b455daf5c4db0427f9f729427186cdf6573340"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1f00, 0x8, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000900)=[@in={0x2, 0x4e20, @loopback=0xac1414aa}]}, &(0x7f00000002c0)=0x10)
setsockopt(r0, 0x1, 0x8000, &(0x7f0000000000)="6fe1e66e601ed078", 0x8)

1.673146638s ago: executing program 0 (id=3442):
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0xa, 0x3, 0x73)
socket$packet(0x11, 0x2, 0x300)
r0 = socket$netlink(0x10, 0x3, 0x14)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'team_slave_0\x00'}}]}, 0x38}}, 0x0) (fail_nth: 7)

1.528187785s ago: executing program 4 (id=3443):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x4, 0x4, 0xa4, 0x0, 0xffffffffffffffff, 0x7fffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f00000002c0)=@tcp6=r2}, 0x47)
recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x12020, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sys_exit\x00', r4}, 0x18)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
preadv(r5, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/124, 0x4}], 0x3e8, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x48814}, 0x40810)

1.527503062s ago: executing program 3 (id=3444):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="662700000000000024001280090001007866726d0000000014000280040003"], 0x44}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[], 0xe8}}, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r3, 0x84, 0x7f, &(0x7f0000000080)="000000000d800000", 0x8)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c0000002000170829bd7000ffdbdf250a00000d"], 0x1c}}, 0x0) (async)
r4 = socket$isdn_base(0x22, 0x3, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000002000000000000000000000d030000000000000000000001050020008000000000000000000000030000000002000000"], 0x0, 0x4e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async)
ioctl$sock_SIOCINQ(r6, 0x541b, 0x0)
bind$bt_hci(r6, &(0x7f0000000040), 0x6) (async)
ioctl$sock_bt_hci(r6, 0x400448e7, &(0x7f00000000c0)) (async, rerun: 32)
r7 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
getsockopt$sock_buf(r7, 0x1, 0x3b, 0x0, &(0x7f00000000c0)) (async, rerun: 64)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff) (rerun: 64)
sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000700)={0x64, r8, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}]}, 0x64}}, 0x0) (async)
ioctl$IMGETCOUNT(r4, 0x80044943, &(0x7f0000000300))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=[0x0, 0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x3, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0], 0x0, 0xc2, &(0x7f0000000340)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xc0, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', r9, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x5, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x43}]}, &(0x7f0000000880)='syzkaller\x00', 0x4, 0x7f, &(0x7f00000008c0)=""/127, 0x40f00, 0x41, '\x00', 0x0, 0x25, r10, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=[r10], 0x0, 0x10, 0x8, @void, @value}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r10}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r11, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r12, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000000000005", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.521085356s ago: executing program 2 (id=3445):
syz_emit_ethernet(0x5e, &(0x7f0000000680)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}, @link_local, @val={@val={0x88a8, 0x6, 0x1}, {0x8100, 0x5, 0x0, 0x1}}, {@canfd={0xd, {{0x0, 0x1, 0x0, 0x1}, 0x16, 0x2, 0x0, 0x0, "0cd6782dd6466596f91c9aa03c60c42e34aa364d7de6099b8d7b838f2e4b995a6113f1a246b923b4d8cd3c664ce8c8f8708c3d3990d27c7c62cace3903b40794"}}}}, &(0x7f0000000100)={0x0, 0x4, [0xd53, 0xf20, 0xc57, 0x857]})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_IGNORE_DF={0x5, 0x13, 0x1}, @IFLA_GRE_PMTUDISC={0x5}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x48}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000700)={<r1=>0xffffffffffffffff, 0xe, 0x66db, 0x8000000000000000})
write$ppp(r1, &(0x7f0000000740)="5e8278784c8753ceb9601fdd123607ac72d89bd502e356f4b09ef337571c8e9d850715063f59e9dabe7fc3b1f821cbddcbacdaa922fa75bdcfb191f9d5b2b5c6c35fba16e36ab4f0f705d82149f3432b807e34ef8ea047bf46d1c28f4e8977325264dd36c9bbb8c6e1d7296e089ad838824fdf7e029d4df2b3b8d107c62da522bac36ef3568e0ce740a812f8545c542ad5702937c6b2dee3812eca74b06fe07ad990bc63693c3b224fb744b0e7abd7754419d7586bf00bdb2a7066e5f2a64aed", 0xc0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r4, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
syz_emit_ethernet(0x7e, &(0x7f00000004c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x2b, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @broadcast=0xac1414bb, {[@timestamp_addr={0x44, 0x34, 0x0, 0x1, 0x0, [{@local}, {@loopback}, {@dev}, {@empty}, {@dev}, {@broadcast}]}, @cipso={0x86, 0xa, 0x0, [{0x0, 0x2}, {0x0, 0x2}]}]}}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000340)={0x1c, r6, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4081}, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @random="0100002010ff"})
sendmsg$NFNL_MSG_CTHELPER_DEL(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)={0x50, 0x2, 0x9, 0x5, 0x0, 0x0, {}, [@NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x2d, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0)
r9 = accept4$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e, 0x80000)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x3c, r11, 0x1, 0x0, 0x0, {0x2f}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
recvmsg$unix(r9, &(0x7f0000000400)={&(0x7f0000000600)=@abs, 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/253, 0xfd}, {&(0x7f0000000280)=""/62, 0x3e}, {&(0x7f0000000300)=""/63, 0x3f}, {&(0x7f0000000380)=""/55, 0x37}], 0x4, &(0x7f00000004c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xb0}, 0x40000040)

1.04929041s ago: executing program 1 (id=3446):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
ioctl$sock_proto_private(0xffffffffffffffff, 0x8992, &(0x7f0000000000))
listen(r1, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r2 = accept$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x28, r7, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r4, 0x1, 0x0, 0x0, {0x4, 0x0, 0x1fff}}, 0x14}, 0x1, 0xfcffffff00000000}, 0x0)

896.336379ms ago: executing program 3 (id=3447):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={<r3=>0x0, 0x7, 0x30}, &(0x7f0000000040)=0xc)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000080)={r3, @in6={{0xa, 0x4e21, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x70d6}}, [0x1, 0xfffffffffffff6d4, 0x5, 0xff8, 0x4, 0x1000000, 0x4, 0xbf8, 0x7fffffff, 0x7, 0x9, 0x800, 0x600, 0x4, 0xb]}, &(0x7f0000000280)=0x100)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r6=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={r6, 0x8}, 0x8)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f00000002c0)={<r7=>r6, 0x1}, &(0x7f0000000400)=0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000440)=@assoc_value={r7, 0x6}, &(0x7f0000000340)=0x8)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r8=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)={0x54, r1, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_KEY={0x38, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "403d050c5baee20061f2b6d70100"}, @NL802154_KEY_ATTR_ID={0x18, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xfffc}]}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x81}]}]}, 0x54}}, 0x10)

876.783355ms ago: executing program 0 (id=3448):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, {0xb}, {0xffff, 0xffff}, {0x0, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge0\x00'})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000340)={0xa, 0x4e20, 0xfffffffa, @mcast2}, 0x1c)
setsockopt$inet6_udp_int(r2, 0x11, 0x66, &(0x7f0000000080)=0xa3d, 0x4)
openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x2f01, 0x0)
socket$kcm(0x2, 0xa, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000800)={'batadv_slave_0\x00', <r6=>0x0})
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f0000000300)=0x1000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r9=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r7, &(0x7f0000000100)={0x2c, 0x0, r9, 0x22}, 0x10)
bind$xdp(r4, &(0x7f0000000240)={0x2c, 0x1, r6, 0x0, r7}, 0x10)
setsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f0000005380), 0x4)
socket$inet_sctp(0x2, 0x1, 0x84)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071122a00000000009500000700000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x238, 0x108, 0x11, 0x148, 0x0, 0x10, 0x1a0, 0x2a8, 0x2a8, 0x1a0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xc0, 0x108, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x588, 0x548, 0x7}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x5, 0x3, 'syz0\x00', {0x4d}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0x0, 0xffffffff, 'batadv_slave_1\x00', 'veth1_to_batadv\x00', {}, {}, 0x73, 0x2}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0xdb, 0x4}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)

832.189139ms ago: executing program 2 (id=3449):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r1)
sendmsg$DCCPDIAG_GETSOCK(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x15c, 0x13, 0x200, 0x70bd2d, 0x25dfdbfb, {0xb, 0x2, 0x1, 0x1b, {0x4e23, 0x4e22, [0xfffffffc, 0x8, 0x400, 0x4], [0x6, 0x0, 0x1, 0x8], 0x0, [0x2, 0x1000000]}, 0x4, 0xfff}, [@INET_DIAG_REQ_BYTECODE={0x25, 0x1, "ca905b00a698336ac3a55cea1ae64c41f58a9af930ff7c7bdbea0ed8cc850e2ee5"}, @INET_DIAG_REQ_BYTECODE={0xe7, 0x1, "4615416cd5d1be0da2507395e100cafaa64c9bef48038198c345820230cadc62be96f4d4af06dad8b6bac9b64ba61d7fe2ff83a10cde6e51f5665345eeebf81a396973cf8b3912b9f5d2d5a961a0603425b9fc89bfd5ea3f84524c1f0b473d2618d3abab98bd9a3e7246422b33541143f64e4a19e26c1ad7bd3dcdd78524b0f425a9c987ddd7f257f44865ebf68d5060a7f937821b953ae7b062fd75b2da6db2bea2b688aeaab363beda068e720f72bea25f744ca878e79cf69498abfa5f528a77fd8e783e00b21a9f0a100f247ded4855a6216d666bbf3c9f4dd19ad52a9b1bd34715"}]}, 0x15c}, 0x1, 0x0, 0x0, 0x2000}, 0x24008840)

609.876917ms ago: executing program 2 (id=3450):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, 0x13, 0xa, 0x201, 0x0, 0x0, {0x5}, [@NFTA_OBJ_USERDATA={0x18, 0x8, "2ba4fdfd04c74f4feb17dab1ad4a5527036631a1"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x44000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x2c8, 0x30, 0x400, 0x70bd29, 0x25dfdbff, {}, [{0x2b4, 0x1, [@m_nat={0xe4, 0x15, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x5, 0x800, 0x0, 0x6, 0x5}, @broadcast, @private=0xa010101, 0xff, 0x1}}]}, {0x91, 0x6, "10e888c9612e2e34f2a5c0d7a87138e300765dba5074c9d374932654344b0c3962c5b1337fa6db0058e4c409791d8494eb4f1d5e393184346fed949d96f5daa0ce947de3daaa6e95d07edeca20c84c34c3d590793d972426d03baeb20ac6787db577296c99e3e931b99974120505982554b03c14cf350d002b5185962405187e60822f26f3d3d50fc809abad8c"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_gact={0xcc, 0x8, 0x0, 0x0, {{0x9}, {0x4}, {0x9d, 0x6, "0f617356f0a663079ab7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224484cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51cc59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_sample={0xa4, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x76, 0x6, "b994bedd346bce0500000000000000d115251a878473985c1ed7a3d4fca80601598de37da823754e06000000b3a3c993afbb7ebbbe1526dab34d44b5c23c87b684ba0a43c6d997aa4921c5a813b871326a35619082cefce7336f46644321281eb0d25aefbb3a49f1569225f999328fd102ad"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ctinfo={0x5c, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0x2e, 0x6, "244f1d5e491793fe299ae91a500c9cc02390a453351e3b982d0e4762ca9b14a043390c938c41ebe65abf"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x2c8}}, 0x48000)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000540)=""/100, 0x64}, {&(0x7f0000000280)=""/74, 0xe}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000300)=""/155, 0x9b}, {&(0x7f00000001c0)=""/17, 0x11}, {&(0x7f0000000880)=""/218, 0xda}, {&(0x7f0000001fc0)=""/4096, 0x1000}], 0xa, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, 0x13, 0xa, 0x201, 0x0, 0x0, {0x5}, [@NFTA_OBJ_USERDATA={0x18, 0x8, "2ba4fdfd04c74f4feb17dab1ad4a5527036631a1"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x44000) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x2c8, 0x30, 0x400, 0x70bd29, 0x25dfdbff, {}, [{0x2b4, 0x1, [@m_nat={0xe4, 0x15, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x5, 0x800, 0x0, 0x6, 0x5}, @broadcast, @private=0xa010101, 0xff, 0x1}}]}, {0x91, 0x6, "10e888c9612e2e34f2a5c0d7a87138e300765dba5074c9d374932654344b0c3962c5b1337fa6db0058e4c409791d8494eb4f1d5e393184346fed949d96f5daa0ce947de3daaa6e95d07edeca20c84c34c3d590793d972426d03baeb20ac6787db577296c99e3e931b99974120505982554b03c14cf350d002b5185962405187e60822f26f3d3d50fc809abad8c"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_gact={0xcc, 0x8, 0x0, 0x0, {{0x9}, {0x4}, {0x9d, 0x6, "0f617356f0a663079ab7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224484cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51cc59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_sample={0xa4, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x76, 0x6, "b994bedd346bce0500000000000000d115251a878473985c1ed7a3d4fca80601598de37da823754e06000000b3a3c993afbb7ebbbe1526dab34d44b5c23c87b684ba0a43c6d997aa4921c5a813b871326a35619082cefce7336f46644321281eb0d25aefbb3a49f1569225f999328fd102ad"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ctinfo={0x5c, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0x2e, 0x6, "244f1d5e491793fe299ae91a500c9cc02390a453351e3b982d0e4762ca9b14a043390c938c41ebe65abf"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x2c8}}, 0x48000) (async)
socket(0x10, 0x803, 0x0) (async)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000540)=""/100, 0x64}, {&(0x7f0000000280)=""/74, 0xe}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000300)=""/155, 0x9b}, {&(0x7f00000001c0)=""/17, 0x11}, {&(0x7f0000000880)=""/218, 0xda}, {&(0x7f0000001fc0)=""/4096, 0x1000}], 0xa, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) (async)

480.126506ms ago: executing program 4 (id=3451):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg0\x00', <r2=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x5, &(0x7f0000000900)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x36, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r3 = socket$igmp6(0xa, 0x3, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000840)='notify_on_release\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f00000002c0)=0x6, 0x12)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000001780)=@raw={'raw\x00', 0x8, 0x3, 0x400, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x330, 0xffffffff, 0xffffffff, 0x330, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1c, 0x3, 0x2, 0x5, 'snmp_trap\x00', 'syz0\x00', {0x7ff}}}}, {{@ipv6={@empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0x0, 0x0, 0x0, 0xffffff00], [], 'rose0\x00', 'gre0\x00'}, 0x0, 0xf8, 0x220, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xf}}, @inet=@rpfilter={{0x28}, {0x2}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0xa, 'system_u:object_r:iptables_unit_file_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x460)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000980)=ANY=[@ANYRES64=r3], 0x0, 0x45, 0x0, 0x0, 0xa, 0x0, @void, @value}, 0x28)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000fb", @ANYRES16=r7, @ANYBLOB="1709000000000000000001000000050007000000000008000900000000001400200000000000000000000000ffff7f00000108000a0000000000060002000100000014001f00"/86], 0x5c}, 0x1, 0x620b}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$tun(r8, &(0x7f0000000000)=ANY=[], 0x38)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="680100000001010400000000000000000a00ffff3c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c0002800500010000000000440002802c000180140003000000000000080000000000000000000114000400fe8800000000000000000000000000010c000280050001000000000006000340000000000800074000000000cc0006801400000000bb14000400fe02000000000000000000000000003c14000500fc02000000000000000000000000000014000500fe880000000000000000000000000001080001007f0000012c000380060002004e200000060002004e24000044a90600020000030000060001004e220000060001004e22000014000400fe80000000000000000000197e205e2bc88d2b272ec6baf4000000002014000500fe8000000000000000000000000000aa08000200ac14142414000400fc0000000000000000000000000000014d50d7830a443929f86894b97c32aa1aaec97eddafa6bcc700318a0b810fbc8078fd817fa474311599026aebc241fcb7748e8d0554fabb8e84fffea62a5315609430065e6a99ac0211c6709129a9086bde17"], 0x168}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xac}}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r10, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e21, @multicast2}, 0x2, 0x4, 0x2}}, 0x26)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
socket(0x8, 0x80000, 0x53)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000c80)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1e0001000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x590)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_MCAST_MSFILTER(r8, 0x0, 0x30, &(0x7f00000011c0)=ANY=[@ANYBLOB="030000000000000002004e22ac141427000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000002004e207f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e23ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3d04c7b216f1aa0ca6ea2df5ec537a3a589cbae488381f283c1a35ad351e2e8ff433ec66d7dabdb811324549c61279c2acb0da5b11c5b7d6f254b0296ef9551a45b5d47b155eea001ea7bcd074296575fad7b016a6969f0d70c805c7a59f40901ed5f09c93063406e8767c2379be33b7a35a6f3fc759526cae35285d894775bb37ee378b8710ec09ea3037412f1d65e9de5a6a89c054c6050a8c6ad9c21b6b45b61d6db308c6d130b92d01f0bc3615d484fe1eead5a77c0c1b48de34737dc75c759fb5185"], 0x190)

473.195451ms ago: executing program 0 (id=3452):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
ioctl$sock_proto_private(0xffffffffffffffff, 0x8992, 0x0)
listen(r1, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r2 = accept$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
mmap$xdp(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000002, 0x13, r5, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
readv(r7, &(0x7f00000002c0)=[{&(0x7f0000000040)=""/185, 0xb9}], 0x1)
close(r7)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, 0x0, 0x0)

369.022296ms ago: executing program 3 (id=3453):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000040), 0x4)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x1e)
write(r2, &(0x7f0000000080)="0b000300010001", 0x7)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x20, r3, 0x607, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8801}, 0x4810)

252.056303ms ago: executing program 4 (id=3454):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWCHAIN={0xe4, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_COUNTERS={0x28, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x401}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x7}]}, @NFTA_CHAIN_HOOK={0x38, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x45326ba}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7452847e}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_bond\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3192e0d}]}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_HOOK={0x48, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x76dae347}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x58225696}, @NFTA_HOOK_DEV={0x14, 0x3, 'erspan0\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x572a57b0}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x196de7a8}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x114af10b}]}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_COMPAT={0x2c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xa01}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x5e}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x33}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x200}]}]}], {0x14}}, 0x1a4}}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabbcc", 0x3}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000000240)="aabbcc", 0x3}], 0x1}}], 0x2, 0x0)
pselect6(0x40, &(0x7f0000000000)={0xb26, 0x2b, 0x2, 0x6, 0xfffffffffffffffe, 0x1, 0x1, 0x1ff}, &(0x7f0000000080)={0x9, 0x7, 0x80000000, 0xffffffffffffffc0, 0x9, 0x5, 0x7, 0x401}, &(0x7f0000000100)={0xf0, 0x1, 0x80, 0x81, 0xffffffffffffb053, 0x8d, 0x150, 0xf9d}, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8})
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWCHAIN={0xe4, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_COUNTERS={0x28, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x401}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x7}]}, @NFTA_CHAIN_HOOK={0x38, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x45326ba}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7452847e}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_bond\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3192e0d}]}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_HOOK={0x48, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x76dae347}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x58225696}, @NFTA_HOOK_DEV={0x14, 0x3, 'erspan0\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x572a57b0}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x196de7a8}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x114af10b}]}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_COMPAT={0x2c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xa01}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x5e}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x33}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x200}]}]}], {0x14}}, 0x1a4}}, 0x0) (async)
socket$inet6(0xa, 0x2, 0x0) (async)
sendmmsg$inet6(r1, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabbcc", 0x3}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000000240)="aabbcc", 0x3}], 0x1}}], 0x2, 0x0) (async)
pselect6(0x40, &(0x7f0000000000)={0xb26, 0x2b, 0x2, 0x6, 0xfffffffffffffffe, 0x1, 0x1, 0x1ff}, &(0x7f0000000080)={0x9, 0x7, 0x80000000, 0xffffffffffffffc0, 0x9, 0x5, 0x7, 0x401}, &(0x7f0000000100)={0xf0, 0x1, 0x80, 0x81, 0xffffffffffffb053, 0x8d, 0x150, 0xf9d}, &(0x7f0000000140), &(0x7f00000001c0)={&(0x7f0000000180)={[0x8]}, 0x8}) (async)

251.801195ms ago: executing program 2 (id=3455):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b03043a0e0580a7b6070d63e286a5cefe", 0x5ac)

166.887285ms ago: executing program 3 (id=3456):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020d6bae75ad307b4d5f96b577db020000180070001006374000014000280080002400000000208000140000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a82984c49e314a9b032bd14ef375888499bc71ddf96aa670633190972c3487e64d8b162d044c3601091658bcc320b8d5e84716bbdaf14b893aca666f987093872ed2d0b8b27054eefc7243700a368e4cd0e903ded14444dce38404bec340845005154f73e15e7235cd5a5"], 0x78}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000140)=@framed={{}, [@jmp={0x5, 0x0, 0x0, 0x0, 0xa, 0x0, 0xfffffffffffffff0}]}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000008c0)=ANY=[@ANYBLOB="540100001800010000000000000000001d0100001500030000000000000000008ca5be073cff296e040000001e0106000000fe000071ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0df766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c005c8d586b2a88d81866930fca15c8a95d29e5b2ea00000800050091"], 0x154}}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x1, &(0x7f0000000100)=0x8, 0x4)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000003c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(aegis128)\x00'}, 0x6e)
close(r2)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_emit_ethernet(0x6e, &(0x7f00000003c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "001040", 0x38, 0x6, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x4, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "345f8cf949a01b515682f44cecac91ba"}, @md5sig={0x1d, 0x12, "d243471da14ff23d079da4ca814b7d7b"}]}}}}}}}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, 0x4a, 0x3ab3666c4349b199, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x30, r4, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x9, 0x3c}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}]}, 0x30}, 0x1, 0x0, 0x0, 0x18091}, 0x8080)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
connect$ax25(r5, &(0x7f0000000100)={{0x3, @bcast, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000640)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @local, {[@rr={0x7, 0x3}, @rr={0x7, 0x7, 0x0, [@multicast2]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa01012f}, {@multicast1}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@local}, {}, {@dev={0xac, 0x14, 0x14, 0x15}}, {@private}]}]}}, "770400000088e934"}}}}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x3b, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x123, &(0x7f0000000440)=ANY=[@ANYBLOB="0180c20000010180c200000e080045000115006800008011"], 0x0)
ioctl$SIOCAX25NOUID(r5, 0x89e3, &(0x7f00000001c0))
sendmsg$key(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x17, 0x8, 0x7, 0x5, 0x0, 0x70bd28, 0x25dfdbfd, [@sadb_address={0x3, 0x7, 0x32, 0xa0, 0x0, @in={0x2, 0x4e20, @empty}}]}, 0x28}}, 0x240440c8)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x9084)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)={0x18, 0x24, 0x301, 0x0, 0x0, {0x1}, [@nested={0x4, 0xae}]}, 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x10}}, 0x4000040)
socket$inet_udplite(0x2, 0x2, 0x88)

136.396056ms ago: executing program 4 (id=3457):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000480)=ANY=[@ANYBLOB="0a00000016000000b30000007f00000000000000", @ANYRES32, @ANYBLOB="00013100000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'ip6tnl0\x00', &(0x7f00000000c0)={'ip6tnl0\x00', 0x0, 0x95a0cef96f795630, 0x0, 0xd, 0x3, 0x2, @remote, @mcast2, 0x20, 0x8000, 0x3, 0x9}})
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000280)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x4004)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x20}, {}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}}}, 0xb8}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r4, 0x54583, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5, 0x4, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$inet(r1, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty}}}], 0x20}}], 0x1, 0x80)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00'})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000200)={@loopback}, &(0x7f0000000240)=0x14)
socket(0x400000000010, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000140)=@framed={{}, [@printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={r6, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000440)={'tunl0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @private}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r8, 0x89f3, &(0x7f0000000240)={'syztnl0\x00', &(0x7f0000000140)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020695aa571c6f4551cd3ef8c47dbeb93162500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000e0000009500000000000000c9cf7722f7ebda01a7546e448744ef164aa5b21fb72a898b59686b4cd316c76378dbb42635c7424849fe61075eebe8ad76da6e1e75f38a3d7e31448e772ae47f2678a29fd24882e17d5b4f7936b962a51574bc173513a271097b3a296e1c7177882a3022df3664ef6c052244876e9045d0d346f142bd1184767d5442248674e337cc5a50d590ad1e979ec9ed75e671dbcf735515a1b33c6ed12179a1db398955a545c635510149d907c78801ccced0721659faefba002b9b466343217fa5c400259d54a6d0b7a5ef661281bdc30eb8e45ac3f1af88140364e43f2b3b038bf5ba2e812e604781595819423bbd3c4add994defba971288a1a4b80448a3b99cb096000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={r9, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

394.841µs ago: executing program 2 (id=3458):
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000", @ANYRES16, @ANYBLOB="0503000000000000f7ff0c000000080003004b3441444a21286a1f2ae42e5929b72b379767feccada8a4a36d09a310852b1415f634a4", @ANYRES32=0x0], 0x1c}}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec970000e03c00e18000000000000000000000000000aaff020000000000000000000000000701"], 0xffe)

0s ago: executing program 1 (id=3459):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}}, 0x0)

kernel console output (not intermixed with test programs):

] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  288.548333][T13765] FAULT_INJECTION: forcing a failure.
[  288.548333][T13765] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.607072][T13765] CPU: 1 UID: 0 PID: 13765 Comm: syz.3.3062 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  288.607105][T13765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.607119][T13765] Call Trace:
[  288.607126][T13765]  <TASK>
[  288.607135][T13765]  dump_stack_lvl+0x241/0x360
[  288.607167][T13765]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.607191][T13765]  ? __pfx__printk+0x10/0x10
[  288.607213][T13765]  ? __pfx_lock_release+0x10/0x10
[  288.607255][T13765]  should_fail_ex+0x40a/0x550
[  288.607292][T13765]  _copy_from_user+0x2d/0xb0
[  288.607321][T13765]  copy_msghdr_from_user+0xae/0x680
[  288.607357][T13765]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  288.607385][T13765]  ? __fget_files+0x2a/0x410
[  288.607420][T13765]  ? __fget_files+0x2a/0x410
[  288.607466][T13765]  __sys_sendmsg+0x209/0x350
[  288.607496][T13765]  ? __pfx___sys_sendmsg+0x10/0x10
[  288.607533][T13765]  ? do_sys_openat2+0x17a/0x1d0
[  288.607590][T13765]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  288.607624][T13765]  ? do_syscall_64+0x100/0x230
[  288.607660][T13765]  ? do_syscall_64+0xb6/0x230
[  288.607702][T13765]  do_syscall_64+0xf3/0x230
[  288.607734][T13765]  ? clear_bhb_loop+0x35/0x90
[  288.607767][T13765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.607795][T13765] RIP: 0033:0x7f9d0dd8d169
[  288.607814][T13765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.607832][T13765] RSP: 002b:00007f9d0ec39038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.607856][T13765] RAX: ffffffffffffffda RBX: 00007f9d0dfa5fa0 RCX: 00007f9d0dd8d169
[  288.607872][T13765] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[  288.607885][T13765] RBP: 00007f9d0ec39090 R08: 0000000000000000 R09: 0000000000000000
[  288.607899][T13765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.607911][T13765] R13: 0000000000000000 R14: 00007f9d0dfa5fa0 R15: 00007ffed7ce2b38
[  288.607942][T13765]  </TASK>
[  288.858370][T13648] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  288.871825][T13648] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  289.091076][T13769] 8021q: adding VLAN 0 to HW filter on device batadv1
[  289.131526][T13769] team0: Port device batadv1 added
[  289.402869][T13648] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.469639][T13648] 8021q: adding VLAN 0 to HW filter on device team0
[  289.495118][ T6598] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.503312][ T6598] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.507463][ T5841] Bluetooth: hci1: command tx timeout
[  289.552927][ T6598] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.560161][ T6598] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.418668][T13648] 8021q: adding VLAN 0 to HW filter on device batadv0
[  290.649295][T13648] veth0_vlan: entered promiscuous mode
[  290.730255][T13817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3077'.
[  290.731163][T13648] veth1_vlan: entered promiscuous mode
[  290.769868][T13817] macsec0: entered promiscuous mode
[  290.933166][T13648] veth0_macvtap: entered promiscuous mode
[  290.996312][T13648] veth1_macvtap: entered promiscuous mode
[  291.023420][T13821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3078'.
[  291.053189][T13821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3078'.
[  291.063968][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.090486][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.100639][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.131360][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.145897][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.168776][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.186541][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.215953][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.245916][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.286571][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.320577][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  291.342235][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.345709][T13833] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3081'.
[  291.360528][T13648] batman_adv: batadv0: Interface activated: batadv_slave_0
[  291.362505][T13833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3081'.
[  291.410949][T13821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3078'.
[  291.432520][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  291.476034][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.502825][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  291.528223][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.551438][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  291.568601][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.578718][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  291.586350][ T5841] Bluetooth: hci1: command tx timeout
[  291.589890][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.604831][T13648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  291.615612][T13648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  291.628439][T13648] batman_adv: batadv0: Interface activated: batadv_slave_1
[  291.645220][T13821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3078'.
[  291.713005][T13821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3078'.
[  291.724868][T13648] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  291.753616][T13648] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  291.773029][T13648] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  291.785808][T13648] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  291.794133][T13839] xt_time: invalid argument - start or stop time greater than 23:59:59
[  291.807961][T13821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3078'.
[  291.898863][T13840] netlink: 'syz.3.3083': attribute type 12 has an invalid length.
[  291.970108][ T6590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.991703][ T6590] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.061613][ T3015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.085147][ T3015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.182231][T13844] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3084'.
[  292.424934][T13852] FAULT_INJECTION: forcing a failure.
[  292.424934][T13852] name failslab, interval 1, probability 0, space 0, times 0
[  292.457994][T13852] CPU: 0 UID: 0 PID: 13852 Comm: syz.3.3087 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  292.458026][T13852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  292.458040][T13852] Call Trace:
[  292.458048][T13852]  <TASK>
[  292.458057][T13852]  dump_stack_lvl+0x241/0x360
[  292.458090][T13852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.458119][T13852]  ? __pfx__printk+0x10/0x10
[  292.458143][T13852]  ? __kmalloc_cache_noprof+0x48/0x390
[  292.458175][T13852]  ? __pfx___might_resched+0x10/0x10
[  292.458208][T13852]  should_fail_ex+0x40a/0x550
[  292.458246][T13852]  should_failslab+0xac/0x100
[  292.458277][T13852]  __kmalloc_cache_noprof+0x70/0x390
[  292.458306][T13852]  ? sctp_transport_new+0x7e/0x660
[  292.458339][T13852]  sctp_transport_new+0x7e/0x660
[  292.458371][T13852]  sctp_assoc_add_peer+0x225/0x1360
[  292.458404][T13852]  ? sctp_endpoint_is_peeled_off+0xc1/0x100
[  292.458433][T13852]  sctp_connect_add_peer+0x4af/0x5b0
[  292.458464][T13852]  ? __pfx_sctp_connect_add_peer+0x10/0x10
[  292.458493][T13852]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  292.458528][T13852]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  292.458551][T13852]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  292.458579][T13852]  __sctp_connect+0x864/0xe30
[  292.458616][T13852]  ? __pfx___sctp_connect+0x10/0x10
[  292.458639][T13852]  ? __might_fault+0xaa/0x120
[  292.458659][T13852]  ? __might_fault+0xc6/0x120
[  292.458682][T13852]  ? _copy_from_user+0x95/0xb0
[  292.458707][T13852]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  292.458739][T13852]  sctp_getsockopt_connectx3+0x46c/0x730
[  292.458770][T13852]  ? __local_bh_enable_ip+0x168/0x200
[  292.458798][T13852]  ? __pfx_sctp_getsockopt_connectx3+0x10/0x10
[  292.458829][T13852]  ? __local_bh_enable_ip+0x168/0x200
[  292.458854][T13852]  ? sctp_getsockopt+0x13a/0xbb0
[  292.458877][T13852]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  292.458913][T13852]  sctp_getsockopt+0x8de/0xbb0
[  292.458935][T13852]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  292.458968][T13852]  do_sock_getsockopt+0x38e/0x740
[  292.458998][T13852]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  292.459018][T13852]  ? __fget_files+0x2a/0x410
[  292.459051][T13852]  ? __fget_files+0x395/0x410
[  292.459079][T13852]  ? __fget_files+0x2a/0x410
[  292.459117][T13852]  __x64_sys_getsockopt+0x2a1/0x370
[  292.459148][T13852]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  292.459171][T13852]  ? do_syscall_64+0x100/0x230
[  292.459205][T13852]  ? do_syscall_64+0xb6/0x230
[  292.459238][T13852]  do_syscall_64+0xf3/0x230
[  292.459269][T13852]  ? clear_bhb_loop+0x35/0x90
[  292.459301][T13852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.459329][T13852] RIP: 0033:0x7f9d0dd8d169
[  292.459348][T13852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.459367][T13852] RSP: 002b:00007f9d0ec39038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  292.459390][T13852] RAX: ffffffffffffffda RBX: 00007f9d0dfa5fa0 RCX: 00007f9d0dd8d169
[  292.459406][T13852] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  292.459419][T13852] RBP: 00007f9d0ec39090 R08: 00002000000002c0 R09: 0000000000000000
[  292.459433][T13852] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000002
[  292.459446][T13852] R13: 0000000000000000 R14: 00007f9d0dfa5fa0 R15: 00007ffed7ce2b38
[  292.459478][T13852]  </TASK>
[  292.464266][T13854] tipc: Can't bind to reserved service type 2
[  292.999632][T13863] FAULT_INJECTION: forcing a failure.
[  292.999632][T13863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.049270][T13863] CPU: 0 UID: 0 PID: 13863 Comm: syz.1.3092 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  293.049305][T13863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  293.049317][T13863] Call Trace:
[  293.049324][T13863]  <TASK>
[  293.049332][T13863]  dump_stack_lvl+0x241/0x360
[  293.049362][T13863]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.049384][T13863]  ? __pfx__printk+0x10/0x10
[  293.049410][T13863]  ? snprintf+0xda/0x120
[  293.049437][T13863]  should_fail_ex+0x40a/0x550
[  293.049470][T13863]  _copy_to_user+0x31/0xb0
[  293.049500][T13863]  simple_read_from_buffer+0xca/0x150
[  293.049531][T13863]  proc_fail_nth_read+0x1e9/0x250
[  293.049562][T13863]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  293.049592][T13863]  ? rw_verify_area+0x243/0x630
[  293.049612][T13863]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  293.049640][T13863]  vfs_read+0x1f8/0xb40
[  293.049661][T13863]  ? fdget_pos+0x254/0x320
[  293.049697][T13863]  ? __pfx___mutex_lock+0x10/0x10
[  293.049728][T13863]  ? __pfx_vfs_read+0x10/0x10
[  293.049752][T13863]  ? __fget_files+0x2a/0x410
[  293.049781][T13863]  ? __fget_files+0x395/0x410
[  293.049808][T13863]  ? __fget_files+0x2a/0x410
[  293.049845][T13863]  ksys_read+0x18f/0x2b0
[  293.049866][T13863]  ? __pfx_ksys_read+0x10/0x10
[  293.049888][T13863]  ? do_syscall_64+0x100/0x230
[  293.049920][T13863]  ? do_syscall_64+0xb6/0x230
[  293.049952][T13863]  do_syscall_64+0xf3/0x230
[  293.049982][T13863]  ? clear_bhb_loop+0x35/0x90
[  293.050012][T13863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.050039][T13863] RIP: 0033:0x7fe3a858bb7c
[  293.050057][T13863] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  293.050074][T13863] RSP: 002b:00007fe3a932a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  293.050096][T13863] RAX: ffffffffffffffda RBX: 00007fe3a87a5fa0 RCX: 00007fe3a858bb7c
[  293.050110][T13863] RDX: 000000000000000f RSI: 00007fe3a932a0a0 RDI: 0000000000000009
[  293.050123][T13863] RBP: 00007fe3a932a090 R08: 0000000000000000 R09: 0000000000000000
[  293.050136][T13863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.050147][T13863] R13: 0000000000000000 R14: 00007fe3a87a5fa0 R15: 00007ffd2e1a0198
[  293.050178][T13863]  </TASK>
[  293.431845][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  293.441069][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  293.450565][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  293.472766][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  293.481996][ T5846] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  293.491521][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  293.598775][ T6590] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.666951][ T5846] Bluetooth: hci1: command tx timeout
[  293.772984][ T6590] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.840824][T13886] FAULT_INJECTION: forcing a failure.
[  293.840824][T13886] name failslab, interval 1, probability 0, space 0, times 0
[  293.862972][T13886] CPU: 1 UID: 0 PID: 13886 Comm: syz.1.3099 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  293.863002][T13886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  293.863015][T13886] Call Trace:
[  293.863022][T13886]  <TASK>
[  293.863031][T13886]  dump_stack_lvl+0x241/0x360
[  293.863063][T13886]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.863087][T13886]  ? __pfx__printk+0x10/0x10
[  293.863110][T13886]  ? __kmalloc_cache_noprof+0x48/0x390
[  293.863142][T13886]  ? __pfx___might_resched+0x10/0x10
[  293.863176][T13886]  should_fail_ex+0x40a/0x550
[  293.863213][T13886]  should_failslab+0xac/0x100
[  293.863242][T13886]  __kmalloc_cache_noprof+0x70/0x390
[  293.863271][T13886]  ? __genradix_ptr_alloc+0x39b/0x500
[  293.863305][T13886]  __genradix_ptr_alloc+0x39b/0x500
[  293.863344][T13886]  __genradix_prealloc+0x45/0x90
[  293.863376][T13886]  sctp_stream_alloc_out+0x8c/0x110
[  293.863412][T13886]  sctp_send_add_streams+0x1fe/0x400
[  293.863455][T13886]  sctp_setsockopt+0x6d9/0x11c0
[  293.863483][T13886]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  293.863514][T13886]  do_sock_setsockopt+0x3af/0x720
[  293.863543][T13886]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  293.863571][T13886]  ? __fget_files+0x395/0x410
[  293.863600][T13886]  ? __fget_files+0x2a/0x410
[  293.863640][T13886]  __x64_sys_setsockopt+0x1ee/0x280
[  293.863669][T13886]  do_syscall_64+0xf3/0x230
[  293.863708][T13886]  ? clear_bhb_loop+0x35/0x90
[  293.863742][T13886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.863771][T13886] RIP: 0033:0x7fe3a858d169
[  293.863789][T13886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.863808][T13886] RSP: 002b:00007fe3a9309038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  293.863830][T13886] RAX: ffffffffffffffda RBX: 00007fe3a87a6080 RCX: 00007fe3a858d169
[  293.863846][T13886] RDX: 0000000000000079 RSI: 0000000000000084 RDI: 0000000000000003
[  293.863863][T13886] RBP: 00007fe3a9309090 R08: 0000000000000008 R09: 0000000000000000
[  293.863876][T13886] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[  293.863889][T13886] R13: 0000000000000001 R14: 00007fe3a87a6080 R15: 00007ffd2e1a0198
[  293.863921][T13886]  </TASK>
[  294.243866][ T6590] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.366896][ T6590] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.407377][T13902] skbuff: bad partial csum: csum=65506/2 headroom=178 headlen=65526
[  294.654736][T13872] chnl_net:caif_netlink_parms(): no params data found
[  294.788095][T13912] FAULT_INJECTION: forcing a failure.
[  294.788095][T13912] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.813321][ T6590] bridge_slave_1: left allmulticast mode
[  294.823148][T13912] CPU: 1 UID: 0 PID: 13912 Comm: syz.2.3106 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  294.823175][T13912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  294.823187][T13912] Call Trace:
[  294.823194][T13912]  <TASK>
[  294.823202][T13912]  dump_stack_lvl+0x241/0x360
[  294.823234][T13912]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.823257][T13912]  ? __pfx__printk+0x10/0x10
[  294.823280][T13912]  ? __pfx_lock_release+0x10/0x10
[  294.823326][T13912]  should_fail_ex+0x40a/0x550
[  294.823358][T13912]  _copy_from_user+0x2d/0xb0
[  294.823383][T13912]  copy_msghdr_from_user+0xae/0x680
[  294.823414][T13912]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  294.823437][T13912]  ? __fget_files+0x2a/0x410
[  294.823465][T13912]  ? __fget_files+0x2a/0x410
[  294.823498][T13912]  __sys_sendmsg+0x209/0x350
[  294.823522][T13912]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.823553][T13912]  ? do_sys_openat2+0x17a/0x1d0
[  294.823607][T13912]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  294.823639][T13912]  ? do_syscall_64+0x100/0x230
[  294.823672][T13912]  ? do_syscall_64+0xb6/0x230
[  294.823710][T13912]  do_syscall_64+0xf3/0x230
[  294.823740][T13912]  ? clear_bhb_loop+0x35/0x90
[  294.823771][T13912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.823797][T13912] RIP: 0033:0x7f3bdcf8d169
[  294.823815][T13912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.823835][T13912] RSP: 002b:00007f3bdde67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.823857][T13912] RAX: ffffffffffffffda RBX: 00007f3bdd1a5fa0 RCX: 00007f3bdcf8d169
[  294.823872][T13912] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000003
[  294.823884][T13912] RBP: 00007f3bdde67090 R08: 0000000000000000 R09: 0000000000000000
[  294.823896][T13912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.823908][T13912] R13: 0000000000000000 R14: 00007f3bdd1a5fa0 R15: 00007ffc2d556078
[  294.823938][T13912]  </TASK>
[  294.838150][ T6590] bridge_slave_1: left promiscuous mode
[  295.053729][ T6590] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.072682][ T6590] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.387744][ T6590] batman_adv: batadv0: Removing interface: gretap1
[  295.546096][ T6590] bond2 (unregistering): (slave bridge1): Releasing backup interface
[  295.554856][ T6590] bridge1 (unregistering): left promiscuous mode
[  295.586402][ T5846] Bluetooth: hci2: command tx timeout
[  295.609690][ T6590] bond8 (unregistering): (slave bridge2): Releasing backup interface
[  295.618238][ T6590] bridge2 (unregistering): left promiscuous mode
[  295.793116][ T6590] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  295.804388][ T6590] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  295.815371][ T6590] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  295.833141][ T6590] bond0 (unregistering): (slave team0): Releasing backup interface
[  295.846577][ T6590] bond0 (unregistering): Released all slaves
[  295.973326][ T6590] bond1 (unregistering): Released all slaves
[  296.090428][ T6590] bond2 (unregistering): Released all slaves
[  296.206230][ T6590] bond3 (unregistering): Released all slaves
[  296.325860][ T6590] bond4 (unregistering): Released all slaves
[  296.444203][ T6590] bond5 (unregistering): Released all slaves
[  296.567522][ T6590] bond6 (unregistering): Released all slaves
[  296.688757][ T6590] bond7 (unregistering): Released all slaves
[  296.799128][ T6590] bond8 (unregistering): Released all slaves
[  297.021057][T13872] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.035931][T13872] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.043427][T13872] bridge_slave_0: entered allmulticast mode
[  297.052536][T13872] bridge_slave_0: entered promiscuous mode
[  297.062854][ T6590] tipc: Left network mode
[  297.069767][T13933] netlink: 'syz.0.3112': attribute type 1 has an invalid length.
[  297.101926][T13872] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.126067][T13872] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.144508][T13940] __nla_validate_parse: 3 callbacks suppressed
[  297.144528][T13940] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3111'.
[  297.176273][T13872] bridge_slave_1: entered allmulticast mode
[  297.183468][T13872] bridge_slave_1: entered promiscuous mode
[  297.219097][T13942] netlink: 'syz.3.3114': attribute type 1 has an invalid length.
[  297.242229][T13944] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3111'.
[  297.256077][T13942] netlink: 'syz.3.3114': attribute type 2 has an invalid length.
[  297.352794][T13949] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3114'.
[  297.675040][ T6590] IPVS: stopping backup sync thread 12184 ...
[  297.682851][ T5846] Bluetooth: hci2: command tx timeout
[  297.723202][T13949] netlink: 'syz.3.3114': attribute type 21 has an invalid length.
[  297.737291][T13949] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3114'.
[  297.753292][T13959] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3117'.
[  297.794828][T13959] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3117'.
[  297.827158][T13959] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3117'.
[  297.864051][T13959] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3117'.
[  297.912245][T13872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.938141][T13872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.163782][T13970] netlink: 'syz.3.3120': attribute type 11 has an invalid length.
[  298.211594][T13872] team0: Port device team_slave_0 added
[  298.240100][T13979] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3123'.
[  298.258374][T13979] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3123'.
[  298.269724][T13872] team0: Port device team_slave_1 added
[  298.406970][T13872] batman_adv: batadv0: Adding interface: batadv_slave_0
[  298.434594][T13872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.483279][T13872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.516538][T13872] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.541987][T13872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.571855][T13872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.721274][ T6590] hsr_slave_0: left promiscuous mode
[  298.727879][ T6590] hsr_slave_1: left promiscuous mode
[  298.733717][ T6590] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.741570][ T6590] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.751731][ T6590] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.759370][ T6590] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.794854][ T6590] veth1_macvtap: left promiscuous mode
[  298.801635][ T6590] veth0_macvtap: left promiscuous mode
[  298.809323][ T6590] veth1_vlan: left promiscuous mode
[  298.829627][ T6590] veth0_vlan: left promiscuous mode
[  298.973121][ T6590] team0 (unregistering): Port device batadv1 removed
[  299.123121][T13999] netlink: 'syz.0.3129': attribute type 1 has an invalid length.
[  299.714078][ T6590] team0 (unregistering): Port device team_slave_1 removed
[  299.746486][ T5846] Bluetooth: hci2: command tx timeout
[  299.828299][ T6590] team0 (unregistering): Port device team_slave_0 removed
[  300.475908][T13872] hsr_slave_0: entered promiscuous mode
[  300.491698][T13872] hsr_slave_1: entered promiscuous mode
[  300.504063][T13872] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  300.517582][T13872] Cannot create hsr debugfs directory
[  300.624703][T14025] sctp: [Deprecated]: syz.1.3138 (pid 14025) Use of struct sctp_assoc_value in delayed_ack socket option.
[  300.624703][T14025] Use struct sctp_sack_info instead
[  301.027330][T14044] FAULT_INJECTION: forcing a failure.
[  301.027330][T14044] name failslab, interval 1, probability 0, space 0, times 0
[  301.077820][T14044] CPU: 0 UID: 0 PID: 14044 Comm: syz.2.3142 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  301.077852][T14044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  301.077866][T14044] Call Trace:
[  301.077874][T14044]  <TASK>
[  301.077883][T14044]  dump_stack_lvl+0x241/0x360
[  301.077925][T14044]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.077948][T14044]  ? __pfx__printk+0x10/0x10
[  301.077971][T14044]  ? fs_reclaim_acquire+0x93/0x130
[  301.077994][T14044]  ? __pfx___might_resched+0x10/0x10
[  301.078020][T14044]  ? dynamic_dname+0x144/0x1b0
[  301.078045][T14044]  should_fail_ex+0x40a/0x550
[  301.078081][T14044]  should_failslab+0xac/0x100
[  301.078110][T14044]  __kmalloc_noprof+0xdd/0x4c0
[  301.078137][T14044]  ? tomoyo_encode+0x26f/0x540
[  301.078162][T14044]  tomoyo_encode+0x26f/0x540
[  301.078184][T14044]  ? __pfx_sockfs_dname+0x10/0x10
[  301.078215][T14044]  tomoyo_realpath_from_path+0x59e/0x5e0
[  301.078250][T14044]  tomoyo_path_number_perm+0x239/0x770
[  301.078277][T14044]  ? __lock_acquire+0x1397/0x2100
[  301.078312][T14044]  ? tomoyo_path_number_perm+0x209/0x770
[  301.078345][T14044]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  301.078417][T14044]  ? __fget_files+0x2a/0x410
[  301.078451][T14044]  ? __fget_files+0x2a/0x410
[  301.078487][T14044]  security_file_ioctl+0xc6/0x2a0
[  301.078517][T14044]  __se_sys_ioctl+0x46/0x170
[  301.078542][T14044]  do_syscall_64+0xf3/0x230
[  301.078575][T14044]  ? clear_bhb_loop+0x35/0x90
[  301.078607][T14044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.078635][T14044] RIP: 0033:0x7f3bdcf8d169
[  301.078654][T14044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.078672][T14044] RSP: 002b:00007f3bdde25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  301.078695][T14044] RAX: ffffffffffffffda RBX: 00007f3bdd1a6160 RCX: 00007f3bdcf8d169
[  301.078711][T14044] RDX: 00002000000000c0 RSI: 000000000000890b RDI: 000000000000000b
[  301.078724][T14044] RBP: 00007f3bdde25090 R08: 0000000000000000 R09: 0000000000000000
[  301.078737][T14044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.078750][T14044] R13: 0000000000000001 R14: 00007f3bdd1a6160 R15: 00007ffc2d556078
[  301.078782][T14044]  </TASK>
[  301.078799][T14044] ERROR: Out of memory at tomoyo_realpath_from_path.
[  301.186070][T14048] FAULT_INJECTION: forcing a failure.
[  301.186070][T14048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.331611][T14048] CPU: 1 UID: 0 PID: 14048 Comm: syz.0.3145 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  301.331641][T14048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  301.331654][T14048] Call Trace:
[  301.331662][T14048]  <TASK>
[  301.331670][T14048]  dump_stack_lvl+0x241/0x360
[  301.331701][T14048]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.331724][T14048]  ? __pfx__printk+0x10/0x10
[  301.331751][T14048]  ? snprintf+0xda/0x120
[  301.331780][T14048]  should_fail_ex+0x40a/0x550
[  301.331818][T14048]  _copy_to_user+0x31/0xb0
[  301.331849][T14048]  simple_read_from_buffer+0xca/0x150
[  301.331882][T14048]  proc_fail_nth_read+0x1e9/0x250
[  301.331915][T14048]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.331949][T14048]  ? rw_verify_area+0x243/0x630
[  301.331970][T14048]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.332001][T14048]  vfs_read+0x1f8/0xb40
[  301.332024][T14048]  ? fdget_pos+0x254/0x320
[  301.332056][T14048]  ? __pfx___mutex_lock+0x10/0x10
[  301.332089][T14048]  ? __pfx_vfs_read+0x10/0x10
[  301.332114][T14048]  ? __fget_files+0x2a/0x410
[  301.332156][T14048]  ? __fget_files+0x395/0x410
[  301.332183][T14048]  ? __fget_files+0x2a/0x410
[  301.332213][T14046] netlink: 'syz.1.3144': attribute type 1 has an invalid length.
[  301.332221][T14048]  ksys_read+0x18f/0x2b0
[  301.332247][T14048]  ? __pfx_ksys_read+0x10/0x10
[  301.332267][T14048]  ? do_syscall_64+0x100/0x230
[  301.332303][T14048]  ? do_syscall_64+0xb6/0x230
[  301.332341][T14048]  do_syscall_64+0xf3/0x230
[  301.332376][T14048]  ? clear_bhb_loop+0x35/0x90
[  301.332412][T14048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.332443][T14048] RIP: 0033:0x7f4c71d8bb7c
[  301.332463][T14048] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  301.332483][T14048] RSP: 002b:00007f4c72b3b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  301.332507][T14048] RAX: ffffffffffffffda RBX: 00007f4c71fa5fa0 RCX: 00007f4c71d8bb7c
[  301.332523][T14048] RDX: 000000000000000f RSI: 00007f4c72b3b0a0 RDI: 0000000000000005
[  301.332538][T14048] RBP: 00007f4c72b3b090 R08: 0000000000000000 R09: 0000000000000000
[  301.332561][T14048] R10: 0000000000002001 R11: 0000000000000246 R12: 0000000000000001
[  301.332575][T14048] R13: 0000000000000000 R14: 00007f4c71fa5fa0 R15: 00007ffdf95a9d18
[  301.332608][T14048]  </TASK>
[  301.659575][ T6590] IPVS: stop unused estimator thread 0...
[  301.827819][ T5846] Bluetooth: hci2: command tx timeout
[  301.904538][T14066] xfrm1: entered allmulticast mode
[  301.941993][T13872] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  301.967283][T13872] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  301.991364][T13872] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  302.009891][T13872] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  302.080092][T14072] FAULT_INJECTION: forcing a failure.
[  302.080092][T14072] name failslab, interval 1, probability 0, space 0, times 0
[  302.109958][T14072] CPU: 1 UID: 0 PID: 14072 Comm: syz.0.3154 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  302.109989][T14072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  302.110002][T14072] Call Trace:
[  302.110010][T14072]  <TASK>
[  302.110020][T14072]  dump_stack_lvl+0x241/0x360
[  302.110052][T14072]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.110075][T14072]  ? __pfx__printk+0x10/0x10
[  302.110098][T14072]  ? __kmalloc_noprof+0xb5/0x4c0
[  302.110127][T14072]  ? __pfx___might_resched+0x10/0x10
[  302.110160][T14072]  should_fail_ex+0x40a/0x550
[  302.110197][T14072]  should_failslab+0xac/0x100
[  302.110226][T14072]  __kmalloc_noprof+0xdd/0x4c0
[  302.110252][T14072]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  302.110275][T14072]  ? sock_kmalloc+0xd7/0x160
[  302.110304][T14072]  sock_kmalloc+0xd7/0x160
[  302.110332][T14072]  af_alg_sendmsg+0x1147/0x24d0
[  302.110393][T14072]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  302.110426][T14072]  ? __pfx_aa_sk_perm+0x10/0x10
[  302.110457][T14072]  ? __fget_files+0x2a/0x410
[  302.110488][T14072]  ? aa_sock_msg_perm+0x91/0x160
[  302.110521][T14072]  ? skcipher_sendmsg+0x28/0xf0
[  302.110556][T14072]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  302.110586][T14072]  __sock_sendmsg+0x221/0x270
[  302.110619][T14072]  __sys_sendto+0x363/0x4c0
[  302.110646][T14072]  ? __pfx___sys_sendto+0x10/0x10
[  302.110695][T14072]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  302.110730][T14072]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  302.110763][T14072]  ? exc_page_fault+0x590/0x8b0
[  302.110797][T14072]  __x64_sys_sendto+0xde/0x100
[  302.110821][T14072]  do_syscall_64+0xf3/0x230
[  302.110862][T14072]  ? clear_bhb_loop+0x35/0x90
[  302.110896][T14072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.110925][T14072] RIP: 0033:0x7f4c71d8effc
[  302.110944][T14072] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  302.110962][T14072] RSP: 002b:00007f4c72b39ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  302.110985][T14072] RAX: ffffffffffffffda RBX: 00007f4c72b39fc0 RCX: 00007f4c71d8effc
[  302.111001][T14072] RDX: 0000000000000020 RSI: 00007f4c72b3a010 RDI: 0000000000000004
[  302.111014][T14072] RBP: 0000000000000000 R08: 00007f4c72b39f14 R09: 000000000000000c
[  302.111026][T14072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  302.111038][T14072] R13: 00007f4c72b39f68 R14: 00007f4c72b3a010 R15: 0000000000000000
[  302.111071][T14072]  </TASK>
[  302.436733][T13872] 8021q: adding VLAN 0 to HW filter on device bond0
[  302.453245][T13872] 8021q: adding VLAN 0 to HW filter on device team0
[  302.509178][T14076] IPVS: sync thread started: state = MASTER, mcast_ifn = dummy0, syncid = 3, id = 0
[  302.522166][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.529326][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  302.551036][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.558260][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  302.584332][T14079] IPVS: stopping master sync thread 14082 ...
[  302.925471][T13872] 8021q: adding VLAN 0 to HW filter on device batadv0
[  303.101211][T14103] __nla_validate_parse: 5 callbacks suppressed
[  303.101233][T14103] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3163'.
[  303.426179][T13872] veth0_vlan: entered promiscuous mode
[  303.460390][T13872] veth1_vlan: entered promiscuous mode
[  303.475710][T14121] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3167'.
[  303.544799][T13872] veth0_macvtap: entered promiscuous mode
[  303.571217][T13872] veth1_macvtap: entered promiscuous mode
[  303.619452][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.622950][T14124] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3165'.
[  303.630754][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.659184][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.682159][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.703468][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.732752][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.748162][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.759567][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.769550][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.781888][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.791877][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.803060][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.814539][T13872] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.855037][T14126] syzkaller1: entered promiscuous mode
[  303.872532][T14126] syzkaller1: entered allmulticast mode
[  303.887805][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.898496][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.908985][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.920039][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.931196][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.942300][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.952514][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.963680][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.974074][T13872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.985093][T13872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.997940][T13872] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.010628][T13872] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.019800][T13872] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.028929][T13872] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.038858][T13872] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.209241][ T6590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.236718][ T6590] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.366608][ T6586] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.374492][ T6586] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.612185][T14151] netlink: 'syz.0.3178': attribute type 1 has an invalid length.
[  304.689831][T14151] bond1: entered promiscuous mode
[  304.695394][T14151] 8021q: adding VLAN 0 to HW filter on device bond1
[  305.287143][T14172] netlink: 244 bytes leftover after parsing attributes in process `syz.0.3185'.
[  305.341862][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  305.352724][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  305.366499][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  305.391125][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  305.400198][ T5841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  305.408236][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  305.800272][T14173] chnl_net:caif_netlink_parms(): no params data found
[  305.800861][T14191] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3189'.
[  305.836099][T14193] netlink: 'syz.4.3190': attribute type 1 has an invalid length.
[  305.849113][T14193] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3190'.
[  305.878651][T14196] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3192'.
[  305.888473][T14196] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3192'.
[  305.924737][T14196] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3192'.
[  306.023512][T14173] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.032564][T14173] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.040225][T14173] bridge_slave_0: entered allmulticast mode
[  306.047569][T14173] bridge_slave_0: entered promiscuous mode
[  306.061135][T14173] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.069510][T14173] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.078882][T14173] bridge_slave_1: entered allmulticast mode
[  306.086768][T14173] bridge_slave_1: entered promiscuous mode
[  306.177640][T14173] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.221195][T14173] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.317303][T14173] team0: Port device team_slave_0 added
[  306.351763][T14173] team0: Port device team_slave_1 added
[  306.423784][T14212] ax25_connect(): syz.4.3197 uses autobind, please contact jreuter@yaina.de
[  306.446741][T14173] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.453741][T14173] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.499017][T14173] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.584273][T14173] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.600501][T14173] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.641176][T14173] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.750013][T14173] hsr_slave_0: entered promiscuous mode
[  306.767429][T14173] hsr_slave_1: entered promiscuous mode
[  306.773592][T14173] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  306.809358][T14173] Cannot create hsr debugfs directory
[  307.136669][T14240] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3205'.
[  307.299828][T14173] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.467948][T14173] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.507081][ T5841] Bluetooth: hci3: command tx timeout
[  307.620409][T14173] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.722059][T14173] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.949408][T14173] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  307.967659][T14173] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  307.992723][T14173] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  308.020843][T14173] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  308.200136][T14173] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.246561][T14284] __nla_validate_parse: 1 callbacks suppressed
[  308.246583][T14284] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3221'.
[  308.270014][T14173] 8021q: adding VLAN 0 to HW filter on device team0
[  308.286878][ T6586] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.294080][ T6586] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.325154][ T6586] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.332379][ T6586] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.675215][T14173] 8021q: adding VLAN 0 to HW filter on device batadv0
[  308.757158][T14301] FAULT_INJECTION: forcing a failure.
[  308.757158][T14301] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  308.798234][T14173] veth0_vlan: entered promiscuous mode
[  308.806021][T14301] CPU: 1 UID: 0 PID: 14301 Comm: syz.4.3227 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  308.806051][T14301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  308.806065][T14301] Call Trace:
[  308.806074][T14301]  <TASK>
[  308.806083][T14301]  dump_stack_lvl+0x241/0x360
[  308.806115][T14301]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.806139][T14301]  ? __pfx__printk+0x10/0x10
[  308.806164][T14301]  ? stack_depot_save_flags+0x37/0x940
[  308.806204][T14301]  should_fail_ex+0x40a/0x550
[  308.806241][T14301]  prepare_alloc_pages+0x1da/0x5b0
[  308.806275][T14301]  __alloc_frozen_pages_noprof+0x16f/0x710
[  308.806305][T14301]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  308.806351][T14301]  alloc_pages_mpol+0x311/0x660
[  308.806387][T14301]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  308.806418][T14301]  ? __kmalloc_noprof+0x2a5/0x4c0
[  308.806455][T14301]  ? sock_kmalloc+0xd7/0x160
[  308.806485][T14301]  alloc_pages_noprof+0x121/0x190
[  308.806517][T14301]  af_alg_sendmsg+0x145b/0x24d0
[  308.806573][T14301]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  308.806606][T14301]  ? __pfx_aa_sk_perm+0x10/0x10
[  308.806637][T14301]  ? __fget_files+0x2a/0x410
[  308.806669][T14301]  ? aa_sock_msg_perm+0x91/0x160
[  308.806701][T14301]  ? skcipher_sendmsg+0x28/0xf0
[  308.806735][T14301]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  308.806765][T14301]  __sock_sendmsg+0x221/0x270
[  308.806797][T14301]  __sys_sendto+0x363/0x4c0
[  308.806824][T14301]  ? __pfx___sys_sendto+0x10/0x10
[  308.806872][T14301]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  308.806908][T14301]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  308.806941][T14301]  ? exc_page_fault+0x590/0x8b0
[  308.806975][T14301]  __x64_sys_sendto+0xde/0x100
[  308.807000][T14301]  do_syscall_64+0xf3/0x230
[  308.807032][T14301]  ? clear_bhb_loop+0x35/0x90
[  308.807066][T14301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.807095][T14301] RIP: 0033:0x7f4ed4b8effc
[  308.807114][T14301] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  308.807133][T14301] RSP: 002b:00007f4ed591aec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  308.807155][T14301] RAX: ffffffffffffffda RBX: 00007f4ed591afc0 RCX: 00007f4ed4b8effc
[  308.807171][T14301] RDX: 0000000000000020 RSI: 00007f4ed591b010 RDI: 0000000000000004
[  308.807185][T14301] RBP: 0000000000000000 R08: 00007f4ed591af14 R09: 000000000000000c
[  308.807198][T14301] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  308.807211][T14301] R13: 00007f4ed591af68 R14: 00007f4ed591b010 R15: 0000000000000000
[  308.807244][T14301]  </TASK>
[  308.812664][T14173] veth1_vlan: entered promiscuous mode
[  309.107548][T14305] sctp: [Deprecated]: syz.1.3228 (pid 14305) Use of int in maxseg socket option.
[  309.107548][T14305] Use struct sctp_assoc_value instead
[  309.318581][T14173] veth0_macvtap: entered promiscuous mode
[  309.379260][T14173] veth1_macvtap: entered promiscuous mode
[  309.460409][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.495931][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.533008][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.555875][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.592589][ T5841] Bluetooth: hci3: command tx timeout
[  309.610450][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.621116][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.631407][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.642043][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.652173][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.664209][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.674503][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.685206][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.695161][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.705869][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.717219][T14173] batman_adv: batadv0: Interface activated: batadv_slave_0
[  309.777428][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.802764][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.816034][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.861863][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.887900][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.915462][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.933014][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.945905][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.965493][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.990853][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.005915][T14173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.025009][T14173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.037981][T14173] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.052353][T14340] tipc: Invalid UDP bearer configuration
[  310.052395][T14340] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  310.097571][T14173] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.122373][T14173] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.146368][T14173] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.155134][T14173] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.280716][T14351] netlink: 'syz.2.3241': attribute type 2 has an invalid length.
[  310.343130][T14352] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3242'.
[  310.367252][ T3015] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.392395][ T3015] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.461547][ T6594] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.490542][ T6594] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.580683][T14364] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3243'.
[  310.850795][T14371] netlink: 'syz.3.3179': attribute type 1 has an invalid length.
[  310.863744][T14371] netlink: 208292 bytes leftover after parsing attributes in process `syz.3.3179'.
[  310.884028][T14371] netlink: 'syz.3.3179': attribute type 2 has an invalid length.
[  310.906343][T14379] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3248'.
[  310.926289][T14371] netlink: 'syz.3.3179': attribute type 1 has an invalid length.
[  310.934350][T14379] netlink: 'syz.4.3248': attribute type 7 has an invalid length.
[  310.956410][T14379] netlink: 'syz.4.3248': attribute type 8 has an invalid length.
[  310.968808][T14379] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3248'.
[  311.128231][T14387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3250'.
[  311.337442][T14396] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3255'.
[  311.348676][T14396] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3255'.
[  311.357864][T14396] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3255'.
[  311.369391][T14396] FAULT_INJECTION: forcing a failure.
[  311.369391][T14396] name failslab, interval 1, probability 0, space 0, times 0
[  311.382992][T14396] CPU: 1 UID: 0 PID: 14396 Comm: syz.3.3255 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  311.383019][T14396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  311.383033][T14396] Call Trace:
[  311.383041][T14396]  <TASK>
[  311.383049][T14396]  dump_stack_lvl+0x241/0x360
[  311.383081][T14396]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.383104][T14396]  ? __pfx__printk+0x10/0x10
[  311.383129][T14396]  ? fs_reclaim_acquire+0x93/0x130
[  311.383152][T14396]  ? __pfx___might_resched+0x10/0x10
[  311.383177][T14396]  ? lockdep_init_map_type+0xa1/0x910
[  311.383214][T14396]  should_fail_ex+0x40a/0x550
[  311.383251][T14396]  should_failslab+0xac/0x100
[  311.383308][T14396]  ? security_inode_alloc+0x37/0x310
[  311.383330][T14396]  kmem_cache_alloc_noprof+0x70/0x380
[  311.383367][T14396]  security_inode_alloc+0x37/0x310
[  311.383391][T14396]  inode_init_always_gfp+0xa0f/0xd90
[  311.383424][T14396]  ? __pfx_sock_alloc_inode+0x10/0x10
[  311.383458][T14396]  alloc_inode+0x9f/0x1a0
[  311.383490][T14396]  __sock_create+0x127/0xa30
[  311.383533][T14396]  mptcp_subflow_create_socket+0x125/0xcb0
[  311.383569][T14396]  ? mark_lock+0x9a/0x360
[  311.383596][T14396]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  311.383641][T14396]  __mptcp_subflow_connect+0x2ce/0x1e10
[  311.383692][T14396]  ? __pfx___mptcp_subflow_connect+0x10/0x10
[  311.383741][T14396]  ? mptcp_pm_create_subflow_or_signal_addr+0x127f/0x2570
[  311.383775][T14396]  ? mptcp_pm_create_subflow_or_signal_addr+0xebd/0x2570
[  311.383810][T14396]  mptcp_pm_create_subflow_or_signal_addr+0x12d4/0x2570
[  311.383834][T14396]  ? mark_lock+0x9a/0x360
[  311.383885][T14396]  ? __pfx_mptcp_pm_create_subflow_or_signal_addr+0x10/0x10
[  311.383963][T14396]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  311.383995][T14396]  ? mptcp_pm_nl_add_addr_doit+0xee8/0x1760
[  311.384029][T14396]  ? mptcp_addresses_equal+0x2ea/0x420
[  311.384064][T14396]  mptcp_pm_nl_add_addr_doit+0xf81/0x1760
[  311.384103][T14396]  ? do_trace_netlink_extack+0x8b/0x1f0
[  311.384128][T14396]  ? genl_rcv+0x28/0x40
[  311.384155][T14396]  ? netlink_unicast+0x7f6/0x990
[  311.384176][T14396]  ? netlink_sendmsg+0x8de/0xcb0
[  311.384205][T14396]  ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10
[  311.384311][T14396]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  311.384355][T14396]  genl_rcv_msg+0xb1f/0xec0
[  311.384398][T14396]  ? __pfx_genl_rcv_msg+0x10/0x10
[  311.384462][T14396]  ? __pfx_lock_acquire+0x10/0x10
[  311.384494][T14396]  ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10
[  311.384530][T14396]  ? __pfx___might_resched+0x10/0x10
[  311.384571][T14396]  netlink_rcv_skb+0x206/0x480
[  311.384598][T14396]  ? __pfx_genl_rcv_msg+0x10/0x10
[  311.384633][T14396]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  311.384674][T14396]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  311.384718][T14396]  genl_rcv+0x28/0x40
[  311.384748][T14396]  netlink_unicast+0x7f6/0x990
[  311.384782][T14396]  ? __pfx_netlink_unicast+0x10/0x10
[  311.384803][T14396]  ? __virt_addr_valid+0x45f/0x530
[  311.384825][T14396]  ? __phys_addr_symbol+0x2f/0x70
[  311.384846][T14396]  ? __check_object_size+0x47a/0x730
[  311.384881][T14396]  netlink_sendmsg+0x8de/0xcb0
[  311.384936][T14396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.384968][T14396]  ? aa_sock_msg_perm+0x91/0x160
[  311.385007][T14396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.385030][T14396]  __sock_sendmsg+0x221/0x270
[  311.385063][T14396]  ____sys_sendmsg+0x53a/0x860
[  311.385096][T14396]  ? __pfx_____sys_sendmsg+0x10/0x10
[  311.385116][T14396]  ? __fget_files+0x2a/0x410
[  311.385151][T14396]  ? __fget_files+0x2a/0x410
[  311.385191][T14396]  __sys_sendmsg+0x269/0x350
[  311.385216][T14396]  ? __pfx___sys_sendmsg+0x10/0x10
[  311.385246][T14396]  ? do_sys_openat2+0x17a/0x1d0
[  311.385311][T14396]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  311.385344][T14396]  ? do_syscall_64+0x100/0x230
[  311.385379][T14396]  ? do_syscall_64+0xb6/0x230
[  311.385414][T14396]  do_syscall_64+0xf3/0x230
[  311.385445][T14396]  ? clear_bhb_loop+0x35/0x90
[  311.385478][T14396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.385506][T14396] RIP: 0033:0x7fe7bf78d169
[  311.385525][T14396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.385543][T14396] RSP: 002b:00007fe7c0690038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.385565][T14396] RAX: ffffffffffffffda RBX: 00007fe7bf9a5fa0 RCX: 00007fe7bf78d169
[  311.385581][T14396] RDX: 0000000000000000 RSI: 0000200000000a80 RDI: 0000000000000006
[  311.385594][T14396] RBP: 00007fe7c0690090 R08: 0000000000000000 R09: 0000000000000000
[  311.385606][T14396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.385618][T14396] R13: 0000000000000000 R14: 00007fe7bf9a5fa0 R15: 00007ffdc610d748
[  311.385651][T14396]  </TASK>
[  311.846346][ T5841] Bluetooth: hci3: command tx timeout
[  311.884468][T14396] socket: no more sockets
[  312.054438][T14406] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  312.199492][T14414] FAULT_INJECTION: forcing a failure.
[  312.199492][T14414] name failslab, interval 1, probability 0, space 0, times 0
[  312.279844][T14413] vlan3: entered allmulticast mode
[  312.285001][T14413] macsec0: entered allmulticast mode
[  312.301984][T14413] veth1_macvtap: entered allmulticast mode
[  312.310341][T14414] CPU: 1 UID: 0 PID: 14414 Comm: syz.3.3260 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  312.310372][T14414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  312.310387][T14414] Call Trace:
[  312.310395][T14414]  <TASK>
[  312.310404][T14414]  dump_stack_lvl+0x241/0x360
[  312.310437][T14414]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.310461][T14414]  ? __pfx__printk+0x10/0x10
[  312.310490][T14414]  ? ref_tracker_alloc+0x332/0x490
[  312.310526][T14414]  should_fail_ex+0x40a/0x550
[  312.310564][T14414]  should_failslab+0xac/0x100
[  312.310594][T14414]  ? skb_clone+0x20c/0x390
[  312.310617][T14414]  kmem_cache_alloc_noprof+0x70/0x380
[  312.310654][T14414]  skb_clone+0x20c/0x390
[  312.310683][T14414]  __netlink_deliver_tap+0x3c4/0x7f0
[  312.310723][T14414]  ? netlink_deliver_tap+0x2e/0x1b0
[  312.310748][T14414]  netlink_deliver_tap+0x19d/0x1b0
[  312.310775][T14414]  netlink_sendskb+0x68/0x140
[  312.310800][T14414]  netlink_unicast+0x39d/0x990
[  312.310820][T14414]  ? __asan_memcpy+0x40/0x70
[  312.310850][T14414]  ? __pfx_netlink_unicast+0x10/0x10
[  312.310885][T14414]  netlink_rcv_skb+0x294/0x480
[  312.310912][T14414]  ? __pfx_genl_rcv_msg+0x10/0x10
[  312.310947][T14414]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  312.310987][T14414]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  312.311029][T14414]  genl_rcv+0x28/0x40
[  312.311059][T14414]  netlink_unicast+0x7f6/0x990
[  312.311091][T14414]  ? __pfx_netlink_unicast+0x10/0x10
[  312.311112][T14414]  ? __virt_addr_valid+0x45f/0x530
[  312.311135][T14414]  ? __phys_addr_symbol+0x2f/0x70
[  312.311155][T14414]  ? __check_object_size+0x47a/0x730
[  312.311189][T14414]  netlink_sendmsg+0x8de/0xcb0
[  312.311230][T14414]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.311262][T14414]  ? aa_sock_msg_perm+0x91/0x160
[  312.311302][T14414]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.311326][T14414]  __sock_sendmsg+0x221/0x270
[  312.311360][T14414]  ____sys_sendmsg+0x53a/0x860
[  312.311393][T14414]  ? __pfx_____sys_sendmsg+0x10/0x10
[  312.311415][T14414]  ? __fget_files+0x2a/0x410
[  312.311449][T14414]  ? __fget_files+0x2a/0x410
[  312.311491][T14414]  __sys_sendmsg+0x269/0x350
[  312.311527][T14414]  ? __pfx___sys_sendmsg+0x10/0x10
[  312.311566][T14414]  ? do_sys_openat2+0x17a/0x1d0
[  312.311627][T14414]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  312.311662][T14414]  ? do_syscall_64+0x100/0x230
[  312.311699][T14414]  ? do_syscall_64+0xb6/0x230
[  312.311734][T14414]  do_syscall_64+0xf3/0x230
[  312.311767][T14414]  ? clear_bhb_loop+0x35/0x90
[  312.311802][T14414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.311831][T14414] RIP: 0033:0x7fe7bf78d169
[  312.311851][T14414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.311870][T14414] RSP: 002b:00007fe7c066f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.311893][T14414] RAX: ffffffffffffffda RBX: 00007fe7bf9a6080 RCX: 00007fe7bf78d169
[  312.311909][T14414] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000004
[  312.311923][T14414] RBP: 00007fe7c066f090 R08: 0000000000000000 R09: 0000000000000000
[  312.311936][T14414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.311950][T14414] R13: 0000000000000000 R14: 00007fe7bf9a6080 R15: 00007ffdc610d748
[  312.311983][T14414]  </TASK>
[  312.346586][T14413] bridge0: port 3(vlan3) entered blocking state
[  312.674598][T14413] bridge0: port 3(vlan3) entered disabled state
[  312.684139][T14413] vlan3: entered promiscuous mode
[  312.690494][T14413] bridge0: port 3(vlan3) entered blocking state
[  312.698265][T14413] bridge0: port 3(vlan3) entered forwarding state
[  312.883429][T14432] FAULT_INJECTION: forcing a failure.
[  312.883429][T14432] name failslab, interval 1, probability 0, space 0, times 0
[  312.932923][T14432] CPU: 0 UID: 0 PID: 14432 Comm: syz.2.3267 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  312.932961][T14432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  312.932974][T14432] Call Trace:
[  312.932982][T14432]  <TASK>
[  312.932992][T14432]  dump_stack_lvl+0x241/0x360
[  312.933025][T14432]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.933049][T14432]  ? __pfx__printk+0x10/0x10
[  312.933074][T14432]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  312.933106][T14432]  ? __pfx___might_resched+0x10/0x10
[  312.933140][T14432]  should_fail_ex+0x40a/0x550
[  312.933178][T14432]  should_failslab+0xac/0x100
[  312.933208][T14432]  __kmalloc_node_noprof+0xe1/0x4d0
[  312.933239][T14432]  ? __kvmalloc_node_noprof+0x72/0x190
[  312.933278][T14432]  __kvmalloc_node_noprof+0x72/0x190
[  312.933313][T14432]  alloc_netdev_mqs+0xcec/0x1210
[  312.933349][T14432]  rtnl_create_link+0x2f9/0xc90
[  312.933382][T14432]  rtnl_newlink_create+0x210/0xa40
[  312.933421][T14432]  ? __pfx___mutex_lock+0x10/0x10
[  312.933455][T14432]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  312.933501][T14432]  ? ns_capable+0x8a/0xf0
[  312.933531][T14432]  rtnl_newlink+0x17cc/0x1d30
[  312.933576][T14432]  ? __pfx_rtnl_newlink+0x10/0x10
[  312.933602][T14432]  ? __netlink_deliver_tap+0x561/0x7f0
[  312.933629][T14432]  ? __pfx_validate_chain+0x10/0x10
[  312.933651][T14432]  ? __sock_sendmsg+0x221/0x270
[  312.933678][T14432]  ? ____sys_sendmsg+0x53a/0x860
[  312.933699][T14432]  ? __sys_sendmsg+0x269/0x350
[  312.933720][T14432]  ? do_syscall_64+0xf3/0x230
[  312.933751][T14432]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.933803][T14432]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  312.933840][T14432]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  312.933882][T14432]  ? mark_lock+0x9a/0x360
[  312.933907][T14432]  ? __lock_acquire+0x1397/0x2100
[  312.933975][T14432]  ? __pfx_lock_release+0x10/0x10
[  312.934023][T14432]  ? __pfx_rtnl_newlink+0x10/0x10
[  312.934054][T14432]  rtnetlink_rcv_msg+0x791/0xcf0
[  312.934080][T14432]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  312.934113][T14432]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  312.934150][T14432]  ? ref_tracker_free+0x643/0x7e0
[  312.934179][T14432]  netlink_rcv_skb+0x206/0x480
[  312.934205][T14432]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  312.934236][T14432]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  312.934288][T14432]  ? netlink_deliver_tap+0x2e/0x1b0
[  312.934317][T14432]  netlink_unicast+0x7f6/0x990
[  312.934350][T14432]  ? __pfx_netlink_unicast+0x10/0x10
[  312.934370][T14432]  ? __virt_addr_valid+0x45f/0x530
[  312.934392][T14432]  ? __phys_addr_symbol+0x2f/0x70
[  312.934411][T14432]  ? __check_object_size+0x47a/0x730
[  312.934445][T14432]  netlink_sendmsg+0x8de/0xcb0
[  312.934492][T14432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.934523][T14432]  ? aa_sock_msg_perm+0x91/0x160
[  312.934563][T14432]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.934587][T14432]  __sock_sendmsg+0x221/0x270
[  312.934620][T14432]  ____sys_sendmsg+0x53a/0x860
[  312.934654][T14432]  ? __pfx_____sys_sendmsg+0x10/0x10
[  312.934676][T14432]  ? __fget_files+0x2a/0x410
[  312.934710][T14432]  ? __fget_files+0x2a/0x410
[  312.934752][T14432]  __sys_sendmsg+0x269/0x350
[  312.934781][T14432]  ? __pfx___sys_sendmsg+0x10/0x10
[  312.934821][T14432]  ? do_sys_openat2+0x17a/0x1d0
[  312.934893][T14432]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  312.934926][T14432]  ? do_syscall_64+0x100/0x230
[  312.934961][T14432]  ? do_syscall_64+0xb6/0x230
[  312.934996][T14432]  do_syscall_64+0xf3/0x230
[  312.935028][T14432]  ? clear_bhb_loop+0x35/0x90
[  312.935060][T14432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.935088][T14432] RIP: 0033:0x7f3bdcf8d169
[  312.935124][T14432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.935143][T14432] RSP: 002b:00007f3bdde67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.935166][T14432] RAX: ffffffffffffffda RBX: 00007f3bdd1a5fa0 RCX: 00007f3bdcf8d169
[  312.935183][T14432] RDX: 00000000000000c2 RSI: 0000200000000280 RDI: 0000000000000006
[  312.935197][T14432] RBP: 00007f3bdde67090 R08: 0000000000000000 R09: 0000000000000000
[  312.935211][T14432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  312.935224][T14432] R13: 0000000000000000 R14: 00007f3bdd1a5fa0 R15: 00007ffc2d556078
[  312.935257][T14432]  </TASK>
[  313.639402][T14441] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.719289][T14453] __nla_validate_parse: 3 callbacks suppressed
[  313.719312][T14453] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3271'.
[  313.771259][T14441] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.845082][T14441] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.916872][ T5841] Bluetooth: hci3: command tx timeout
[  313.931907][T14441] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.677385][T14473] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3280'.
[  316.080304][T14457] : renamed from bridge_slave_0 (while UP)
[  316.178736][T14475] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.243836][T14441] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.272120][T14441] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.343439][T14475] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.376018][T14490] netlink: 'syz.3.3283': attribute type 1 has an invalid length.
[  316.399662][T14490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3283'.
[  316.413480][T14441] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.478978][T14475] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.508288][T14441] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.544709][T14494] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  316.618172][T14475] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.808289][T14475] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.842043][T14504] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3290'.
[  316.851249][T14475] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.876095][T14504] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3290'.
[  316.882371][T14475] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.954786][T14475] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.088438][T14511] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3292'.
[  317.523588][T14537] FAULT_INJECTION: forcing a failure.
[  317.523588][T14537] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.574958][T14537] CPU: 1 UID: 0 PID: 14537 Comm: syz.1.3302 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  317.574994][T14537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.575008][T14537] Call Trace:
[  317.575016][T14537]  <TASK>
[  317.575026][T14537]  dump_stack_lvl+0x241/0x360
[  317.575060][T14537]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.575084][T14537]  ? __pfx__printk+0x10/0x10
[  317.575109][T14537]  ? __pfx_lock_release+0x10/0x10
[  317.575157][T14537]  should_fail_ex+0x40a/0x550
[  317.575195][T14537]  _copy_from_user+0x2d/0xb0
[  317.575226][T14537]  copy_msghdr_from_user+0xae/0x680
[  317.575263][T14537]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  317.575291][T14537]  ? __fget_files+0x2a/0x410
[  317.575325][T14537]  ? __fget_files+0x2a/0x410
[  317.575365][T14537]  __sys_sendmmsg+0x32b/0x720
[  317.575401][T14537]  ? __pfx___sys_sendmmsg+0x10/0x10
[  317.575438][T14537]  ? __pfx_lock_release+0x10/0x10
[  317.575468][T14537]  ? kstrtouint_from_user+0x128/0x190
[  317.575516][T14537]  ? ksys_write+0x22a/0x2b0
[  317.575539][T14537]  ? __pfx_lock_release+0x10/0x10
[  317.575578][T14537]  ? sb_end_write+0xe9/0x1c0
[  317.575609][T14537]  ? vfs_write+0x7fa/0xd10
[  317.575634][T14537]  ? __mutex_unlock_slowpath+0x227/0x800
[  317.575696][T14537]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  317.575737][T14537]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  317.575770][T14537]  ? do_syscall_64+0x100/0x230
[  317.575806][T14537]  __x64_sys_sendmmsg+0xa0/0xb0
[  317.575832][T14537]  do_syscall_64+0xf3/0x230
[  317.575863][T14537]  ? clear_bhb_loop+0x35/0x90
[  317.575908][T14537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.575935][T14537] RIP: 0033:0x7fe3a858d169
[  317.575954][T14537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.575972][T14537] RSP: 002b:00007fe3a932a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  317.575993][T14537] RAX: ffffffffffffffda RBX: 00007fe3a87a5fa0 RCX: 00007fe3a858d169
[  317.576027][T14537] RDX: 0000000000000003 RSI: 0000200000000cc0 RDI: 0000000000000003
[  317.576041][T14537] RBP: 00007fe3a932a090 R08: 0000000000000000 R09: 0000000000000000
[  317.576055][T14537] R10: 00000000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  317.576067][T14537] R13: 0000000000000000 R14: 00007fe3a87a5fa0 R15: 00007ffd2e1a0198
[  317.576098][T14537]  </TASK>
[  317.993449][T14547] FAULT_INJECTION: forcing a failure.
[  317.993449][T14547] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  318.057228][T14547] CPU: 1 UID: 0 PID: 14547 Comm: syz.1.3305 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  318.057263][T14547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  318.057277][T14547] Call Trace:
[  318.057286][T14547]  <TASK>
[  318.057295][T14547]  dump_stack_lvl+0x241/0x360
[  318.057328][T14547]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.057353][T14547]  ? __pfx__printk+0x10/0x10
[  318.057380][T14547]  ? __lock_acquire+0x1397/0x2100
[  318.057417][T14547]  should_fail_ex+0x40a/0x550
[  318.057454][T14547]  prepare_alloc_pages+0x1da/0x5b0
[  318.057488][T14547]  __alloc_frozen_pages_noprof+0x16f/0x710
[  318.057517][T14547]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  318.057556][T14547]  ? __pfx_lock_acquire+0x10/0x10
[  318.057592][T14547]  alloc_pages_mpol+0x311/0x660
[  318.057620][T14547]  ? __lock_acquire+0x1397/0x2100
[  318.057656][T14547]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  318.057696][T14547]  vma_alloc_folio_noprof+0x12b/0x260
[  318.057729][T14547]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  318.057769][T14547]  folio_prealloc+0x2e/0x170
[  318.057793][T14547]  __handle_mm_fault+0x32e6/0x6ef0
[  318.057855][T14547]  ? __pfx___handle_mm_fault+0x10/0x10
[  318.057888][T14547]  ? lock_vma_under_rcu+0x34b/0x790
[  318.057937][T14547]  ? __pfx_reacquire_held_locks+0x10/0x10
[  318.057978][T14547]  ? mtree_range_walk+0x6fd/0x8e0
[  318.058009][T14547]  ? lock_vma_under_rcu+0x1dd/0x790
[  318.058042][T14547]  ? __pfx_lock_release+0x10/0x10
[  318.058072][T14547]  ? lock_vma_under_rcu+0x34b/0x790
[  318.058137][T14547]  ? lock_vma_under_rcu+0x1dd/0x790
[  318.058171][T14547]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  318.058203][T14547]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  318.058240][T14547]  handle_mm_fault+0x3e5/0x8d0
[  318.058287][T14547]  exc_page_fault+0x459/0x8b0
[  318.058325][T14547]  asm_exc_page_fault+0x26/0x30
[  318.058353][T14547] RIP: 0033:0x7fe3a8458b7b
[  318.058372][T14547] Code: 00 00 00 48 8d 3d 9d 33 19 00 48 89 c1 31 c0 e8 4b 44 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d d1 33 19 00 48 89 34 24 48 8b 14 24 48 8b
[  318.058391][T14547] RSP: 002b:00007fe3a9328fb0 EFLAGS: 00010202
[  318.058410][T14547] RAX: 0000000000000000 RBX: 00007fe3a87a5fa0 RCX: 0000000000000000
[  318.058425][T14547] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000200000000180
[  318.058445][T14547] RBP: 00007fe3a932a090 R08: 0000000000000000 R09: 0000000000000000
[  318.058464][T14547] R10: 0000200000000180 R11: 0000000000000000 R12: 0000000000000001
[  318.058476][T14547] R13: 0000000000000000 R14: 00007fe3a87a5fa0 R15: 00007ffd2e1a0198
[  318.058508][T14547]  </TASK>
[  318.078085][T14547] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  318.160104][T14554] netlink: 'syz.2.3306': attribute type 10 has an invalid length.
[  318.390596][T14554] 8021q: adding VLAN 0 to HW filter on device team0
[  318.399635][T14554] bond0: (slave team0): Enslaving as an active interface with an up link
[  318.632987][T14566] syzkaller1: entered promiscuous mode
[  318.642167][T14566] syzkaller1: entered allmulticast mode
[  318.814813][T14577] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3313'.
[  318.840638][T14578] netlink: 'syz.2.3314': attribute type 1 has an invalid length.
[  318.860209][T14577] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3313'.
[  318.926889][T14578] bond1: entered promiscuous mode
[  318.932339][T14578] 8021q: adding VLAN 0 to HW filter on device bond1
[  318.939395][T14577] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3313'.
[  318.964087][T14577] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3313'.
[  319.005505][T14585] bond1: (slave bridge2): making interface the new active one
[  319.035221][T14585] bridge2: entered promiscuous mode
[  319.060785][T14589] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3318'.
[  319.073855][T14585] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  319.149715][T14593] netlink: 'syz.4.3319': attribute type 10 has an invalid length.
[  319.198354][T14595] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  319.211534][T14596] FAULT_INJECTION: forcing a failure.
[  319.211534][T14596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.239722][T14593] 8021q: adding VLAN 0 to HW filter on device team0
[  319.273951][T14596] CPU: 0 UID: 0 PID: 14596 Comm: syz.2.3320 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  319.273981][T14596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  319.273995][T14596] Call Trace:
[  319.274011][T14596]  <TASK>
[  319.274021][T14596]  dump_stack_lvl+0x241/0x360
[  319.274055][T14596]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.274080][T14596]  ? __pfx__printk+0x10/0x10
[  319.274104][T14596]  ? __pfx_lock_release+0x10/0x10
[  319.274147][T14596]  should_fail_ex+0x40a/0x550
[  319.274175][T14596]  _copy_from_user+0x2d/0xb0
[  319.274196][T14596]  move_addr_to_kernel+0x82/0x150
[  319.274220][T14596]  __sys_sendto+0x268/0x4c0
[  319.274239][T14596]  ? __pfx___sys_sendto+0x10/0x10
[  319.274271][T14596]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  319.274296][T14596]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  319.274319][T14596]  ? exc_page_fault+0x590/0x8b0
[  319.274343][T14596]  __x64_sys_sendto+0xde/0x100
[  319.274361][T14596]  do_syscall_64+0xf3/0x230
[  319.274385][T14596]  ? clear_bhb_loop+0x35/0x90
[  319.274410][T14596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.274430][T14596] RIP: 0033:0x7f3bdcf8effc
[  319.274444][T14596] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  319.274457][T14596] RSP: 002b:00007f3bdde65ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  319.274474][T14596] RAX: ffffffffffffffda RBX: 00007f3bdde65fc0 RCX: 00007f3bdcf8effc
[  319.274491][T14596] RDX: 0000000000000020 RSI: 00007f3bdde66010 RDI: 0000000000000004
[  319.274506][T14596] RBP: 0000000000000000 R08: 00007f3bdde65f14 R09: 000000000000000c
[  319.274519][T14596] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  319.274532][T14596] R13: 00007f3bdde65f68 R14: 00007f3bdde66010 R15: 0000000000000000
[  319.274564][T14596]  </TASK>
[  319.486519][T14593] bond0: (slave team0): Enslaving as an active interface with an up link
[  319.498888][T14598] netlink: 'syz.3.3321': attribute type 3 has an invalid length.
[  319.537490][T14598] netlink: 766 bytes leftover after parsing attributes in process `syz.3.3321'.
[  319.570275][T14598] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3321'.
[  319.682621][T14604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3322'.
[  319.696261][T14604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3322'.
[  319.706610][T14604] FAULT_INJECTION: forcing a failure.
[  319.706610][T14604] name failslab, interval 1, probability 0, space 0, times 0
[  319.744805][T14604] CPU: 0 UID: 0 PID: 14604 Comm: syz.2.3322 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  319.744837][T14604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  319.744851][T14604] Call Trace:
[  319.744860][T14604]  <TASK>
[  319.744870][T14604]  dump_stack_lvl+0x241/0x360
[  319.744902][T14604]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.744927][T14604]  ? __pfx__printk+0x10/0x10
[  319.744967][T14604]  ? ref_tracker_alloc+0x332/0x490
[  319.744994][T14604]  should_fail_ex+0x40a/0x550
[  319.745031][T14604]  should_failslab+0xac/0x100
[  319.745061][T14604]  ? skb_clone+0x20c/0x390
[  319.745084][T14604]  kmem_cache_alloc_noprof+0x70/0x380
[  319.745119][T14604]  skb_clone+0x20c/0x390
[  319.745147][T14604]  __netlink_deliver_tap+0x3c4/0x7f0
[  319.745186][T14604]  ? netlink_deliver_tap+0x2e/0x1b0
[  319.745209][T14604]  netlink_deliver_tap+0x19d/0x1b0
[  319.745237][T14604]  netlink_sendskb+0x68/0x140
[  319.745260][T14604]  netlink_unicast+0x39d/0x990
[  319.745280][T14604]  ? __asan_memcpy+0x40/0x70
[  319.745309][T14604]  ? __pfx_netlink_unicast+0x10/0x10
[  319.745343][T14604]  netlink_rcv_skb+0x294/0x480
[  319.745369][T14604]  ? __pfx_genl_rcv_msg+0x10/0x10
[  319.745402][T14604]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  319.745442][T14604]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  319.745483][T14604]  genl_rcv+0x28/0x40
[  319.745511][T14604]  netlink_unicast+0x7f6/0x990
[  319.745543][T14604]  ? __pfx_netlink_unicast+0x10/0x10
[  319.745562][T14604]  ? __virt_addr_valid+0x45f/0x530
[  319.745582][T14604]  ? __phys_addr_symbol+0x2f/0x70
[  319.745599][T14604]  ? __check_object_size+0x47a/0x730
[  319.745631][T14604]  netlink_sendmsg+0x8de/0xcb0
[  319.745670][T14604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.745701][T14604]  ? aa_sock_msg_perm+0x91/0x160
[  319.745750][T14604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.745774][T14604]  __sock_sendmsg+0x221/0x270
[  319.745805][T14604]  ____sys_sendmsg+0x53a/0x860
[  319.745838][T14604]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.745859][T14604]  ? __fget_files+0x2a/0x410
[  319.745892][T14604]  ? __fget_files+0x2a/0x410
[  319.745930][T14604]  __sys_sendmsg+0x269/0x350
[  319.745958][T14604]  ? __pfx___sys_sendmsg+0x10/0x10
[  319.745995][T14604]  ? do_sys_openat2+0x17a/0x1d0
[  319.746055][T14604]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  319.746089][T14604]  ? do_syscall_64+0x100/0x230
[  319.746125][T14604]  ? do_syscall_64+0xb6/0x230
[  319.746160][T14604]  do_syscall_64+0xf3/0x230
[  319.746192][T14604]  ? clear_bhb_loop+0x35/0x90
[  319.746224][T14604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.746252][T14604] RIP: 0033:0x7f3bdcf8d169
[  319.746271][T14604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.746289][T14604] RSP: 002b:00007f3bdde46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.746312][T14604] RAX: ffffffffffffffda RBX: 00007f3bdd1a6080 RCX: 00007f3bdcf8d169
[  319.746328][T14604] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000004
[  319.746341][T14604] RBP: 00007f3bdde46090 R08: 0000000000000000 R09: 0000000000000000
[  319.746354][T14604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  319.746366][T14604] R13: 0000000000000000 R14: 00007f3bdd1a6080 R15: 00007ffc2d556078
[  319.746397][T14604]  </TASK>
[  319.747622][T14606] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[  320.435263][T14622] FAULT_INJECTION: forcing a failure.
[  320.435263][T14622] name failslab, interval 1, probability 0, space 0, times 0
[  320.502006][T14622] CPU: 0 UID: 0 PID: 14622 Comm: syz.1.3327 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  320.502047][T14622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.502061][T14622] Call Trace:
[  320.502070][T14622]  <TASK>
[  320.502081][T14622]  dump_stack_lvl+0x241/0x360
[  320.502113][T14622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.502138][T14622]  ? __pfx__printk+0x10/0x10
[  320.502166][T14622]  ? ref_tracker_alloc+0x332/0x490
[  320.502192][T14622]  should_fail_ex+0x40a/0x550
[  320.502230][T14622]  should_failslab+0xac/0x100
[  320.502260][T14622]  ? skb_clone+0x20c/0x390
[  320.502283][T14622]  kmem_cache_alloc_noprof+0x70/0x380
[  320.502319][T14622]  skb_clone+0x20c/0x390
[  320.502349][T14622]  __netlink_deliver_tap+0x3c4/0x7f0
[  320.502388][T14622]  ? netlink_deliver_tap+0x2e/0x1b0
[  320.502413][T14622]  netlink_deliver_tap+0x19d/0x1b0
[  320.502441][T14622]  netlink_sendskb+0x68/0x140
[  320.502466][T14622]  netlink_unicast+0x39d/0x990
[  320.502486][T14622]  ? __asan_memcpy+0x40/0x70
[  320.502517][T14622]  ? __pfx_netlink_unicast+0x10/0x10
[  320.502551][T14622]  netlink_rcv_skb+0x294/0x480
[  320.502579][T14622]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  320.502610][T14622]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  320.502660][T14622]  ? netlink_deliver_tap+0x2e/0x1b0
[  320.502689][T14622]  netlink_unicast+0x7f6/0x990
[  320.502721][T14622]  ? __pfx_netlink_unicast+0x10/0x10
[  320.502742][T14622]  ? __virt_addr_valid+0x45f/0x530
[  320.502764][T14622]  ? __phys_addr_symbol+0x2f/0x70
[  320.502784][T14622]  ? __check_object_size+0x47a/0x730
[  320.502818][T14622]  netlink_sendmsg+0x8de/0xcb0
[  320.502858][T14622]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.502890][T14622]  ? aa_sock_msg_perm+0x91/0x160
[  320.502929][T14622]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.502954][T14622]  __sock_sendmsg+0x221/0x270
[  320.502989][T14622]  ____sys_sendmsg+0x53a/0x860
[  320.503030][T14622]  ? __pfx_____sys_sendmsg+0x10/0x10
[  320.503053][T14622]  ? __fget_files+0x2a/0x410
[  320.503087][T14622]  ? __fget_files+0x2a/0x410
[  320.503128][T14622]  __sys_sendmsg+0x269/0x350
[  320.503158][T14622]  ? __pfx___sys_sendmsg+0x10/0x10
[  320.503196][T14622]  ? do_sys_openat2+0x17a/0x1d0
[  320.503256][T14622]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  320.503292][T14622]  ? do_syscall_64+0x100/0x230
[  320.503328][T14622]  ? do_syscall_64+0xb6/0x230
[  320.503364][T14622]  do_syscall_64+0xf3/0x230
[  320.503397][T14622]  ? clear_bhb_loop+0x35/0x90
[  320.503431][T14622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.503460][T14622] RIP: 0033:0x7fe3a858d169
[  320.503480][T14622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.503499][T14622] RSP: 002b:00007fe3a9309038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  320.503522][T14622] RAX: ffffffffffffffda RBX: 00007fe3a87a6080 RCX: 00007fe3a858d169
[  320.503538][T14622] RDX: 0000000000000040 RSI: 0000200000000300 RDI: 0000000000000003
[  320.503551][T14622] RBP: 00007fe3a9309090 R08: 0000000000000000 R09: 0000000000000000
[  320.503564][T14622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.503577][T14622] R13: 0000000000000000 R14: 00007fe3a87a6080 R15: 00007ffd2e1a0198
[  320.503609][T14622]  </TASK>
[  321.178233][T14632] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3330'.
[  321.197439][T14632] 
: renamed from bond0 (while UP)
[  321.623777][T14649] sctp: [Deprecated]: syz.3.3337 (pid 14649) Use of struct sctp_assoc_value in delayed_ack socket option.
[  321.623777][T14649] Use struct sctp_sack_info instead
[  322.503219][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880633f7400: rx timeout, send abort
[  322.513971][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880633f7400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  322.830070][T14668] FAULT_INJECTION: forcing a failure.
[  322.830070][T14668] name failslab, interval 1, probability 0, space 0, times 0
[  322.873538][T14668] CPU: 0 UID: 0 PID: 14668 Comm: syz.2.3345 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  322.873570][T14668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  322.873583][T14668] Call Trace:
[  322.873592][T14668]  <TASK>
[  322.873602][T14668]  dump_stack_lvl+0x241/0x360
[  322.873641][T14668]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.873666][T14668]  ? __pfx__printk+0x10/0x10
[  322.873692][T14668]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  322.873729][T14668]  ? __pfx___might_resched+0x10/0x10
[  322.873764][T14668]  should_fail_ex+0x40a/0x550
[  322.873802][T14668]  should_failslab+0xac/0x100
[  322.873833][T14668]  kmem_cache_alloc_node_noprof+0x77/0x380
[  322.873863][T14668]  ? __alloc_skb+0x1c3/0x440
[  322.873881][T14668]  ? __mutex_unlock_slowpath+0x227/0x800
[  322.873920][T14668]  __alloc_skb+0x1c3/0x440
[  322.873947][T14668]  ? __pfx___alloc_skb+0x10/0x10
[  322.873966][T14668]  ? rcu_is_watching+0x15/0xb0
[  322.873991][T14668]  ? trace_contention_end+0x3c/0x120
[  322.874024][T14668]  nl80211_tx_mgmt+0xb77/0x1190
[  322.874062][T14668]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  322.874089][T14668]  ? __pfx_netdev_run_todo+0x10/0x10
[  322.874144][T14668]  genl_rcv_msg+0xb1f/0xec0
[  322.874187][T14668]  ? __pfx_genl_rcv_msg+0x10/0x10
[  322.874251][T14668]  ? __pfx_lock_acquire+0x10/0x10
[  322.874282][T14668]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  322.874305][T14668]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  322.874329][T14668]  ? __pfx_nl80211_post_doit+0x10/0x10
[  322.874355][T14668]  ? __pfx___might_resched+0x10/0x10
[  322.874395][T14668]  netlink_rcv_skb+0x206/0x480
[  322.874422][T14668]  ? __pfx_genl_rcv_msg+0x10/0x10
[  322.874456][T14668]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  322.874497][T14668]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  322.874541][T14668]  genl_rcv+0x28/0x40
[  322.874575][T14668]  netlink_unicast+0x7f6/0x990
[  322.874608][T14668]  ? __pfx_netlink_unicast+0x10/0x10
[  322.874635][T14668]  ? __virt_addr_valid+0x45f/0x530
[  322.874657][T14668]  ? __phys_addr_symbol+0x2f/0x70
[  322.874676][T14668]  ? __check_object_size+0x47a/0x730
[  322.874710][T14668]  netlink_sendmsg+0x8de/0xcb0
[  322.874752][T14668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.874784][T14668]  ? aa_sock_msg_perm+0x91/0x160
[  322.874824][T14668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.874849][T14668]  __sock_sendmsg+0x221/0x270
[  322.874883][T14668]  ____sys_sendmsg+0x53a/0x860
[  322.874917][T14668]  ? __pfx_____sys_sendmsg+0x10/0x10
[  322.874939][T14668]  ? __fget_files+0x2a/0x410
[  322.874974][T14668]  ? __fget_files+0x2a/0x410
[  322.875016][T14668]  __sys_sendmsg+0x269/0x350
[  322.875046][T14668]  ? __pfx___sys_sendmsg+0x10/0x10
[  322.875102][T14668]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  322.875168][T14668]  do_syscall_64+0xf3/0x230
[  322.875200][T14668]  ? clear_bhb_loop+0x35/0x90
[  322.875235][T14668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.875264][T14668] RIP: 0033:0x7f3bdcf8d169
[  322.875285][T14668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.875303][T14668] RSP: 002b:00007f3bdde67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.875326][T14668] RAX: ffffffffffffffda RBX: 00007f3bdd1a5fa0 RCX: 00007f3bdcf8d169
[  322.875342][T14668] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  322.875355][T14668] RBP: 00007f3bdde67090 R08: 0000000000000000 R09: 0000000000000000
[  322.875369][T14668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.875382][T14668] R13: 0000000000000000 R14: 00007f3bdd1a5fa0 R15: 00007ffc2d556078
[  322.875416][T14668]  </TASK>
[  324.076116][T14702] __nla_validate_parse: 9 callbacks suppressed
[  324.076138][T14702] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3357'.
[  324.110479][T14702] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  324.131437][T14702] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  324.150674][T14705] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  324.197105][T14705] Bluetooth: MGMT ver 1.23
[  324.389665][T14713] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3360'.
[  324.712398][T14720] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3364'.
[  324.737618][T14722] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  324.739171][T14721] erspan0: vlans aren't supported yet for dev_uc|mc_add()
[  325.117158][T14732] openvswitch: netlink: IP tunnel dst address not specified
[  325.436460][T14747] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3373'.
[  325.524248][T14751] FAULT_INJECTION: forcing a failure.
[  325.524248][T14751] name failslab, interval 1, probability 0, space 0, times 0
[  325.564748][T14751] CPU: 1 UID: 0 PID: 14751 Comm: syz.3.3375 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  325.564784][T14751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  325.564798][T14751] Call Trace:
[  325.564806][T14751]  <TASK>
[  325.564815][T14751]  dump_stack_lvl+0x241/0x360
[  325.564849][T14751]  ? __pfx_dump_stack_lvl+0x10/0x10
[  325.564873][T14751]  ? __pfx__printk+0x10/0x10
[  325.564898][T14751]  ? __kmalloc_noprof+0xb5/0x4c0
[  325.564929][T14751]  ? __pfx___might_resched+0x10/0x10
[  325.564964][T14751]  should_fail_ex+0x40a/0x550
[  325.565002][T14751]  should_failslab+0xac/0x100
[  325.565034][T14751]  __kmalloc_noprof+0xdd/0x4c0
[  325.565061][T14751]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  325.565085][T14751]  ? sock_kmalloc+0xd7/0x160
[  325.565116][T14751]  sock_kmalloc+0xd7/0x160
[  325.565144][T14751]  af_alg_sendmsg+0x1147/0x24d0
[  325.565199][T14751]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  325.565232][T14751]  ? __pfx_aa_sk_perm+0x10/0x10
[  325.565264][T14751]  ? __fget_files+0x2a/0x410
[  325.565294][T14751]  ? aa_sock_msg_perm+0x91/0x160
[  325.565328][T14751]  ? skcipher_sendmsg+0x28/0xf0
[  325.565363][T14751]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  325.565394][T14751]  __sock_sendmsg+0x221/0x270
[  325.565427][T14751]  __sys_sendto+0x363/0x4c0
[  325.565462][T14751]  ? __pfx___sys_sendto+0x10/0x10
[  325.565510][T14751]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  325.565546][T14751]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  325.565579][T14751]  ? exc_page_fault+0x590/0x8b0
[  325.565613][T14751]  __x64_sys_sendto+0xde/0x100
[  325.565638][T14751]  do_syscall_64+0xf3/0x230
[  325.565671][T14751]  ? clear_bhb_loop+0x35/0x90
[  325.565704][T14751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.565738][T14751] RIP: 0033:0x7fe7bf78effc
[  325.565757][T14751] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  325.565775][T14751] RSP: 002b:00007fe7c068eec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  325.565798][T14751] RAX: ffffffffffffffda RBX: 00007fe7c068efc0 RCX: 00007fe7bf78effc
[  325.565814][T14751] RDX: 0000000000000020 RSI: 00007fe7c068f010 RDI: 0000000000000004
[  325.565827][T14751] RBP: 0000000000000000 R08: 00007fe7c068ef14 R09: 000000000000000c
[  325.565840][T14751] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  325.565853][T14751] R13: 00007fe7c068ef68 R14: 00007fe7c068f010 R15: 0000000000000000
[  325.565886][T14751]  </TASK>
[  326.294527][T14769] FAULT_INJECTION: forcing a failure.
[  326.294527][T14769] name failslab, interval 1, probability 0, space 0, times 0
[  326.336011][T14769] CPU: 1 UID: 0 PID: 14769 Comm: syz.0.3380 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  326.336044][T14769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  326.336059][T14769] Call Trace:
[  326.336067][T14769]  <TASK>
[  326.336077][T14769]  dump_stack_lvl+0x241/0x360
[  326.336110][T14769]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.336135][T14769]  ? __pfx__printk+0x10/0x10
[  326.336172][T14769]  should_fail_ex+0x40a/0x550
[  326.336212][T14769]  should_failslab+0xac/0x100
[  326.336243][T14769]  ? dst_alloc+0x12b/0x190
[  326.336264][T14769]  kmem_cache_alloc_noprof+0x70/0x380
[  326.336302][T14769]  dst_alloc+0x12b/0x190
[  326.336343][T14769]  ip_route_output_key_hash_rcu+0x1378/0x2290
[  326.336392][T14769]  ip_route_output_key_hash+0x193/0x2b0
[  326.336425][T14769]  ? ip_route_output_key_hash+0xdf/0x2b0
[  326.336455][T14769]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  326.336498][T14769]  ? lockdep_hardirqs_on+0x99/0x150
[  326.336536][T14769]  ip_route_output_flow+0x29/0x140
[  326.336567][T14769]  sctp_v4_get_dst+0x4be/0x1640
[  326.336612][T14769]  ? __asan_memset+0x23/0x50
[  326.336636][T14769]  ? __pfx_sctp_v4_get_dst+0x10/0x10
[  326.336666][T14769]  ? __asan_memset+0x23/0x50
[  326.336707][T14769]  ? __pfx_sctp_generate_proto_unreach_event+0x10/0x10
[  326.336745][T14769]  sctp_transport_route+0x12c/0x2e0
[  326.336785][T14769]  sctp_assoc_add_peer+0x611/0x1360
[  326.336825][T14769]  sctp_connect_new_asoc+0x31d/0x6c0
[  326.336854][T14769]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  326.336889][T14769]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  326.336914][T14769]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  326.336939][T14769]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  326.336968][T14769]  __sctp_connect+0x66d/0xe30
[  326.337007][T14769]  ? __pfx___sctp_connect+0x10/0x10
[  326.337033][T14769]  ? __might_fault+0xaa/0x120
[  326.337054][T14769]  ? __might_fault+0xc6/0x120
[  326.337078][T14769]  ? _copy_from_user+0x95/0xb0
[  326.337106][T14769]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  326.337149][T14769]  sctp_getsockopt_connectx3+0x46c/0x730
[  326.337182][T14769]  ? __local_bh_enable_ip+0x168/0x200
[  326.337211][T14769]  ? __pfx_sctp_getsockopt_connectx3+0x10/0x10
[  326.337243][T14769]  ? __local_bh_enable_ip+0x168/0x200
[  326.337269][T14769]  ? sctp_getsockopt+0x13a/0xbb0
[  326.337293][T14769]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  326.337339][T14769]  sctp_getsockopt+0x8de/0xbb0
[  326.337363][T14769]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  326.337398][T14769]  do_sock_getsockopt+0x38e/0x740
[  326.337430][T14769]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  326.337452][T14769]  ? __fget_files+0x2a/0x410
[  326.337486][T14769]  ? __fget_files+0x395/0x410
[  326.337516][T14769]  ? __fget_files+0x2a/0x410
[  326.337556][T14769]  __x64_sys_getsockopt+0x2a1/0x370
[  326.337590][T14769]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  326.337616][T14769]  ? do_syscall_64+0x100/0x230
[  326.337653][T14769]  ? do_syscall_64+0xb6/0x230
[  326.337690][T14769]  do_syscall_64+0xf3/0x230
[  326.337722][T14769]  ? clear_bhb_loop+0x35/0x90
[  326.337757][T14769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.337786][T14769] RIP: 0033:0x7f4c71d8d169
[  326.337805][T14769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.337824][T14769] RSP: 002b:00007f4c72b3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  326.337848][T14769] RAX: ffffffffffffffda RBX: 00007f4c71fa5fa0 RCX: 00007f4c71d8d169
[  326.337863][T14769] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  326.337876][T14769] RBP: 00007f4c72b3b090 R08: 00002000000002c0 R09: 0000000000000000
[  326.337890][T14769] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000002
[  326.337904][T14769] R13: 0000000000000000 R14: 00007f4c71fa5fa0 R15: 00007ffdf95a9d18
[  326.337937][T14769]  </TASK>
[  326.453497][T14775] netlink: 'syz.3.3384': attribute type 10 has an invalid length.
[  326.634364][T14776] FAULT_INJECTION: forcing a failure.
[  326.634364][T14776] name failslab, interval 1, probability 0, space 0, times 0
[  326.768039][T14775] 8021q: adding VLAN 0 to HW filter on device team0
[  326.779281][T14775] 
: (slave team0): Enslaving as an active interface with an up link
[  326.788395][T14776] CPU: 0 UID: 0 PID: 14776 Comm: syz.3.3384 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  326.788423][T14776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  326.788436][T14776] Call Trace:
[  326.788445][T14776]  <TASK>
[  326.788453][T14776]  dump_stack_lvl+0x241/0x360
[  326.788483][T14776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.788506][T14776]  ? __pfx__printk+0x10/0x10
[  326.788533][T14776]  ? __kmalloc_cache_noprof+0x48/0x390
[  326.788572][T14776]  ? __pfx___might_resched+0x10/0x10
[  326.788604][T14776]  should_fail_ex+0x40a/0x550
[  326.788640][T14776]  should_failslab+0xac/0x100
[  326.788669][T14776]  __kmalloc_cache_noprof+0x70/0x390
[  326.788696][T14776]  ? rdma_restrack_init+0x4f/0x4b0
[  326.788723][T14776]  ? trace_kmalloc+0x1f/0xd0
[  326.788753][T14776]  rdma_restrack_init+0x4f/0x4b0
[  326.788782][T14776]  _ib_alloc_device+0x4e/0x670
[  326.788809][T14776]  rxe_net_add+0x21/0xf0
[  326.788832][T14776]  rxe_newlink+0xde/0x1a0
[  326.788861][T14776]  nldev_newlink+0x5ea/0x680
[  326.788887][T14776]  ? __pfx_nldev_newlink+0x10/0x10
[  326.788996][T14776]  ? __pfx_aa_get_newest_label+0x10/0x10
[  326.789029][T14776]  ? __pfx_aa_get_newest_label+0x10/0x10
[  326.789075][T14776]  ? bpf_lsm_capable+0x9/0x10
[  326.789104][T14776]  ? security_capable+0x7e/0x2d0
[  326.789136][T14776]  ? __pfx_nldev_newlink+0x10/0x10
[  326.789161][T14776]  rdma_nl_rcv+0x6dd/0x9e0
[  326.789197][T14776]  ? __pfx_rdma_nl_rcv+0x10/0x10
[  326.789252][T14776]  ? netlink_deliver_tap+0x2e/0x1b0
[  326.789280][T14776]  netlink_unicast+0x7f6/0x990
[  326.789311][T14776]  ? __pfx_netlink_unicast+0x10/0x10
[  326.789331][T14776]  ? __virt_addr_valid+0x45f/0x530
[  326.789352][T14776]  ? __phys_addr_symbol+0x2f/0x70
[  326.789370][T14776]  ? __check_object_size+0x47a/0x730
[  326.789403][T14776]  netlink_sendmsg+0x8de/0xcb0
[  326.789441][T14776]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.789471][T14776]  ? aa_sock_msg_perm+0x91/0x160
[  326.789507][T14776]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.789529][T14776]  __sock_sendmsg+0x221/0x270
[  326.789568][T14776]  ____sys_sendmsg+0x53a/0x860
[  326.789600][T14776]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.789620][T14776]  ? __fget_files+0x2a/0x410
[  326.789653][T14776]  ? __fget_files+0x2a/0x410
[  326.789689][T14776]  __sys_sendmsg+0x269/0x350
[  326.789716][T14776]  ? __pfx___sys_sendmsg+0x10/0x10
[  326.789751][T14776]  ? do_sys_openat2+0x17a/0x1d0
[  326.789807][T14776]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  326.789839][T14776]  ? do_syscall_64+0x100/0x230
[  326.789873][T14776]  ? do_syscall_64+0xb6/0x230
[  326.789906][T14776]  do_syscall_64+0xf3/0x230
[  326.789937][T14776]  ? clear_bhb_loop+0x35/0x90
[  326.789970][T14776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.789997][T14776] RIP: 0033:0x7fe7bf78d169
[  326.790015][T14776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.790032][T14776] RSP: 002b:00007fe7c066f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.790054][T14776] RAX: ffffffffffffffda RBX: 00007fe7bf9a6080 RCX: 00007fe7bf78d169
[  326.790068][T14776] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[  326.790080][T14776] RBP: 00007fe7c066f090 R08: 0000000000000000 R09: 0000000000000000
[  326.790092][T14776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.790103][T14776] R13: 0000000000000001 R14: 00007fe7bf9a6080 R15: 00007ffdc610d748
[  326.790133][T14776]  </TASK>
[  326.790328][T14776] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  326.892608][T14779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3383'.
[  327.285503][T14794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3388'.
[  327.318540][T14794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3388'.
[  327.335631][T14794] FAULT_INJECTION: forcing a failure.
[  327.335631][T14794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  327.372069][T14794] CPU: 0 UID: 0 PID: 14794 Comm: syz.0.3388 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  327.372101][T14794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  327.372115][T14794] Call Trace:
[  327.372123][T14794]  <TASK>
[  327.372132][T14794]  dump_stack_lvl+0x241/0x360
[  327.372162][T14794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  327.372186][T14794]  ? __pfx__printk+0x10/0x10
[  327.372208][T14794]  ? __pfx_lock_release+0x10/0x10
[  327.372238][T14794]  ? __lock_acquire+0x1397/0x2100
[  327.372276][T14794]  should_fail_ex+0x40a/0x550
[  327.372313][T14794]  _copy_from_user+0x2d/0xb0
[  327.372343][T14794]  kstrtouint_from_user+0xc6/0x190
[  327.372379][T14794]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  327.372408][T14794]  ? __pfx_lock_acquire+0x10/0x10
[  327.372450][T14794]  proc_fail_nth_write+0xaa/0x2d0
[  327.372481][T14794]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  327.372508][T14794]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  327.372544][T14794]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  327.372575][T14794]  vfs_write+0x29f/0xd10
[  327.372600][T14794]  ? fdget_pos+0x254/0x320
[  327.372630][T14794]  ? preempt_schedule_common+0x84/0xd0
[  327.372661][T14794]  ? __pfx_vfs_write+0x10/0x10
[  327.372686][T14794]  ? __fget_files+0x2a/0x410
[  327.372715][T14794]  ? __fget_files+0x395/0x410
[  327.372743][T14794]  ? __fget_files+0x2a/0x410
[  327.372783][T14794]  ksys_write+0x18f/0x2b0
[  327.372808][T14794]  ? __pfx_ksys_write+0x10/0x10
[  327.372832][T14794]  ? do_syscall_64+0x100/0x230
[  327.372867][T14794]  ? do_syscall_64+0xb6/0x230
[  327.372902][T14794]  do_syscall_64+0xf3/0x230
[  327.372934][T14794]  ? clear_bhb_loop+0x35/0x90
[  327.372968][T14794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.372996][T14794] RIP: 0033:0x7f4c71d8bc1f
[  327.373015][T14794] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  327.373033][T14794] RSP: 002b:00007f4c72b1a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  327.373059][T14794] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4c71d8bc1f
[  327.373073][T14794] RDX: 0000000000000001 RSI: 00007f4c72b1a0a0 RDI: 0000000000000005
[  327.373084][T14794] RBP: 00007f4c72b1a090 R08: 0000000000000000 R09: 0000000000000000
[  327.373097][T14794] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  327.373108][T14794] R13: 0000000000000000 R14: 00007f4c71fa6080 R15: 00007ffdf95a9d18
[  327.373139][T14794]  </TASK>
[  328.032946][T14820] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3394'.
[  328.043047][T14820] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4)
[  328.071621][T14821] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.3396'.
[  328.116519][T14821] netlink: zone id is out of range
[  328.142167][T14821] netlink: get zone limit has 8 unknown bytes
[  328.235501][T14825] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3396'.
[  328.687493][T14844] bridge: RTM_NEWNEIGH with invalid ether address
[  329.117402][T14855] FAULT_INJECTION: forcing a failure.
[  329.117402][T14855] name failslab, interval 1, probability 0, space 0, times 0
[  329.134607][T14855] CPU: 0 UID: 0 PID: 14855 Comm: syz.0.3405 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  329.134640][T14855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  329.134654][T14855] Call Trace:
[  329.134662][T14855]  <TASK>
[  329.134671][T14855]  dump_stack_lvl+0x241/0x360
[  329.134703][T14855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  329.134727][T14855]  ? __pfx__printk+0x10/0x10
[  329.134751][T14855]  ? __kmalloc_cache_noprof+0x48/0x390
[  329.134782][T14855]  ? __pfx___might_resched+0x10/0x10
[  329.134816][T14855]  should_fail_ex+0x40a/0x550
[  329.134852][T14855]  should_failslab+0xac/0x100
[  329.134882][T14855]  __kmalloc_cache_noprof+0x70/0x390
[  329.134910][T14855]  ? vlan_vid_add+0x31c/0x760
[  329.134940][T14855]  vlan_vid_add+0x31c/0x760
[  329.134985][T14855]  register_vlan_dev+0x9f/0x810
[  329.135011][T14855]  ? vlan_changelink+0x4dd/0x570
[  329.135046][T14855]  vlan_newlink+0x476/0x5c0
[  329.135077][T14855]  ? __pfx_vlan_newlink+0x10/0x10
[  329.135128][T14855]  rtnl_newlink_create+0x2ee/0xa40
[  329.135171][T14855]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  329.135212][T14855]  ? ns_capable+0x8a/0xf0
[  329.135241][T14855]  rtnl_newlink+0x17cc/0x1d30
[  329.135288][T14855]  ? __pfx_rtnl_newlink+0x10/0x10
[  329.135314][T14855]  ? __netlink_deliver_tap+0x561/0x7f0
[  329.135341][T14855]  ? __pfx_validate_chain+0x10/0x10
[  329.135366][T14855]  ? __pfx_validate_chain+0x10/0x10
[  329.135388][T14855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.135423][T14855]  ? __pfx___schedule+0x10/0x10
[  329.135477][T14855]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  329.135515][T14855]  ? preempt_schedule+0xe1/0xf0
[  329.135544][T14855]  ? preempt_schedule_common+0x84/0xd0
[  329.135580][T14855]  ? mark_lock+0x9a/0x360
[  329.135606][T14855]  ? __lock_acquire+0x1397/0x2100
[  329.135675][T14855]  ? __pfx_lock_release+0x10/0x10
[  329.135724][T14855]  ? __pfx_rtnl_newlink+0x10/0x10
[  329.135759][T14855]  rtnetlink_rcv_msg+0x791/0xcf0
[  329.135786][T14855]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  329.135817][T14855]  ? rcu_preempt_deferred_qs_irqrestore+0x8c4/0xca0
[  329.135851][T14855]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  329.135899][T14855]  netlink_rcv_skb+0x206/0x480
[  329.135926][T14855]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  329.135957][T14855]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  329.136010][T14855]  ? __rcu_read_unlock+0xa1/0x110
[  329.136045][T14855]  netlink_unicast+0x7f6/0x990
[  329.136078][T14855]  ? __pfx_netlink_unicast+0x10/0x10
[  329.136099][T14855]  ? __virt_addr_valid+0x45f/0x530
[  329.136121][T14855]  ? __phys_addr_symbol+0x2f/0x70
[  329.136141][T14855]  ? __check_object_size+0x47a/0x730
[  329.136176][T14855]  netlink_sendmsg+0x8de/0xcb0
[  329.136217][T14855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  329.136250][T14855]  ? aa_sock_msg_perm+0x91/0x160
[  329.136289][T14855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  329.136314][T14855]  __sock_sendmsg+0x221/0x270
[  329.136348][T14855]  ____sys_sendmsg+0x53a/0x860
[  329.136382][T14855]  ? __pfx_____sys_sendmsg+0x10/0x10
[  329.136404][T14855]  ? __fget_files+0x2a/0x410
[  329.136439][T14855]  ? __fget_files+0x2a/0x410
[  329.136486][T14855]  __sys_sendmsg+0x269/0x350
[  329.136517][T14855]  ? __pfx___sys_sendmsg+0x10/0x10
[  329.136557][T14855]  ? do_sys_openat2+0x17a/0x1d0
[  329.136620][T14855]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  329.136655][T14855]  ? do_syscall_64+0x100/0x230
[  329.136691][T14855]  ? do_syscall_64+0xb6/0x230
[  329.136727][T14855]  do_syscall_64+0xf3/0x230
[  329.136760][T14855]  ? clear_bhb_loop+0x35/0x90
[  329.136794][T14855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.136824][T14855] RIP: 0033:0x7f4c71d8d169
[  329.136843][T14855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.136862][T14855] RSP: 002b:00007f4c72b3b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  329.136885][T14855] RAX: ffffffffffffffda RBX: 00007f4c71fa5fa0 RCX: 00007f4c71d8d169
[  329.136902][T14855] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  329.136916][T14855] RBP: 00007f4c72b3b090 R08: 0000000000000000 R09: 0000000000000000
[  329.136930][T14855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  329.136943][T14855] R13: 0000000000000000 R14: 00007f4c71fa5fa0 R15: 00007ffdf95a9d18
[  329.136977][T14855]  </TASK>
[  329.729662][T14860] netlink: 'syz.1.3407': attribute type 10 has an invalid length.
[  329.863458][T14860] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  329.956899][T14867] __nla_validate_parse: 5 callbacks suppressed
[  329.956920][T14867] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3408'.
[  329.973105][T14869] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  329.982049][T14871] FAULT_INJECTION: forcing a failure.
[  329.982049][T14871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.062790][T14871] CPU: 1 UID: 0 PID: 14871 Comm: syz.1.3411 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  330.062823][T14871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  330.062837][T14871] Call Trace:
[  330.062845][T14871]  <TASK>
[  330.062855][T14871]  dump_stack_lvl+0x241/0x360
[  330.062887][T14871]  ? __pfx_dump_stack_lvl+0x10/0x10
[  330.062911][T14871]  ? __pfx__printk+0x10/0x10
[  330.062935][T14871]  ? __pfx_lock_release+0x10/0x10
[  330.062978][T14871]  should_fail_ex+0x40a/0x550
[  330.063015][T14871]  _copy_from_user+0x2d/0xb0
[  330.063045][T14871]  copy_msghdr_from_user+0xae/0x680
[  330.063075][T14871]  ? __lock_acquire+0x1397/0x2100
[  330.063109][T14871]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  330.063140][T14871]  ? __fget_files+0x2a/0x410
[  330.063173][T14871]  ? __fget_files+0x2a/0x410
[  330.063214][T14871]  do_recvmmsg+0x3bd/0xab0
[  330.063251][T14871]  ? __pfx_do_recvmmsg+0x10/0x10
[  330.063298][T14871]  ? ksys_write+0x22a/0x2b0
[  330.063320][T14871]  ? __pfx_lock_release+0x10/0x10
[  330.063368][T14871]  ? sb_end_write+0xe9/0x1c0
[  330.063400][T14871]  ? vfs_write+0x7fa/0xd10
[  330.063425][T14871]  ? __mutex_unlock_slowpath+0x227/0x800
[  330.063469][T14871]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  330.063501][T14871]  ? __fget_files+0x2a/0x410
[  330.063548][T14871]  __x64_sys_recvmmsg+0x199/0x250
[  330.063577][T14871]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  330.063604][T14871]  ? do_syscall_64+0x100/0x230
[  330.063641][T14871]  ? do_syscall_64+0xb6/0x230
[  330.063676][T14871]  do_syscall_64+0xf3/0x230
[  330.063709][T14871]  ? clear_bhb_loop+0x35/0x90
[  330.063747][T14871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.063776][T14871] RIP: 0033:0x7fe3a858d169
[  330.063795][T14871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.063815][T14871] RSP: 002b:00007fe3a932a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  330.063838][T14871] RAX: ffffffffffffffda RBX: 00007fe3a87a5fa0 RCX: 00007fe3a858d169
[  330.063855][T14871] RDX: 0000000000000002 RSI: 0000200000003c80 RDI: 0000000000000004
[  330.063869][T14871] RBP: 00007fe3a932a090 R08: 0000000000000000 R09: 0000000000000000
[  330.063883][T14871] R10: 0000000000002001 R11: 0000000000000246 R12: 0000000000000001
[  330.063897][T14871] R13: 0000000000000000 R14: 00007fe3a87a5fa0 R15: 00007ffd2e1a0198
[  330.063929][T14871]  </TASK>
[  330.825615][T14898] x_tables: duplicate underflow at hook 2
[  331.069139][T14907] A link change request failed with some changes committed already. Interface 
 may have been left with an inconsistent configuration, please check.
[  331.409634][T14918] FAULT_INJECTION: forcing a failure.
[  331.409634][T14918] name failslab, interval 1, probability 0, space 0, times 0
[  331.456822][T14918] CPU: 0 UID: 0 PID: 14918 Comm: syz.4.3424 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  331.456854][T14918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  331.456869][T14918] Call Trace:
[  331.456877][T14918]  <TASK>
[  331.456887][T14918]  dump_stack_lvl+0x241/0x360
[  331.456919][T14918]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.456944][T14918]  ? __pfx__printk+0x10/0x10
[  331.456967][T14918]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  331.456999][T14918]  ? __pfx___might_resched+0x10/0x10
[  331.457033][T14918]  should_fail_ex+0x40a/0x550
[  331.457077][T14918]  should_failslab+0xac/0x100
[  331.457112][T14918]  kmem_cache_alloc_node_noprof+0x77/0x380
[  331.457141][T14918]  ? __alloc_skb+0x1c3/0x440
[  331.457161][T14918]  ? stack_trace_save+0x118/0x1d0
[  331.457192][T14918]  __alloc_skb+0x1c3/0x440
[  331.457218][T14918]  ? __pfx___alloc_skb+0x10/0x10
[  331.457245][T14918]  ? netlink_ack_tlv_len+0x6e/0x200
[  331.457274][T14918]  netlink_ack+0x145/0xa60
[  331.457297][T14918]  ? netlink_sendmsg+0x8de/0xcb0
[  331.457321][T14918]  ? __sock_sendmsg+0x221/0x270
[  331.457348][T14918]  ? __sys_sendmsg+0x269/0x350
[  331.457386][T14918]  netlink_rcv_skb+0x294/0x480
[  331.457412][T14918]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  331.457447][T14918]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  331.457487][T14918]  ? apparmor_capable+0x13b/0x1b0
[  331.457515][T14918]  ? bpf_lsm_capable+0x9/0x10
[  331.457546][T14918]  ? security_capable+0x7e/0x2d0
[  331.457585][T14918]  nfnetlink_rcv+0x297/0x2ab0
[  331.457622][T14918]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  331.457655][T14918]  ? __dev_queue_xmit+0x2f4/0x3f50
[  331.457683][T14918]  ? __dev_queue_xmit+0x1775/0x3f50
[  331.457707][T14918]  ? kasan_save_track+0x51/0x80
[  331.457737][T14918]  ? ____sys_sendmsg+0x53a/0x860
[  331.457763][T14918]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  331.457794][T14918]  ? __dev_queue_xmit+0x2f4/0x3f50
[  331.457823][T14918]  ? __pfx___dev_queue_xmit+0x10/0x10
[  331.457865][T14918]  ? ref_tracker_free+0x643/0x7e0
[  331.457888][T14918]  ? __asan_memcpy+0x40/0x70
[  331.457908][T14918]  ? __pfx_ref_tracker_free+0x10/0x10
[  331.457928][T14918]  ? __skb_clone+0x5c/0x6c0
[  331.457967][T14918]  ? netlink_deliver_tap+0x2e/0x1b0
[  331.457991][T14918]  ? skb_clone+0x240/0x390
[  331.458016][T14918]  ? __pfx_lock_release+0x10/0x10
[  331.458049][T14918]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  331.458094][T14918]  ? netlink_deliver_tap+0x2e/0x1b0
[  331.458123][T14918]  netlink_unicast+0x7f6/0x990
[  331.458155][T14918]  ? __pfx_netlink_unicast+0x10/0x10
[  331.458176][T14918]  ? __virt_addr_valid+0x45f/0x530
[  331.458197][T14918]  ? __phys_addr_symbol+0x2f/0x70
[  331.458217][T14918]  ? __check_object_size+0x47a/0x730
[  331.458250][T14918]  netlink_sendmsg+0x8de/0xcb0
[  331.458290][T14918]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.458321][T14918]  ? aa_sock_msg_perm+0x91/0x160
[  331.458359][T14918]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.458384][T14918]  __sock_sendmsg+0x221/0x270
[  331.458416][T14918]  ____sys_sendmsg+0x53a/0x860
[  331.458449][T14918]  ? __pfx_____sys_sendmsg+0x10/0x10
[  331.458471][T14918]  ? __fget_files+0x2a/0x410
[  331.458506][T14918]  ? __fget_files+0x2a/0x410
[  331.458545][T14918]  __sys_sendmsg+0x269/0x350
[  331.458574][T14918]  ? __pfx___sys_sendmsg+0x10/0x10
[  331.458611][T14918]  ? do_sys_openat2+0x17a/0x1d0
[  331.458668][T14918]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  331.458702][T14918]  ? do_syscall_64+0x100/0x230
[  331.458738][T14918]  ? do_syscall_64+0xb6/0x230
[  331.458774][T14918]  do_syscall_64+0xf3/0x230
[  331.458806][T14918]  ? clear_bhb_loop+0x35/0x90
[  331.458840][T14918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.458895][T14918] RIP: 0033:0x7f4ed4b8d169
[  331.458915][T14918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.458933][T14918] RSP: 002b:00007f4ed591c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.458956][T14918] RAX: ffffffffffffffda RBX: 00007f4ed4da5fa0 RCX: 00007f4ed4b8d169
[  331.458972][T14918] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000003
[  331.458985][T14918] RBP: 00007f4ed591c090 R08: 0000000000000000 R09: 0000000000000000
[  331.458999][T14918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.459012][T14918] R13: 0000000000000000 R14: 00007f4ed4da5fa0 R15: 00007fffa04dc3a8
[  331.459043][T14918]  </TASK>
[  332.011774][T14922] netlink: 'syz.0.3426': attribute type 1 has an invalid length.
[  332.046228][T14922] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3426'.
[  332.475869][T14946] FAULT_INJECTION: forcing a failure.
[  332.475869][T14946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.502529][T14946] CPU: 0 UID: 0 PID: 14946 Comm: syz.4.3438 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  332.502561][T14946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  332.502575][T14946] Call Trace:
[  332.502583][T14946]  <TASK>
[  332.502592][T14946]  dump_stack_lvl+0x241/0x360
[  332.502624][T14946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.502648][T14946]  ? __pfx__printk+0x10/0x10
[  332.502672][T14946]  ? __pfx_lock_release+0x10/0x10
[  332.502714][T14946]  should_fail_ex+0x40a/0x550
[  332.502751][T14946]  _copy_from_user+0x2d/0xb0
[  332.502782][T14946]  copy_msghdr_from_user+0xae/0x680
[  332.502812][T14946]  ? __pfx___might_resched+0x10/0x10
[  332.502845][T14946]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  332.502881][T14946]  ? do_recvmmsg+0x44e/0xab0
[  332.502905][T14946]  ? __might_fault+0xaa/0x120
[  332.502932][T14946]  do_recvmmsg+0x3bd/0xab0
[  332.502969][T14946]  ? __pfx_do_recvmmsg+0x10/0x10
[  332.503015][T14946]  ? ksys_write+0x22a/0x2b0
[  332.503039][T14946]  ? __pfx_lock_release+0x10/0x10
[  332.503077][T14946]  ? sb_end_write+0xe9/0x1c0
[  332.503108][T14946]  ? vfs_write+0x7fa/0xd10
[  332.503134][T14946]  ? __mutex_unlock_slowpath+0x227/0x800
[  332.503177][T14946]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  332.503209][T14946]  ? __fget_files+0x2a/0x410
[  332.503261][T14946]  __x64_sys_recvmmsg+0x199/0x250
[  332.503290][T14946]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  332.503318][T14946]  ? do_syscall_64+0x100/0x230
[  332.503353][T14946]  ? do_syscall_64+0xb6/0x230
[  332.503388][T14946]  do_syscall_64+0xf3/0x230
[  332.503421][T14946]  ? clear_bhb_loop+0x35/0x90
[  332.503455][T14946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.503484][T14946] RIP: 0033:0x7f4ed4b8d169
[  332.503508][T14946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.503525][T14946] RSP: 002b:00007f4ed591c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  332.503548][T14946] RAX: ffffffffffffffda RBX: 00007f4ed4da5fa0 RCX: 00007f4ed4b8d169
[  332.503564][T14946] RDX: 0000000000000a0d RSI: 00002000000066c0 RDI: 0000000000000005
[  332.503578][T14946] RBP: 00007f4ed591c090 R08: 0000000000000000 R09: 0000000000000000
[  332.503590][T14946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  332.503603][T14946] R13: 0000000000000000 R14: 00007f4ed4da5fa0 R15: 00007fffa04dc3a8
[  332.503635][T14946]  </TASK>
[  332.837647][T14949] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3439'.
[  332.852014][T14949] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.861132][T14949] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.142869][T14956] netlink: 'syz.0.3442': attribute type 10 has an invalid length.
[  333.206586][T14958] FAULT_INJECTION: forcing a failure.
[  333.206586][T14958] name failslab, interval 1, probability 0, space 0, times 0
[  333.238251][T14961] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3444'.
[  333.259316][T14956] 8021q: adding VLAN 0 to HW filter on device team0
[  333.273023][T14956] bond0: (slave team0): Enslaving as an active interface with an up link
[  333.283477][T14958] CPU: 0 UID: 0 PID: 14958 Comm: syz.0.3442 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  333.283506][T14958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  333.283521][T14958] Call Trace:
[  333.283529][T14958]  <TASK>
[  333.283539][T14958]  dump_stack_lvl+0x241/0x360
[  333.283582][T14958]  ? __pfx_dump_stack_lvl+0x10/0x10
[  333.283605][T14958]  ? __pfx__printk+0x10/0x10
[  333.283629][T14958]  ? __kmalloc_noprof+0xb5/0x4c0
[  333.283659][T14958]  ? __pfx___might_resched+0x10/0x10
[  333.283693][T14958]  should_fail_ex+0x40a/0x550
[  333.283735][T14958]  should_failslab+0xac/0x100
[  333.283783][T14958]  __kmalloc_noprof+0xdd/0x4c0
[  333.283811][T14958]  ? alloc_port_data+0x10a/0x3c0
[  333.283846][T14958]  alloc_port_data+0x10a/0x3c0
[  333.283885][T14958]  ib_device_set_netdev+0xd1/0x6b0
[  333.283916][T14958]  ? debug_mutex_init+0x38/0x70
[  333.283942][T14958]  ? rxe_register_device+0x18b/0x350
[  333.283962][T14958]  ? ib_set_device_ops+0x3beb/0x3d20
[  333.283998][T14958]  rxe_register_device+0x1ea/0x350
[  333.284025][T14958]  rxe_net_add+0x74/0xf0
[  333.284047][T14958]  rxe_newlink+0xde/0x1a0
[  333.284078][T14958]  nldev_newlink+0x5ea/0x680
[  333.284105][T14958]  ? __pfx_nldev_newlink+0x10/0x10
[  333.284230][T14958]  ? __pfx_aa_get_newest_label+0x10/0x10
[  333.284265][T14958]  ? __pfx_aa_get_newest_label+0x10/0x10
[  333.284315][T14958]  ? bpf_lsm_capable+0x9/0x10
[  333.284345][T14958]  ? security_capable+0x7e/0x2d0
[  333.284380][T14958]  ? __pfx_nldev_newlink+0x10/0x10
[  333.284406][T14958]  rdma_nl_rcv+0x6dd/0x9e0
[  333.284444][T14958]  ? __pfx_rdma_nl_rcv+0x10/0x10
[  333.284509][T14958]  ? netlink_deliver_tap+0x2e/0x1b0
[  333.284539][T14958]  netlink_unicast+0x7f6/0x990
[  333.284572][T14958]  ? __pfx_netlink_unicast+0x10/0x10
[  333.284593][T14958]  ? __virt_addr_valid+0x45f/0x530
[  333.284615][T14958]  ? __phys_addr_symbol+0x2f/0x70
[  333.284635][T14958]  ? __check_object_size+0x47a/0x730
[  333.284669][T14958]  netlink_sendmsg+0x8de/0xcb0
[  333.284710][T14958]  ? __pfx_netlink_sendmsg+0x10/0x10
[  333.284742][T14958]  ? aa_sock_msg_perm+0x91/0x160
[  333.284780][T14958]  ? __pfx_netlink_sendmsg+0x10/0x10
[  333.284804][T14958]  __sock_sendmsg+0x221/0x270
[  333.284838][T14958]  ____sys_sendmsg+0x53a/0x860
[  333.284872][T14958]  ? __pfx_____sys_sendmsg+0x10/0x10
[  333.284893][T14958]  ? __fget_files+0x2a/0x410
[  333.284929][T14958]  ? __fget_files+0x2a/0x410
[  333.284970][T14958]  __sys_sendmsg+0x269/0x350
[  333.285000][T14958]  ? __pfx___sys_sendmsg+0x10/0x10
[  333.285039][T14958]  ? do_sys_openat2+0x17a/0x1d0
[  333.285100][T14958]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  333.285135][T14958]  ? do_syscall_64+0x100/0x230
[  333.285171][T14958]  ? do_syscall_64+0xb6/0x230
[  333.285217][T14958]  do_syscall_64+0xf3/0x230
[  333.285249][T14958]  ? clear_bhb_loop+0x35/0x90
[  333.285283][T14958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.285312][T14958] RIP: 0033:0x7f4c71d8d169
[  333.285331][T14958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.285349][T14958] RSP: 002b:00007f4c72b1a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  333.285371][T14958] RAX: ffffffffffffffda RBX: 00007f4c71fa6080 RCX: 00007f4c71d8d169
[  333.285388][T14958] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[  333.285401][T14958] RBP: 00007f4c72b1a090 R08: 0000000000000000 R09: 0000000000000000
[  333.285415][T14958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.285428][T14958] R13: 0000000000000001 R14: 00007f4c71fa6080 R15: 00007ffdf95a9d18
[  333.285461][T14958]  </TASK>
[  333.285591][T14958] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  333.589291][T14970] netlink: 'syz.2.3445': attribute type 1 has an invalid length.
[  333.600828][T14961] xfrm1: entered promiscuous mode
[  333.669287][T14961] xfrm1: entered allmulticast mode
[  333.717732][T14970] netlink: 'syz.2.3445': attribute type 1 has an invalid length.
[  333.989898][T14977] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  334.290147][T14989] netlink: 180 bytes leftover after parsing attributes in process `syz.4.3451'.
[  334.396110][T14996] Bluetooth: MGMT ver 1.23
[  334.629079][T15005] ax25_connect(): syz.3.3456 uses autobind, please contact jreuter@yaina.de
[  334.717572][T15002] ------------[ cut here ]------------
[  334.723526][T15002] refcount_t: decrement hit 0; leaking memory.
[  334.733266][T15002] WARNING: CPU: 1 PID: 15002 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0
[  334.743135][T15002] Modules linked in:
[  334.747156][T15002] CPU: 1 UID: 0 PID: 15002 Comm: syz.3.3456 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  334.759024][T15002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  334.770026][T15002] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  334.776285][T15002] Code: b2 00 00 00 e8 17 38 cc fc 5b 5d c3 cc cc cc cc e8 0b 38 cc fc c6 05 35 6e 31 0b 01 90 48 c7 c7 40 b6 80 8c e8 37 f3 8b fc 90 <0f> 0b 90 90 eb d9 e8 eb 37 cc fc c6 05 12 6e 31 0b 01 90 48 c7 c7
[  334.796623][T15002] RSP: 0018:ffffc9000be77b68 EFLAGS: 00010246
[  334.802752][T15002] RAX: 8627373048d4bc00 RBX: ffff888024f8264c RCX: ffff88803f8bda00
[  334.810905][T15002] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  334.819215][T15002] RBP: 0000000000000004 R08: ffffffff81819e52 R09: fffffbfff1d3a69c
[  334.827396][T15002] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: ffff888024f82608
[  334.835413][T15002] R13: 0000000000000000 R14: ffff888024f8264c R15: dffffc0000000000
[  334.843524][T15002] FS:  0000555568552500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  334.853474][T15002] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  334.860962][T15002] CR2: 0000200000000040 CR3: 000000005d382000 CR4: 00000000003526f0
[  334.869145][T15002] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  334.877249][T15002] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  334.885260][T15002] Call Trace:
[  334.888649][T15002]  <TASK>
[  334.891617][T15002]  ? __warn+0x165/0x4d0
[  334.895945][T15002]  ? refcount_warn_saturate+0xfa/0x1d0
[  334.901460][T15002]  ? report_bug+0x2b3/0x500
[  334.906119][T15002]  ? refcount_warn_saturate+0xfa/0x1d0
[  334.911638][T15002]  ? handle_bug+0x60/0x90
[  334.916111][T15002]  ? exc_invalid_op+0x1a/0x50
[  334.920837][T15002]  ? asm_exc_invalid_op+0x1a/0x20
[  334.926009][T15002]  ? __warn_printk+0x292/0x360
[  334.930948][T15002]  ? refcount_warn_saturate+0xfa/0x1d0
[  334.936564][T15002]  ? refcount_warn_saturate+0xf9/0x1d0
[  334.942132][T15002]  ref_tracker_free+0x6af/0x7e0
[  334.947238][T15002]  ? __pfx_ref_tracker_free+0x10/0x10
[  334.952681][T15002]  ? ax25_destroy_socket+0x551/0x5c0
[  334.959099][T15002]  ax25_release+0x368/0x960
[  334.963670][T15002]  sock_close+0xbc/0x240
[  334.968781][T15002]  ? __pfx_sock_close+0x10/0x10
[  334.973695][T15002]  __fput+0x3e9/0x9f0
[  334.977888][T15002]  task_work_run+0x24f/0x310
[  334.982530][T15002]  ? _raw_spin_unlock+0x28/0x50
[  334.987550][T15002]  ? __pfx_task_work_run+0x10/0x10
[  334.992706][T15002]  ? syscall_exit_to_user_mode+0xa3/0x340
[  334.998597][T15002]  syscall_exit_to_user_mode+0x13f/0x340
[  335.004321][T15002]  do_syscall_64+0x100/0x230
[  335.009071][T15002]  ? clear_bhb_loop+0x35/0x90
[  335.013799][T15002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.019856][T15002] RIP: 0033:0x7fe7bf78d169
[  335.024319][T15002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.044174][T15002] RSP: 002b:00007ffdc610d8a8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  335.052734][T15002] RAX: 0000000000000000 RBX: 00007fe7bf9a7ba0 RCX: 00007fe7bf78d169
[  335.061753][T15002] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  335.070664][T15002] RBP: 00007fe7bf9a7ba0 R08: 0000000000000264 R09: 0000001ec610db9f
[  335.078815][T15002] R10: 00000000003ffb78 R11: 0000000000000246 R12: 0000000000051df8
[  335.086901][T15002] R13: 00007fe7bf9a6080 R14: ffffffffffffffff R15: 00007ffdc610d9c0
[  335.094931][T15002]  </TASK>
[  335.098065][T15002] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  335.105378][T15002] CPU: 1 UID: 0 PID: 15002 Comm: syz.3.3456 Not tainted 6.14.0-rc7-syzkaller-00140-ged3ba9b6e280 #0
[  335.116168][T15002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  335.126436][T15002] Call Trace:
[  335.129749][T15002]  <TASK>
[  335.132711][T15002]  dump_stack_lvl+0x241/0x360
[  335.137431][T15002]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.142675][T15002]  ? __pfx__printk+0x10/0x10
[  335.147300][T15002]  ? _printk+0xd5/0x120
[  335.151491][T15002]  ? __init_begin+0x41000/0x41000
[  335.156560][T15002]  ? vscnprintf+0x5d/0x90
[  335.160926][T15002]  panic+0x349/0x880
[  335.164838][T15002]  ? __warn+0x174/0x4d0
[  335.169018][T15002]  ? __pfx_panic+0x10/0x10
[  335.173456][T15002]  __warn+0x344/0x4d0
[  335.177455][T15002]  ? refcount_warn_saturate+0xfa/0x1d0
[  335.182935][T15002]  report_bug+0x2b3/0x500
[  335.187341][T15002]  ? refcount_warn_saturate+0xfa/0x1d0
[  335.192848][T15002]  handle_bug+0x60/0x90
[  335.197025][T15002]  exc_invalid_op+0x1a/0x50
[  335.201547][T15002]  asm_exc_invalid_op+0x1a/0x20
[  335.206420][T15002] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  335.212537][T15002] Code: b2 00 00 00 e8 17 38 cc fc 5b 5d c3 cc cc cc cc e8 0b 38 cc fc c6 05 35 6e 31 0b 01 90 48 c7 c7 40 b6 80 8c e8 37 f3 8b fc 90 <0f> 0b 90 90 eb d9 e8 eb 37 cc fc c6 05 12 6e 31 0b 01 90 48 c7 c7
[  335.232170][T15002] RSP: 0018:ffffc9000be77b68 EFLAGS: 00010246
[  335.238255][T15002] RAX: 8627373048d4bc00 RBX: ffff888024f8264c RCX: ffff88803f8bda00
[  335.246240][T15002] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  335.254307][T15002] RBP: 0000000000000004 R08: ffffffff81819e52 R09: fffffbfff1d3a69c
[  335.262289][T15002] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: ffff888024f82608
[  335.270270][T15002] R13: 0000000000000000 R14: ffff888024f8264c R15: dffffc0000000000
[  335.278254][T15002]  ? __warn_printk+0x292/0x360
[  335.283051][T15002]  ? refcount_warn_saturate+0xf9/0x1d0
[  335.288528][T15002]  ref_tracker_free+0x6af/0x7e0
[  335.293389][T15002]  ? __pfx_ref_tracker_free+0x10/0x10
[  335.298781][T15002]  ? ax25_destroy_socket+0x551/0x5c0
[  335.304090][T15002]  ax25_release+0x368/0x960
[  335.308614][T15002]  sock_close+0xbc/0x240
[  335.312870][T15002]  ? __pfx_sock_close+0x10/0x10
[  335.317737][T15002]  __fput+0x3e9/0x9f0
[  335.321751][T15002]  task_work_run+0x24f/0x310
[  335.326370][T15002]  ? _raw_spin_unlock+0x28/0x50
[  335.331245][T15002]  ? __pfx_task_work_run+0x10/0x10
[  335.336372][T15002]  ? syscall_exit_to_user_mode+0xa3/0x340
[  335.342110][T15002]  syscall_exit_to_user_mode+0x13f/0x340
[  335.347769][T15002]  do_syscall_64+0x100/0x230
[  335.352397][T15002]  ? clear_bhb_loop+0x35/0x90
[  335.357098][T15002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.363012][T15002] RIP: 0033:0x7fe7bf78d169
[  335.367444][T15002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.387061][T15002] RSP: 002b:00007ffdc610d8a8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  335.395585][T15002] RAX: 0000000000000000 RBX: 00007fe7bf9a7ba0 RCX: 00007fe7bf78d169
[  335.403580][T15002] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  335.411565][T15002] RBP: 00007fe7bf9a7ba0 R08: 0000000000000264 R09: 0000001ec610db9f
[  335.419549][T15002] R10: 00000000003ffb78 R11: 0000000000000246 R12: 0000000000051df8
[  335.427532][T15002] R13: 00007fe7bf9a6080 R14: ffffffffffffffff R15: 00007ffdc610d9c0
[  335.435530][T15002]  </TASK>
[  335.438919][T15002] Kernel Offset: disabled
[  335.443312][T15002] Rebooting in 86400 seconds..