last executing test programs:

1m25.795300476s ago: executing program 4 (id=221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000400000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x9b)

1m5.200809769s ago: executing program 4 (id=221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000400000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x9b)

48.439881808s ago: executing program 4 (id=221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000400000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x9b)

31.008529439s ago: executing program 4 (id=221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000400000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x9b)

17.545504896s ago: executing program 4 (id=221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000400000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x9b)

3.565556256s ago: executing program 2 (id=933):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000004100)=@base={0x12, 0x12, 0x8, 0x2}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x6b, 0x11, 0x32}]}, 0x0}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r3, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@delneigh={0x44, 0x1a, 0x1, 0x0, 0x0, {0xa}, [@NDA_CACHEINFO={0x14, 0x3, {0x7}}, @NDA_DST_IPV6={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @remote}}]}, 0x44}}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={r0, &(0x7f0000000140)="8d", 0x0}, 0x20)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000), 0x35)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001740)={0x18, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000300)='syzkaller\x00'}, 0x90)
r8 = socket$unix(0x1, 0x5, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r10, @ANYBLOB="010005000000000000003900000008000300", @ANYRES32=r11, @ANYBLOB="70005a806c00018014000300000000000000000001000000000000004d00020008064110262838481128263f34193e2a1d4b55371c0328552927232b143d0b3e41501439421f19391b0f2d0d352c2e2b43322b461a2a3b4e0a2c11192c2d18080a472149280a215336000000040001"], 0x8c}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r6}, &(0x7f00000000c0), &(0x7f0000000100)=r7}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r6}, &(0x7f0000000640), &(0x7f0000000180)=r7}, 0x20)

3.399557337s ago: executing program 2 (id=935):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000380)={'gre0\x00', <r2=>0x0, 0x10, 0x20, 0x800, 0x7f, {{0x9, 0x4, 0x1, 0x1, 0x24, 0x66, 0x0, 0x0, 0x2f, 0x0, @remote, @broadcast, {[@rr={0x7, 0xf, 0x27, [@rand_addr=0x64010100, @multicast1, @private=0xa010101]}]}}}}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0xf000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x0, 0x5, 0x7f, 0x0, 0x41, 0xffffffffffffffff, 0x40, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5}, 0x48)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000700)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x20, 0x1ff, 0x23, 0x20000000, 0x822, 0xffffffffffffffff, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x5, &(0x7f0000000080)=@raw=[@cb_func={0x18, 0x1, 0x4, 0x0, 0xdc6e}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x4, 0x1, 0x9, 0xb, 0xb, 0x40, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], &(0x7f00000000c0)='GPL\x00', 0x8, 0x36, &(0x7f0000000100)=""/54, 0x40f00, 0x10, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x0, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000580)=[r3, r4, r5, r6], &(0x7f00000008c0)=[{0x5, 0x4, 0x4, 0x4}, {0x2, 0x3, 0xd, 0x4}, {0x0, 0x4, 0xd, 0xb}, {0x3, 0x1, 0x9, 0xb}, {0x2, 0x4, 0x9, 0x8}, {0x2, 0x3, 0x1, 0x3}], 0x10, 0x7}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x4000000, 0x3c, 0x72, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0x6c, 0xc4, &(0x7f0000000400)="cf2240e6919817e49555d221b4e6c6ba11c4d974ddab2318db7b52cee499399a00be4b71119246d7bca28cc8346eb84414e45f3f4633f4acb77bf8cc38c4c16fe035905db79cdc0be634a915662c4cac58ae94706f86ea320f339c21399b5bb7607044916c63c528ab414971", &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31ec60bb901d96ea99471d823ee523318878ee704a8d9502b566cad45587cb74ea8259c1c0a926fc09499395b2db5af40bb6f4c526", 0x0, 0x8000}, 0x50)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000680)=r7, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r1)
sendmsg$IEEE802154_ADD_IFACE(r8, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x28, r9, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0)

3.356290704s ago: executing program 2 (id=937):
r0 = socket$packet(0x11, 0x1, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockname(0xffffffffffffffff, &(0x7f00000014c0)=@ll={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80)
sendmsg$nl_route_sched(r1, &(0x7f00000093c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@deltfilter={0x30, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xb, 0x1}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6_vti0\x00', 0x0, 0x2f, 0xc1, 0x4, 0x9, 0x39, @loopback, @mcast2, 0x700, 0x7, 0xcce, 0x5}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'macsec0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r3, @ANYBLOB="da"], 0x20}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'ip6_vti0\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x2f, 0x87, 0x8a, 0x7fff, 0x40, @remote, @mcast2, 0x7, 0x40, 0x1000, 0xbc61}})
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r8, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev, 'lo\x00'}}, 0x1e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x6c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020022003505d25a806f8c6394f90435fc600400110a0a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
sendmmsg(r8, &(0x7f0000000080), 0x4000000000001f0, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR={0xa, 0x9, @dev}, @IFLA_MACVLAN_BC_QUEUE_LEN={0x8}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x50}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$inet6(0xa, 0x2, 0x3a)
unshare(0x20000400)
bind$inet6(r10, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0xa8a183fffe41dd5c}}, 0x1c)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000011000500000000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000014001a80100004800c000480"], 0x34}}, 0x0)

2.916793447s ago: executing program 1 (id=943):
r0 = socket$kcm(0xa, 0x6, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10d, 0xb, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
write$binfmt_misc(r1, &(0x7f0000000000)={'syz0', "f59cdee48380c36037490b121de521175468c22110696f20b5d90fbd6d5f85c4ca5655fe7f74e26669a96a729c6adc1d86a8477408b5a1d469ad75c3bf2e9a90ba40ef96ce5c247eba4f4772f74d78b2c304f688e0814371a852e3a9ced24140d3e63774a1f50cf2a9c6a05be56427b4761ed674c90616815e5b74c9b40a2bac9e94cbafc1489f786fe51b8332914a04abb104348cbd8c8e7ec102ab987713300d5f98c4b24aae1c04d106680ac8f869882377875010ae5bb9cfda4ef23e"}, 0xc2)

2.826205854s ago: executing program 0 (id=945):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@security={'security\x00', 0x4, 0x12, 0x3b8, 0xffffffff, 0xd0, 0x1a8, 0xd0, 0xffffffff, 0xffffffff, 0x2e8, 0x2e8, 0x2e8, 0xffffffff, 0x7fffffe, 0x0, {[{{@ipv6={@dev, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'bridge_slave_1\x00', 'geneve0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x3}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'geneve1\x00', 'macvlan0\x00'}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'syz0\x00'}}, @common=@ipv6header={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418)

2.743844806s ago: executing program 1 (id=946):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x60, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}, @IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x60}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x4, 0x0, 0x0, 0x41100, 0x61, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x0, 0xfffffffd, @mcast1, 0x9}, @in6={0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @in={0x2, 0x0, @local}, @in6={0xa, 0x4e24, 0x401, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x80}], 0x64)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
gettid()
sendmsg$nl_route(r4, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={&(0x7f0000f4dff4), 0x4d9, &(0x7f0000000040)={&(0x7f0000000080)=@migrate={0x15c, 0x21, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@dev}}, [@migrate={0x10c}]}, 0x15c}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000140), 0xc, &(0x7f0000000680)={&(0x7f0000000cc0)={0xb0, r8, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4c}]}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_BEARER={0x38, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_NAME={0x11, 0x1, @l2={'eth', 0x3a, 'ip6_vti0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}, @TIPC_NLA_MEDIA={0x8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4c040}, 0x40)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r9=>0x0})
r10 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r10, &(0x7f0000000000)={0x1d, r9}, 0x10)
bind$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x7ff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, 0x1c)
setsockopt$CAN_RAW_FILTER(r10, 0x65, 0x1, &(0x7f0000000040)=[{}, {}], 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x4888, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)

2.700454825s ago: executing program 0 (id=947):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000380)={'gre0\x00', <r2=>0x0, 0x10, 0x20, 0x800, 0x7f, {{0x9, 0x4, 0x1, 0x1, 0x24, 0x66, 0x0, 0x0, 0x2f, 0x0, @remote, @broadcast, {[@rr={0x7, 0xf, 0x27, [@rand_addr=0x64010100, @multicast1, @private=0xa010101]}]}}}}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0xf000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x0, 0x5, 0x7f, 0x0, 0x41, 0xffffffffffffffff, 0x40, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5}, 0x48)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000700)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x20, 0x1ff, 0x23, 0x20000000, 0x822, 0xffffffffffffffff, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x5, &(0x7f0000000080)=@raw=[@cb_func={0x18, 0x1, 0x4, 0x0, 0xdc6e}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x4, 0x1, 0x9, 0xb, 0xb, 0x40, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], &(0x7f00000000c0)='GPL\x00', 0x8, 0x36, &(0x7f0000000100)=""/54, 0x40f00, 0x10, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x0, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000580)=[r3, r4, r5, r6], &(0x7f00000008c0)=[{0x5, 0x4, 0x4, 0x4}, {0x2, 0x3, 0xd, 0x4}, {0x0, 0x4, 0xd, 0xb}, {0x3, 0x1, 0x9, 0xb}, {0x2, 0x4, 0x9, 0x8}, {0x2, 0x3, 0x1, 0x3}], 0x10, 0x7}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x4000000, 0x3c, 0x72, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0x6c, 0xc4, &(0x7f0000000400)="cf2240e6919817e49555d221b4e6c6ba11c4d974ddab2318db7b52cee499399a00be4b71119246d7bca28cc8346eb84414e45f3f4633f4acb77bf8cc38c4c16fe035905db79cdc0be634a915662c4cac58ae94706f86ea320f339c21399b5bb7607044916c63c528ab414971", &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31ec60bb901d96ea99471d823ee523318878ee704a8d9502b566cad45587cb74ea8259c1c0a926fc09499395b2db5af40bb6f4c526", 0x0, 0x8000}, 0x50)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000680)=r7, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r1)
sendmsg$IEEE802154_ADD_IFACE(r8, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x28, r9, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x28}}, 0x0)

2.562772027s ago: executing program 0 (id=949):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="cbceb2e078bd4338bc12f9d1ab20a503709b03cfc22e6432576b01d6eb78653c640aa8bc2dfd495c0000877d3c33758511911fd3855be1c67da6517819162c6d750eb234d3c75183ae90e817b113e9ecf9d055635d17810e1768eafce9ea7c6ede7d9a2a43cf856d2bef4899ab8cb24bf9d4f4295fe78006aacdb6ed7ba08ac5087e49a6fe74f469046c72cea25522471ca9e4b4143a738930bf3aa85a56fee068cfca2073d0c5f71f4b9b48da5443ffa3eb6e27656b9bcdc7838a996b57ee3ac0365e53e309e219496734d7b0b708b893d305f3a90600ff2b74cde13b6f67e560d0cd74ea83b29163d1e66e5a34acce6461d3d77be49c85c3dcf3e5f13a863ef557e7a1d4c57a8c0baa3e1afd293b3bc91524b92db57daa7eee2a89a43dc59e3d5e9f6ed6574e6d8922a1570000000000"], 0x14}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet_tcp_int(r1, 0x6, 0x1b, &(0x7f0000000080)=0x3, 0x17)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e20, @broadcast}, 0x10)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000140))
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, 0x3, 0x1, 0x101}, 0x14}}, 0x0)
recvfrom(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000001e40)='syz0\x00', 0x1ff)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9)

2.504644283s ago: executing program 1 (id=950):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
unshare(0x22020600)
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@cred={{0x1c}}], 0x20}, 0x0)
poll(&(0x7f0000000040), 0x55, 0x500)

2.261564346s ago: executing program 2 (id=951):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="5c00000015006b05c84e21000ab16d6e230675f803000000440002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.260842047s ago: executing program 2 (id=952):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendto(0xffffffffffffffff, &(0x7f0000000600)="78f01fdd318b3d303d0d32d4c0c82be8c1c2cb3ba95bdfe21be037ee42bd8eb4459e4b2a0faa334b41b1c8924bee84548e169ac08c55ff8e2e5ef42003e755a0d716e7824aa2a96b03f3172cfe5e991de0866ac3a573e9675c74165a777e98", 0x5f, 0x80, &(0x7f0000000680)=@phonet={0x23, 0x81, 0x6, 0x80}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
r3 = socket(0x400000000010, 0x0, 0x0)
write(r3, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02", 0x10)
socket(0x10, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@ifindex, 0xffffffffffffffff, 0x0, 0x0, 0x0, @link_id}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x54)
socket(0xa, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$MRT_TABLE(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x60, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x2c, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x1}, @TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x2e, 0xb, 0x44}, @TCA_FQ_CODEL_TARGET={0x8}]}}]}, 0x60}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@broadcast, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {0x1000}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @val={0x1, 0x5, [{0x2}, {}, {0xb, 0x1}, {0x0, 0x1}, {0xc}]}, @void, @val={0x4, 0x6, {0x5, 0x40, 0x7}}, @void, @void, @void, @void}, 0x33)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))

2.207934479s ago: executing program 1 (id=953):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendto(0xffffffffffffffff, &(0x7f0000000600)="78f01fdd318b3d303d0d32d4c0c82be8c1c2cb3ba95bdfe21be037ee42bd8eb4459e4b2a0faa334b41b1c8924bee84548e169ac08c55ff8e2e5ef42003e755a0d716e7824aa2a96b03f3172cfe5e991de0866ac3a573e9675c74165a777e98", 0x5f, 0x80, &(0x7f0000000680)=@phonet={0x23, 0x81, 0x6, 0x80}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
r3 = socket(0x400000000010, 0x0, 0x0)
write(r3, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02", 0x10)
socket(0x10, 0x0, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@ifindex, 0xffffffffffffffff, 0x0, 0x0, 0x0, @link_id}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x54)
socket(0xa, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$MRT_TABLE(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x60, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x2c, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x1}, @TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x2e, 0xb, 0x44}, @TCA_FQ_CODEL_TARGET={0x8}]}}]}, 0x60}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@broadcast, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {0x1000}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @val={0x1, 0x5, [{0x2}, {}, {0xb, 0x1}, {0x0, 0x1}, {0xc}]}, @void, @val={0x4, 0x6, {0x5, 0x40, 0x7}}, @void, @void, @void, @void}, 0x33)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))

2.161061467s ago: executing program 0 (id=954):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_init_net_socket$ax25(0x3, 0x5, 0xca)
sendto(r2, &(0x7f0000000600)="78f01fdd318b3d303d0d32d4c0c82be8c1c2cb3ba95bdfe21be037ee42bd8eb4459e4b2a0faa334b41b1c8924bee84548e169ac08c55ff8e2e5ef42003e755a0d716e7824aa2a96b03f3172cfe5e991de0866ac3a573e9675c74165a777e98", 0x5f, 0x80, &(0x7f0000000680)=@phonet={0x23, 0x81, 0x6}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
r4 = socket(0x400000000010, 0x0, 0x0)
write(r4, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02", 0x10)
socket(0x10, 0x0, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@ifindex, 0xffffffffffffffff, 0x0, 0x0, 0x0, @link_id}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x54)
socket(0xa, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$MRT_TABLE(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x60, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x2c, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x1}, @TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x2e, 0xb, 0x44}, @TCA_FQ_CODEL_TARGET={0x8}]}}]}, 0x60}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@broadcast, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {0x1000}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @val={0x1, 0x5, [{0x2}, {}, {0xb, 0x1}, {0x0, 0x1}, {0xc}]}, @void, @val={0x4, 0x6, {0x5, 0x40, 0x7}}, @void, @void, @void, @void}, 0x33)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))

1.729488781s ago: executing program 3 (id=955):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x3c, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x34}}, @ip_tos_u8={{0x18, 0x29, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x14}, 0x0) (async)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x3c, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x34}}, @ip_tos_u8={{0x18, 0x29, 0x4}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x14}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="270400000900000000fcc70000000000"], 0x18}}, 0x0)

1.656311903s ago: executing program 3 (id=956):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x12, &(0x7f0000000580)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}, @IFLA_VLAN_FLAGS={0xc}]}}}]}, 0x48}}, 0x0)

1.655874606s ago: executing program 3 (id=957):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="4000000010000100"/20, @ANYRES32=r2, @ANYBLOB="00000000000000001400128009000100052ba4af5d29d509040002800c001a80080002"], 0x40}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x11, 0x80a, 0x0) (async)
ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040)) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00'}) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="4000000010000100"/20, @ANYRES32=r2, @ANYBLOB="00000000000000001400128009000100052ba4af5d29d509040002800c001a80080002"], 0x40}}, 0x0) (async)

1.620336613s ago: executing program 4 (id=221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000400000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x9b)

789.923499ms ago: executing program 0 (id=958):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0) (fail_nth: 26)

789.140587ms ago: executing program 1 (id=959):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
socketpair$nbd(0x1, 0x1, 0x0, 0x0) (async)
close(0xffffffffffffffff) (async)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140)={@remote}, 0x20) (async)
syz_emit_ethernet(0x4a, &(0x7f00000014c0)=ANY=[@ANYBLOB], 0x0) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000500)=ANY=[], 0x0, 0x91}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0xfeffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000000740)={0x10, 0x0, 0x0, 0x200}, 0xc) (async)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r3, 0x10e, 0x8, &(0x7f00000000c0)=0x7fffffff, 0x4) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r4, &(0x7f0000000680)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x14}, 0x14}}, 0x0) (async)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) (async)
listen(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000005001700fa0008000300", @ANYRES32=r7, @ANYBLOB="4800308014000400403a050c5bae9c544ef2b6d713459a7a2800018008000100000000001c000380060001000000000008000200020000000800020002000000050002"], 0x64}}, 0x0)

784.629756ms ago: executing program 2 (id=960):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x60, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}, @IPSET_ATTR_CADT_FLAGS={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x60}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x4, 0x0, 0x0, 0x41100, 0x61, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x0, 0xfffffffd, @mcast1, 0x9}, @in6={0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @in={0x2, 0x0, @local}, @in6={0xa, 0x4e24, 0x401, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x80}], 0x64)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
gettid()
sendmsg$nl_route(r4, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={&(0x7f0000f4dff4), 0x4d9, &(0x7f0000000040)={&(0x7f0000000080)=@migrate={0x15c, 0x21, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@dev}}, [@migrate={0x10c}]}, 0x15c}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000140), 0xc, &(0x7f0000000680)={&(0x7f0000000cc0)={0xb0, r8, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80000000}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4c}]}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_BEARER={0x38, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_NAME={0x11, 0x1, @l2={'eth', 0x3a, 'ip6_vti0\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8}]}, @TIPC_NLA_MEDIA={0x8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4c040}, 0x40)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r9=>0x0})
r10 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r10, &(0x7f0000000000)={0x1d, r9}, 0x10)
bind$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x7ff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, 0x1c)
setsockopt$CAN_RAW_FILTER(r10, 0x65, 0x1, &(0x7f0000000040)=[{}, {}], 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x4888, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)

783.611482ms ago: executing program 3 (id=961):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000780)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x28}, @printk={@llx}]}, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x3000, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

476.806463ms ago: executing program 3 (id=962):
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000800)=@filter={'filter\x00', 0xe, 0x4, 0x358, 0xffffffff, 0x110, 0x1e0, 0x0, 0xffffffff, 0xffffffff, 0x340, 0x340, 0x340, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "790d4f053ac830c68008c5ea5cf666f0e6aaf3d093b738359174aead424e"}}}, {{@ipv6={@mcast2, @mcast1, [], [], 'bridge_slave_1\x00', 'wlan1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}, {{@ipv6={@local, @mcast1, [], [], 'team0\x00', 'veth1_to_team\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffb}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8) (fail_nth: 4)

471.716694ms ago: executing program 1 (id=963):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x46, &(0x7f0000000180)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000240)=0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet(0x2, 0x80001, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000080), r3)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xf, 0x20, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8f0, 0x0, 0x0, 0x0, 0x9}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @map_fd={0x18, 0x4, 0x1, 0x0, r2}, @jmp={0x5, 0x0, 0xc, 0x9, 0x7, 0x0, 0x1}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x6}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2dc7}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)

394.791872ms ago: executing program 0 (id=964):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x30, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc}]}]}, 0x30}}, 0x0) (fail_nth: 7)

0s ago: executing program 3 (id=965):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, 0x0}, 0x0)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48)
r2 = socket(0x2, 0x80802, 0x0)
r3 = epoll_create1(0x0)
epoll_pwait(r3, &(0x7f00000001c0)=[{}], 0x1, 0xc79, &(0x7f0000000240)={[0x2]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x2001})
epoll_pwait(r3, &(0x7f00000002c0)=[{}, {}, {}, {}, {}], 0x5, 0x8, &(0x7f0000000300)={[0x9]}, 0x8)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000000c0), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f0000000140)='P', &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

kernel console output (not intermixed with test programs):

e+0x10/0x10
[  136.342303][ T7676]  ? sanity_check_pinned_pages+0x12c2/0x13c0
[  136.348457][ T7676]  ? gup_fast_fallback+0x220d/0x2b40
[  136.353784][ T7676]  gup_fast_fallback+0x2732/0x2b40
[  136.358942][ T7676]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  136.364960][ T7676]  ? __pfx_gup_fast_fallback+0x10/0x10
[  136.370454][ T7676]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  136.376447][ T7676]  ? __pfx___schedule+0x10/0x10
[  136.381297][ T7676]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  136.387284][ T7676]  ? is_valid_gup_args+0x124/0x200
[  136.392391][ T7676]  pin_user_pages_fast+0xcc/0x160
[  136.397413][ T7676]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  136.403084][ T7676]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  136.409806][ T7676]  iov_iter_extract_pages+0x3db/0x720
[  136.415205][ T7676]  extract_iter_to_sg+0x890/0x22b0
[  136.420342][ T7676]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  136.426451][ T7676]  ? unpin_user_page+0xe0/0x1e0
[  136.431315][ T7676]  ? __pfx_unpin_user_page+0x10/0x10
[  136.436620][ T7676]  ? __local_bh_enable_ip+0x168/0x200
[  136.442336][ T7676]  ? __asan_memset+0x23/0x50
[  136.446920][ T7676]  ? __asan_memset+0x23/0x50
[  136.452137][ T7676]  hash_sendmsg+0x513/0x1110
[  136.456760][ T7676]  ? __pfx_hash_sendmsg+0x10/0x10
[  136.461779][ T7676]  __sock_sendmsg+0x221/0x270
[  136.466462][ T7676]  __sys_sendto+0x3a4/0x4f0
[  136.470987][ T7676]  ? __pfx___sys_sendto+0x10/0x10
[  136.476025][ T7676]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  136.482003][ T7676]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  136.488332][ T7676]  __x64_sys_sendto+0xde/0x100
[  136.493096][ T7676]  do_syscall_64+0xf3/0x230
[  136.497601][ T7676]  ? clear_bhb_loop+0x35/0x90
[  136.502271][ T7676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.509032][ T7676] RIP: 0033:0x7fd266f75b99
[  136.514086][ T7676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.534578][ T7676] RSP: 002b:00007fd267de8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  136.543316][ T7676] RAX: ffffffffffffffda RBX: 00007fd267103f60 RCX: 00007fd266f75b99
[  136.551312][ T7676] RDX: fffffffffffffe20 RSI: 00000000200002c0 RDI: 0000000000000004
[  136.559311][ T7676] RBP: 00007fd267de80a0 R08: 0000000000000000 R09: 0000000000000000
[  136.567296][ T7676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.575808][ T7676] R13: 000000000000000b R14: 00007fd267103f60 R15: 00007ffd8238a308
[  136.583822][ T7676]  </TASK>
[  136.605379][ T5101] Bluetooth: hci1: command tx timeout
[  136.700505][ T7450] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  136.737432][ T7450] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  136.790515][ T7450] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  136.844899][ T7684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.654'.
[  136.893427][ T7651] chnl_net:caif_netlink_parms(): no params data found
[  136.905810][ T7450] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  136.945635][ T7685] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  137.109600][ T7688] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.136664][ T7694] netlink: 16 bytes leftover after parsing attributes in process `syz.2.653'.
[  137.176096][ T7688] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.399436][ T5101] Bluetooth: hci0: command tx timeout
[  137.412208][ T2817] dvmrp0 (unregistering): left allmulticast mode
[  137.573054][ T2817] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  137.588094][ T2817] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  137.603966][ T2817] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  137.616656][ T2817] bond0 (unregistering): Released all slaves
[  137.725505][ T7714] FAULT_INJECTION: forcing a failure.
[  137.725505][ T7714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.739273][ T7714] CPU: 0 PID: 7714 Comm: syz.3.658 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  137.749548][ T7714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  137.759639][ T7714] Call Trace:
[  137.762925][ T7714]  <TASK>
[  137.766046][ T7714]  dump_stack_lvl+0x241/0x360
[  137.770744][ T7714]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.775942][ T7714]  ? __pfx__printk+0x10/0x10
[  137.780606][ T7714]  ? __pfx_lock_release+0x10/0x10
[  137.785651][ T7714]  ? rcu_is_watching+0x15/0xb0
[  137.790449][ T7714]  should_fail_ex+0x3b0/0x4e0
[  137.795153][ T7714]  _copy_from_iter+0x1f6/0x1960
[  137.800043][ T7714]  ? alloc_pages_mpol_noprof+0x417/0x680
[  137.805686][ T7714]  ? __pfx__copy_from_iter+0x10/0x10
[  137.810984][ T7714]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  137.817083][ T7714]  ? alloc_pages_noprof+0xef/0x170
[  137.822906][ T7714]  ? page_copy_sane+0x46/0x260
[  137.827682][ T7714]  copy_page_from_iter+0x7a/0x100
[  137.832747][ T7714]  tun_get_user+0x1f48/0x4560
[  137.837441][ T7714]  ? tun_get_user+0x84c/0x4560
[  137.842254][ T7714]  ? __pfx_tun_get_user+0x10/0x10
[  137.847288][ T7714]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  137.852747][ T7714]  ? tun_get+0x1e/0x2f0
[  137.856938][ T7714]  ? tun_get+0x1e/0x2f0
[  137.861107][ T7714]  ? tun_get+0x27d/0x2f0
[  137.865432][ T7714]  tun_chr_write_iter+0x113/0x1f0
[  137.870484][ T7714]  vfs_write+0xa72/0xc90
[  137.874795][ T7714]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  137.880352][ T7714]  ? __pfx_vfs_write+0x10/0x10
[  137.885153][ T7714]  ksys_write+0x1a0/0x2c0
[  137.889510][ T7714]  ? __pfx_ksys_write+0x10/0x10
[  137.894363][ T7714]  ? do_syscall_64+0x100/0x230
[  137.899215][ T7714]  ? do_syscall_64+0xb6/0x230
[  137.903899][ T7714]  do_syscall_64+0xf3/0x230
[  137.908462][ T7714]  ? clear_bhb_loop+0x35/0x90
[  137.913134][ T7714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.919025][ T7714] RIP: 0033:0x7fd266f7471f
[  137.923539][ T7714] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  137.943259][ T7714] RSP: 002b:00007fd267de8010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  137.951719][ T7714] RAX: ffffffffffffffda RBX: 00007fd267103f60 RCX: 00007fd266f7471f
[  137.959786][ T7714] RDX: 00000000000000ae RSI: 0000000020000080 RDI: 00000000000000c8
[  137.967961][ T7714] RBP: 00007fd267de80a0 R08: 0000000000000000 R09: 0000000000000000
[  137.975953][ T7714] R10: 00000000000000ae R11: 0000000000000293 R12: 0000000000000001
[  137.983918][ T7714] R13: 000000000000000b R14: 00007fd267103f60 R15: 00007ffd8238a308
[  137.991916][ T7714]  </TASK>
[  138.042677][ T7651] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.082341][ T7651] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.102597][ T7651] bridge_slave_0: entered allmulticast mode
[  138.125006][ T7651] bridge_slave_0: entered promiscuous mode
[  138.144974][ T7651] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.167761][ T7651] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.187726][ T7651] bridge_slave_1: entered allmulticast mode
[  138.208695][ T7651] bridge_slave_1: entered promiscuous mode
[  138.401394][ T7724] netlink: 'syz.3.661': attribute type 10 has an invalid length.
[  138.439974][ T7724] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  138.488209][ T7651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  138.531511][ T7651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  138.638767][ T7742] netlink: 44 bytes leftover after parsing attributes in process `syz.3.666'.
[  138.653798][ T7743] netlink: 44 bytes leftover after parsing attributes in process `syz.3.666'.
[  138.687856][ T5101] Bluetooth: hci1: command tx timeout
[  138.953449][ T7651] team0: Port device team_slave_0 added
[  139.221797][ T7771] netlink: 4 bytes leftover after parsing attributes in process `syz.1.669'.
[  139.249286][ T7651] team0: Port device team_slave_1 added
[  139.263718][ T7751] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  139.309589][ T7759] bridge0: port 3(team0) entered disabled state
[  139.317300][ T7759] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.324970][ T7759] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.342138][ T7769] netlink: 16 bytes leftover after parsing attributes in process `syz.3.668'.
[  139.399326][ T7651] batman_adv: batadv0: Adding interface: batadv_slave_0
[  139.416150][ T7651] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.450352][ T7651] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  139.472193][ T7651] batman_adv: batadv0: Adding interface: batadv_slave_1
[  139.480858][ T7651] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.507338][ T5101] Bluetooth: hci0: command tx timeout
[  139.522647][ T7651] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  139.563185][ T2817] hsr_slave_0: left promiscuous mode
[  139.582372][ T2817] hsr_slave_1: left promiscuous mode
[  139.592173][ T2817] batman_adv: batadv0: Removing interface: team0
[  139.600754][ T2817] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.609415][ T2817] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.623422][ T2817] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.633923][ T2817] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.676772][ T2817] veth1_macvtap: left promiscuous mode
[  139.693363][ T2817] veth1_vlan: left promiscuous mode
[  139.701730][ T2817] veth0_vlan: left promiscuous mode
[  140.099979][ T7796] netlink: 'syz.2.674': attribute type 11 has an invalid length.
[  140.128889][ T7796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.674'.
[  140.725146][ T2817] team0 (unregistering): Port device team_slave_1 removed
[  140.801142][ T2817] team0 (unregistering): Port device team_slave_0 removed
[  141.371629][ T7834] netlink: 'syz.2.676': attribute type 10 has an invalid length.
[  141.400306][ T7834] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  141.408097][ T7834] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  141.416318][ T7834] team0: Port device netdevsim0 added
[  141.461449][ T7836] netlink: 'syz.2.676': attribute type 10 has an invalid length.
[  141.513399][ T7836] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  141.526365][ T7836] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  141.548571][ T7836] team0: Port device netdevsim0 removed
[  141.557362][ T5101] Bluetooth: hci0: command tx timeout
[  141.559739][ T7836] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  141.596383][ T7651] hsr_slave_0: entered promiscuous mode
[  141.609067][ T7651] hsr_slave_1: entered promiscuous mode
[  141.616213][ T7834] netlink: 'syz.2.676': attribute type 39 has an invalid length.
[  141.682542][ T7450] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.814131][ T7450] 8021q: adding VLAN 0 to HW filter on device team0
[  141.881019][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.888258][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  142.030241][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.037444][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.139468][ T2817] IPVS: stop unused estimator thread 0...
[  142.287120][ T7870] netlink: 16 bytes leftover after parsing attributes in process `syz.1.682'.
[  142.392753][ T7856] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  142.822482][ T7450] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.882199][ T7651] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  142.901829][ T7651] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  142.919148][ T7651] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  142.944393][ T7651] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  143.044325][ T7903] netlink: 16 bytes leftover after parsing attributes in process `syz.3.688'.
[  143.076289][ T7896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  143.153774][ T7899] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  143.192298][ T7906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.689'.
[  143.228230][ T7906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.689'.
[  143.242480][ T7906] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  143.264306][ T7906] (unnamed net_device) (uninitialized): option arp_validate: invalid value (103)
[  143.310123][ T7651] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.369478][ T7651] 8021q: adding VLAN 0 to HW filter on device team0
[  143.396485][ T5140] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.403713][ T5140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.415602][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.422948][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.481394][ T7450] veth0_vlan: entered promiscuous mode
[  143.536185][ T7450] veth1_vlan: entered promiscuous mode
[  143.602392][ T7926] netlink: 'syz.1.694': attribute type 84 has an invalid length.
[  143.635672][ T7450] veth0_macvtap: entered promiscuous mode
[  143.637358][ T5101] Bluetooth: hci0: command tx timeout
[  143.676995][ T7450] veth1_macvtap: entered promiscuous mode
[  143.741237][ T7450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.781807][ T7450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.813334][ T7450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.835563][ T7450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.846583][ T7450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  143.857852][ T7450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.870837][ T7450] batman_adv: batadv0: Interface activated: batadv_slave_0
[  143.896196][ T7450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.906967][ T7450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.922896][ T7450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.934287][ T7450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.944668][ T7450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  143.955652][ T7450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  143.975368][ T7450] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.049718][ T7450] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.081009][ T7450] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.097871][ T7450] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.115272][ T7450] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.136506][ T7941] netlink: 16 bytes leftover after parsing attributes in process `syz.3.698'.
[  144.175726][ T7941] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  144.186771][ T7953] netlink: 16 bytes leftover after parsing attributes in process `syz.2.701'.
[  144.244917][ T7651] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.344811][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.361615][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.385426][ T7651] veth0_vlan: entered promiscuous mode
[  144.392860][ T7956] FAULT_INJECTION: forcing a failure.
[  144.392860][ T7956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  144.406891][ T7956] CPU: 1 PID: 7956 Comm: syz.1.702 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  144.416910][ T7956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  144.426981][ T7956] Call Trace:
[  144.430261][ T7956]  <TASK>
[  144.433186][ T7956]  dump_stack_lvl+0x241/0x360
[  144.437865][ T7956]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.443059][ T7956]  ? __pfx__printk+0x10/0x10
[  144.447670][ T7956]  should_fail_ex+0x3b0/0x4e0
[  144.452372][ T7956]  _copy_from_user+0x2f/0xe0
[  144.456973][ T7956]  copy_from_sockptr+0x62/0xa0
[  144.461741][ T7956]  packet_setsockopt+0xb3c/0x1970
[  144.466761][ T7956]  ? __pfx___might_resched+0x10/0x10
[  144.472047][ T7956]  ? __pfx_packet_setsockopt+0x10/0x10
[  144.477513][ T7956]  ? aa_sk_perm+0x967/0xab0
[  144.482018][ T7956]  ? __pfx_aa_sk_perm+0x10/0x10
[  144.486865][ T7956]  ? __pfx_lock_acquire+0x10/0x10
[  144.491888][ T7956]  ? aa_sock_opt_perm+0x79/0x120
[  144.496860][ T7956]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  144.502397][ T7956]  ? security_socket_setsockopt+0x87/0xb0
[  144.508114][ T7956]  ? __pfx_packet_setsockopt+0x10/0x10
[  144.513578][ T7956]  do_sock_setsockopt+0x3af/0x720
[  144.518605][ T7956]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  144.524144][ T7956]  ? __fget_files+0x29/0x470
[  144.528737][ T7956]  ? __fget_files+0x3f6/0x470
[  144.533414][ T7956]  __sys_setsockopt+0x1ae/0x250
[  144.538280][ T7956]  __x64_sys_setsockopt+0xb5/0xd0
[  144.543321][ T7956]  do_syscall_64+0xf3/0x230
[  144.547839][ T7956]  ? clear_bhb_loop+0x35/0x90
[  144.552520][ T7956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.558411][ T7956] RIP: 0033:0x7f6d9a575b99
[  144.562820][ T7956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.582419][ T7956] RSP: 002b:00007f6d9b378048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  144.590829][ T7956] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a575b99
[  144.598795][ T7956] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000003
[  144.606840][ T7956] RBP: 00007f6d9b3780a0 R08: 000000000000001c R09: 0000000000000000
[  144.614802][ T7956] R10: 0000000020000540 R11: 0000000000000246 R12: 0000000000000001
[  144.623024][ T7956] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  144.631000][ T7956]  </TASK>
[  144.694315][ T7651] veth1_vlan: entered promiscuous mode
[  144.708934][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.724873][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.822434][ T7651] veth0_macvtap: entered promiscuous mode
[  144.905032][ T7962] ip_vti0: entered promiscuous mode
[  144.914302][ T7962] vlan2: entered promiscuous mode
[  144.925125][ T7962] ip_vti0: left promiscuous mode
[  144.954056][ T7651] veth1_macvtap: entered promiscuous mode
[  144.988514][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.008381][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.026961][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.038556][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.057371][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.079133][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.101615][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.115325][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.132850][ T7973] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.135638][ T7651] batman_adv: batadv0: Interface activated: batadv_slave_0
[  145.166706][ T7968] netlink: 16 bytes leftover after parsing attributes in process `syz.1.707'.
[  145.196435][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.211627][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.228178][ T7968] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.242257][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.256880][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.277547][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.286216][ T7980] netlink: 16 bytes leftover after parsing attributes in process `syz.3.712'.
[  145.294962][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.307395][ T7651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.321564][ T7651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.333443][ T7651] batman_adv: batadv0: Interface activated: batadv_slave_1
[  145.359675][ T7651] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.369239][ T7651] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.379716][ T7651] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.388994][ T7651] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.514710][ T2817] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.530810][ T2817] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.561599][ T2817] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.570777][ T2817] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.656424][ T7991] Bluetooth: hci3: invalid length 0, exp 2 for type 22
[  145.713269][ T7997] netlink: 8 bytes leftover after parsing attributes in process `syz.0.717'.
[  145.759014][ T8000] Bluetooth: MGMT ver 1.22
[  145.895104][ T2419] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.712235][ T2419] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.768994][ T8018] netlink: 16 bytes leftover after parsing attributes in process `syz.3.721'.
[  146.780923][ T8010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  146.821469][ T2419] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.841919][ T8010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  146.853538][ T5090] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  146.863704][ T5090] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  146.872054][ T5090] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  146.883164][ T5090] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  146.903146][ T5090] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  146.913337][ T5090] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  146.923737][ T2419] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.951904][ T8020] netlink: 'syz.0.723': attribute type 29 has an invalid length.
[  146.974167][ T8020] netlink: 'syz.0.723': attribute type 29 has an invalid length.
[  146.985274][ T8020] netlink: 'syz.0.723': attribute type 29 has an invalid length.
[  147.008327][ T8020] netlink: 'syz.0.723': attribute type 29 has an invalid length.
[  147.016903][ T8020] netlink: 'syz.0.723': attribute type 29 has an invalid length.
[  147.035869][ T8020] unsupported nlmsg_type 40
[  147.052395][ T8020] xt_l2tp: missing protocol rule (udp|l2tpip)
[  147.146386][ T2419] bridge_slave_1: left allmulticast mode
[  147.152315][ T2419] bridge_slave_1: left promiscuous mode
[  147.159047][ T2419] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.170823][ T2419] bridge_slave_0: left allmulticast mode
[  147.176688][ T2419] bridge_slave_0: left promiscuous mode
[  147.183478][ T2419] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.584651][ T8046] FAULT_INJECTION: forcing a failure.
[  147.584651][ T8046] name failslab, interval 1, probability 0, space 0, times 0
[  147.597818][ T8046] CPU: 0 PID: 8046 Comm: syz.1.729 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  147.607830][ T8046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  147.617903][ T8046] Call Trace:
[  147.621203][ T8046]  <TASK>
[  147.624139][ T8046]  dump_stack_lvl+0x241/0x360
[  147.628813][ T8046]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.634004][ T8046]  ? __pfx__printk+0x10/0x10
[  147.638586][ T8046]  ? netlink_insert+0x10b7/0x14b0
[  147.643601][ T8046]  should_fail_ex+0x3b0/0x4e0
[  147.648268][ T8046]  ? __alloc_skb+0x1c3/0x440
[  147.652849][ T8046]  should_failslab+0x9/0x20
[  147.657365][ T8046]  kmem_cache_alloc_node_noprof+0x71/0x320
[  147.663195][ T8046]  __alloc_skb+0x1c3/0x440
[  147.667612][ T8046]  ? __pfx___alloc_skb+0x10/0x10
[  147.672541][ T8046]  ? netlink_autobind+0xd6/0x2f0
[  147.677472][ T8046]  ? netlink_autobind+0x2b0/0x2f0
[  147.682491][ T8046]  netlink_sendmsg+0x631/0xcb0
[  147.687253][ T8046]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.692534][ T8046]  ? __import_iovec+0x536/0x820
[  147.697369][ T8046]  ? aa_sock_msg_perm+0x91/0x160
[  147.702311][ T8046]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  147.707590][ T8046]  ? security_socket_sendmsg+0x87/0xb0
[  147.713053][ T8046]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.718329][ T8046]  __sock_sendmsg+0x221/0x270
[  147.723001][ T8046]  ____sys_sendmsg+0x525/0x7d0
[  147.727763][ T8046]  ? __pfx_____sys_sendmsg+0x10/0x10
[  147.733054][ T8046]  __sys_sendmsg+0x2b0/0x3a0
[  147.737637][ T8046]  ? __pfx___sys_sendmsg+0x10/0x10
[  147.742734][ T8046]  ? vfs_write+0x7c4/0xc90
[  147.747169][ T8046]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  147.753488][ T8046]  ? do_syscall_64+0x100/0x230
[  147.758249][ T8046]  ? do_syscall_64+0xb6/0x230
[  147.762923][ T8046]  do_syscall_64+0xf3/0x230
[  147.767424][ T8046]  ? clear_bhb_loop+0x35/0x90
[  147.772093][ T8046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.777984][ T8046] RIP: 0033:0x7f6d9a575b99
[  147.782397][ T8046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.801991][ T8046] RSP: 002b:00007f6d9b378048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.810400][ T8046] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a575b99
[  147.818367][ T8046] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000003
[  147.826326][ T8046] RBP: 00007f6d9b3780a0 R08: 0000000000000000 R09: 0000000000000000
[  147.834295][ T8046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.842251][ T8046] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  147.850231][ T8046]  </TASK>
[  147.861769][ T5101] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  147.870919][ T5101] Bluetooth: hci0: command 0x0c1a tx timeout
[  147.926645][ T2419] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.941481][ T2419] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.954095][ T2419] bond0 (unregistering): Released all slaves
[  147.984743][ T8037] bond0: (slave netdevsim0): Releasing backup interface
[  148.003271][ T8037] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  148.239826][ T8053] __nla_validate_parse: 1 callbacks suppressed
[  148.239846][ T8053] netlink: 16 bytes leftover after parsing attributes in process `syz.1.730'.
[  148.269781][ T8052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.364666][ T8052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.447767][ T2419] hsr_slave_0: left promiscuous mode
[  148.470616][ T2419] hsr_slave_1: left promiscuous mode
[  148.472535][ T8071] Cannot find add_set index 0 as target
[  148.494138][ T2419] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.501795][ T2419] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.523839][ T2419] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.533335][ T2419] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.569210][ T2419] veth1_macvtap: left promiscuous mode
[  148.575235][ T2419] veth0_macvtap: left promiscuous mode
[  148.582094][ T2419] veth1_vlan: left promiscuous mode
[  148.588740][ T2419] veth0_vlan: left promiscuous mode
[  148.773646][ T8080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.860133][ T8090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.997787][ T5101] Bluetooth: hci1: command tx timeout
[  149.030518][ T8096] netlink: 8 bytes leftover after parsing attributes in process `syz.1.739'.
[  149.040784][ T8096] FAULT_INJECTION: forcing a failure.
[  149.040784][ T8096] name failslab, interval 1, probability 0, space 0, times 0
[  149.058011][ T8096] CPU: 1 PID: 8096 Comm: syz.1.739 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  149.068037][ T8096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  149.078122][ T8096] Call Trace:
[  149.081421][ T8096]  <TASK>
[  149.084362][ T8096]  dump_stack_lvl+0x241/0x360
[  149.089064][ T8096]  ? __pfx_dump_stack_lvl+0x10/0x10
[  149.094271][ T8096]  ? __pfx__printk+0x10/0x10
[  149.098880][ T8096]  should_fail_ex+0x3b0/0x4e0
[  149.103544][ T8096]  ? __alloc_skb+0x1c3/0x440
[  149.108137][ T8096]  should_failslab+0x9/0x20
[  149.112667][ T8096]  kmem_cache_alloc_node_noprof+0x71/0x320
[  149.118477][ T8096]  __alloc_skb+0x1c3/0x440
[  149.122892][ T8096]  ? __pfx___alloc_skb+0x10/0x10
[  149.127821][ T8096]  ? nla_policy_len+0x320/0x330
[  149.132667][ T8096]  netlbl_mgmt_listdef+0xa7/0x530
[  149.137694][ T8096]  genl_rcv_msg+0xb14/0xec0
[  149.142185][ T8096]  ? mark_lock+0x9a/0x350
[  149.146511][ T8096]  ? __pfx_genl_rcv_msg+0x10/0x10
[  149.151546][ T8096]  ? __pfx_lock_acquire+0x10/0x10
[  149.156562][ T8096]  ? __pfx_netlbl_mgmt_listdef+0x10/0x10
[  149.162213][ T8096]  ? __pfx___might_resched+0x10/0x10
[  149.167512][ T8096]  netlink_rcv_skb+0x1e3/0x430
[  149.172280][ T8096]  ? __pfx_genl_rcv_msg+0x10/0x10
[  149.177308][ T8096]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  149.182623][ T8096]  genl_rcv+0x28/0x40
[  149.186596][ T8096]  netlink_unicast+0x7ea/0x980
[  149.191363][ T8096]  ? __pfx_netlink_unicast+0x10/0x10
[  149.196664][ T8096]  ? __virt_addr_valid+0x183/0x520
[  149.201771][ T8096]  ? __check_object_size+0x49c/0x900
[  149.207053][ T8096]  ? bpf_lsm_netlink_send+0x9/0x10
[  149.212164][ T8096]  netlink_sendmsg+0x8db/0xcb0
[  149.216931][ T8096]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.222209][ T8096]  ? __import_iovec+0x536/0x820
[  149.227054][ T8096]  ? aa_sock_msg_perm+0x91/0x160
[  149.231988][ T8096]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  149.237313][ T8096]  ? security_socket_sendmsg+0x87/0xb0
[  149.242773][ T8096]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.248060][ T8096]  __sock_sendmsg+0x221/0x270
[  149.252737][ T8096]  ____sys_sendmsg+0x525/0x7d0
[  149.257509][ T8096]  ? __pfx_____sys_sendmsg+0x10/0x10
[  149.262799][ T8096]  __sys_sendmsg+0x2b0/0x3a0
[  149.267381][ T8096]  ? __pfx___sys_sendmsg+0x10/0x10
[  149.272492][ T8096]  ? vfs_write+0x7c4/0xc90
[  149.276933][ T8096]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  149.283258][ T8096]  ? do_syscall_64+0x100/0x230
[  149.288024][ T8096]  ? do_syscall_64+0xb6/0x230
[  149.292697][ T8096]  do_syscall_64+0xf3/0x230
[  149.297197][ T8096]  ? clear_bhb_loop+0x35/0x90
[  149.301863][ T8096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.307765][ T8096] RIP: 0033:0x7f6d9a575b99
[  149.312177][ T8096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.331867][ T8096] RSP: 002b:00007f6d9b378048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.340365][ T8096] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a575b99
[  149.348329][ T8096] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000006
[  149.356285][ T8096] RBP: 00007f6d9b3780a0 R08: 0000000000000000 R09: 0000000000000000
[  149.364245][ T8096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.372204][ T8096] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  149.380180][ T8096]  </TASK>
[  149.518998][ T2419] team0 (unregistering): Port device team_slave_1 removed
[  149.551455][ T2419] team0 (unregistering): Port device team_slave_0 removed
[  149.889858][ T8083] netlink: 16 bytes leftover after parsing attributes in process `syz.3.736'.
[  149.899230][ T8089] bridge0: entered allmulticast mode
[  149.906215][ T8093] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  149.943302][ T8023] chnl_net:caif_netlink_parms(): no params data found
[  150.046274][ T8101] FAULT_INJECTION: forcing a failure.
[  150.046274][ T8101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.068264][ T8101] CPU: 1 PID: 8101 Comm: syz.0.741 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  150.078299][ T8101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  150.088386][ T8101] Call Trace:
[  150.091689][ T8101]  <TASK>
[  150.094636][ T8101]  dump_stack_lvl+0x241/0x360
[  150.099351][ T8101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.104590][ T8101]  ? __pfx__printk+0x10/0x10
[  150.109217][ T8101]  ? bpf_cgroup_storage_free+0x8f/0xb0
[  150.114705][ T8101]  ? __pfx_lock_release+0x10/0x10
[  150.119758][ T8101]  ? bpf_test_run+0x840/0x910
[  150.124470][ T8101]  should_fail_ex+0x3b0/0x4e0
[  150.129189][ T8101]  _copy_to_user+0x2f/0xb0
[  150.133635][ T8101]  bpf_test_finish+0x593/0x8b0
[  150.138436][ T8101]  ? __might_fault+0xaa/0x120
[  150.143158][ T8101]  ? __pfx_bpf_test_finish+0x10/0x10
[  150.148479][ T8101]  ? _copy_from_user+0xa6/0xe0
[  150.153272][ T8101]  ? bpf_test_init+0x15a/0x180
[  150.158078][ T8101]  bpf_prog_test_run_xdp+0x905/0x11b0
[  150.163487][ T8101]  ? __pfx_lock_release+0x10/0x10
[  150.168555][ T8101]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.174391][ T8101]  ? __fget_files+0x29/0x470
[  150.179010][ T8101]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  150.184823][ T8101]  bpf_prog_test_run+0x33a/0x3b0
[  150.189760][ T8101]  __sys_bpf+0x48d/0x810
[  150.194006][ T8101]  ? __pfx___sys_bpf+0x10/0x10
[  150.198775][ T8101]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  150.204758][ T8101]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  150.211094][ T8101]  ? do_syscall_64+0x100/0x230
[  150.215861][ T8101]  __x64_sys_bpf+0x7c/0x90
[  150.220282][ T8101]  do_syscall_64+0xf3/0x230
[  150.224779][ T8101]  ? clear_bhb_loop+0x35/0x90
[  150.229446][ T8101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.235352][ T8101] RIP: 0033:0x7f1d12175b99
[  150.239759][ T8101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.259358][ T8101] RSP: 002b:00007f1d12e8d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.267764][ T8101] RAX: ffffffffffffffda RBX: 00007f1d12303f60 RCX: 00007f1d12175b99
[  150.275742][ T8101] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a
[  150.283712][ T8101] RBP: 00007f1d12e8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  150.291700][ T8101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.299663][ T8101] R13: 000000000000000b R14: 00007f1d12303f60 R15: 00007ffcd091a6f8
[  150.307640][ T8101]  </TASK>
[  150.311011][ T5101] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.321586][ T5090] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  150.372415][ T8023] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.385364][ T8023] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.407746][ T8023] bridge_slave_0: entered allmulticast mode
[  150.421975][ T8023] bridge_slave_0: entered promiscuous mode
[  150.469611][ T8023] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.484473][ T8120] Cannot find add_set index 0 as target
[  150.490639][ T8023] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.507296][ T8023] bridge_slave_1: entered allmulticast mode
[  150.522155][ T8023] bridge_slave_1: entered promiscuous mode
[  150.663747][ T8023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  150.709933][ T8023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  150.782983][ T8023] team0: Port device team_slave_0 added
[  150.806114][ T8023] team0: Port device team_slave_1 added
[  150.878769][ T8023] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.896536][ T8023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.926809][ T8023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.955423][ T8023] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.971785][ T8023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  151.001115][ T8023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  151.074797][ T8150] netlink: 16 bytes leftover after parsing attributes in process `syz.2.754'.
[  151.083832][ T5101] Bluetooth: hci1: command tx timeout
[  151.110600][ T8144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  151.151632][ T8023] hsr_slave_0: entered promiscuous mode
[  151.167894][ T8023] hsr_slave_1: entered promiscuous mode
[  151.176128][ T8147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  151.177565][ T8023] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  151.193847][ T8023] Cannot create hsr debugfs directory
[  151.332342][ T8152] netlink: 16 bytes leftover after parsing attributes in process `syz.3.756'.
[  151.364987][ T8152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  151.458548][ T8156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  151.476811][ T8167] netlink: 244 bytes leftover after parsing attributes in process `syz.0.762'.
[  151.488758][ T8167] FAULT_INJECTION: forcing a failure.
[  151.488758][ T8167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.502374][ T8167] CPU: 1 PID: 8167 Comm: syz.0.762 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  151.512389][ T8167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  151.522458][ T8167] Call Trace:
[  151.525753][ T8167]  <TASK>
[  151.528679][ T8167]  dump_stack_lvl+0x241/0x360
[  151.533352][ T8167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.538555][ T8167]  ? __pfx__printk+0x10/0x10
[  151.543150][ T8167]  ? __pfx_lock_release+0x10/0x10
[  151.548171][ T8167]  ? __lock_acquire+0x1346/0x1fd0
[  151.553220][ T8167]  should_fail_ex+0x3b0/0x4e0
[  151.557986][ T8167]  _copy_from_user+0x2f/0xe0
[  151.562570][ T8167]  kstrtouint_from_user+0xc6/0x190
[  151.567678][ T8167]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  151.573397][ T8167]  ? __pfx_lock_acquire+0x10/0x10
[  151.578422][ T8167]  proc_fail_nth_write+0xaa/0x2d0
[  151.583437][ T8167]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  151.589324][ T8167]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  151.594953][ T8167]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  151.600579][ T8167]  vfs_write+0x2a2/0xc90
[  151.604823][ T8167]  ? __pfx_vfs_write+0x10/0x10
[  151.609585][ T8167]  ? __fget_files+0x29/0x470
[  151.614170][ T8167]  ? __fget_files+0x3f6/0x470
[  151.618854][ T8167]  ksys_write+0x1a0/0x2c0
[  151.623183][ T8167]  ? __pfx_ksys_write+0x10/0x10
[  151.628026][ T8167]  ? do_syscall_64+0x100/0x230
[  151.632788][ T8167]  ? do_syscall_64+0xb6/0x230
[  151.637461][ T8167]  do_syscall_64+0xf3/0x230
[  151.641966][ T8167]  ? clear_bhb_loop+0x35/0x90
[  151.646657][ T8167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.652552][ T8167] RIP: 0033:0x7f1d1217471f
[  151.656962][ T8167] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  151.676560][ T8167] RSP: 002b:00007f1d12e8d040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  151.684969][ T8167] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1d1217471f
[  151.692932][ T8167] RDX: 0000000000000001 RSI: 00007f1d12e8d0b0 RDI: 0000000000000004
[  151.700892][ T8167] RBP: 00007f1d12e8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  151.708857][ T8167] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  151.716816][ T8167] R13: 000000000000000b R14: 00007f1d12303f60 R15: 00007ffcd091a6f8
[  151.724794][ T8167]  </TASK>
[  151.808940][ T8176] Cannot find set identified by id 0 to match
[  152.078813][ T8023] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  152.091712][ T8023] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  152.109148][ T8023] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  152.135787][ T8023] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  152.185543][ T8197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.772'.
[  152.303191][ T8199] netlink: 4 bytes leftover after parsing attributes in process `syz.2.773'.
[  152.305180][ T8201] netlink: 'syz.3.774': attribute type 1 has an invalid length.
[  152.343521][ T8201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.774'.
[  152.455135][ T8023] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.534472][ T8023] 8021q: adding VLAN 0 to HW filter on device team0
[  152.552288][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.559530][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.593499][ T8211] FAULT_INJECTION: forcing a failure.
[  152.593499][ T8211] name failslab, interval 1, probability 0, space 0, times 0
[  152.604006][ T8207] netlink: 'syz.3.776': attribute type 2 has an invalid length.
[  152.615934][ T5101] Bluetooth: hci0: command 0x0c1a tx timeout
[  152.615985][ T8211] CPU: 0 PID: 8211 Comm: syz.2.778 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  152.622882][ T5090] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  152.631865][ T8211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  152.631879][ T8211] Call Trace:
[  152.631887][ T8211]  <TASK>
[  152.631897][ T8211]  dump_stack_lvl+0x241/0x360
[  152.631931][ T8211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.664080][ T8211]  ? __pfx__printk+0x10/0x10
[  152.668688][ T8211]  ? __pfx___might_resched+0x10/0x10
[  152.673970][ T8211]  ? trace_contention_end+0x3c/0x120
[  152.679255][ T8211]  ? __mutex_lock+0x2ef/0xd70
[  152.683966][ T8211]  should_fail_ex+0x3b0/0x4e0
[  152.688645][ T8211]  ? genl_start+0x1cb/0x6d0
[  152.693139][ T8211]  should_failslab+0x9/0x20
[  152.697638][ T8211]  kmalloc_trace_noprof+0x6c/0x2c0
[  152.702765][ T8211]  genl_start+0x1cb/0x6d0
[  152.707102][ T8211]  __netlink_dump_start+0x45c/0x780
[  152.712319][ T8211]  genl_rcv_msg+0x88c/0xec0
[  152.716815][ T8211]  ? mark_lock+0x9a/0x350
[  152.721146][ T8211]  ? __pfx_genl_rcv_msg+0x10/0x10
[  152.726167][ T8211]  ? __pfx_genl_start+0x10/0x10
[  152.731046][ T8211]  ? __pfx_genl_dumpit+0x10/0x10
[  152.735978][ T8211]  ? __pfx_genl_done+0x10/0x10
[  152.740745][ T8211]  ? __pfx_lock_acquire+0x10/0x10
[  152.745763][ T8211]  ? __pfx_nl80211_dump_wiphy+0x10/0x10
[  152.751302][ T8211]  ? __pfx_nl80211_dump_wiphy_done+0x10/0x10
[  152.757284][ T8211]  ? __pfx___might_resched+0x10/0x10
[  152.762579][ T8211]  netlink_rcv_skb+0x1e3/0x430
[  152.767341][ T8211]  ? __pfx_genl_rcv_msg+0x10/0x10
[  152.772362][ T8211]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  152.777654][ T8211]  ? __netlink_deliver_tap+0x77e/0x7c0
[  152.783121][ T8211]  genl_rcv+0x28/0x40
[  152.787098][ T8211]  netlink_unicast+0x7ea/0x980
[  152.791864][ T8211]  ? __pfx_netlink_unicast+0x10/0x10
[  152.797142][ T8211]  ? __virt_addr_valid+0x183/0x520
[  152.802250][ T8211]  ? __check_object_size+0x49c/0x900
[  152.807533][ T8211]  ? bpf_lsm_netlink_send+0x9/0x10
[  152.812645][ T8211]  netlink_sendmsg+0x8db/0xcb0
[  152.817415][ T8211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.822696][ T8211]  ? __import_iovec+0x536/0x820
[  152.827538][ T8211]  ? aa_sock_msg_perm+0x91/0x160
[  152.832473][ T8211]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  152.837747][ T8211]  ? security_socket_sendmsg+0x87/0xb0
[  152.843199][ T8211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.848492][ T8211]  __sock_sendmsg+0x221/0x270
[  152.853189][ T8211]  ____sys_sendmsg+0x525/0x7d0
[  152.857965][ T8211]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.863290][ T8211]  __sys_sendmsg+0x2b0/0x3a0
[  152.867897][ T8211]  ? __pfx___sys_sendmsg+0x10/0x10
[  152.873016][ T8211]  ? vfs_write+0x7c4/0xc90
[  152.877466][ T8211]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  152.883793][ T8211]  ? do_syscall_64+0x100/0x230
[  152.888558][ T8211]  ? do_syscall_64+0xb6/0x230
[  152.893233][ T8211]  do_syscall_64+0xf3/0x230
[  152.897737][ T8211]  ? clear_bhb_loop+0x35/0x90
[  152.902411][ T8211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.908303][ T8211] RIP: 0033:0x7f3e02f75b99
[  152.912713][ T8211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.932313][ T8211] RSP: 002b:00007f3e03ce4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.940720][ T8211] RAX: ffffffffffffffda RBX: 00007f3e03103f60 RCX: 00007f3e02f75b99
[  152.948684][ T8211] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  152.956646][ T8211] RBP: 00007f3e03ce40a0 R08: 0000000000000000 R09: 0000000000000000
[  152.964611][ T8211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.972600][ T8211] R13: 000000000000000b R14: 00007f3e03103f60 R15: 00007ffd90801968
[  152.980681][ T8211]  </TASK>
[  153.018869][ T8212] netlink: 'syz.3.776': attribute type 2 has an invalid length.
[  153.049416][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.056587][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.157413][ T5090] Bluetooth: hci1: command tx timeout
[  153.231846][ T8220] vlan2: entered promiscuous mode
[  153.241082][ T8220] batman_adv: batadv0: Adding interface: vlan2
[  153.249077][ T8220] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active
[  153.283203][ T8023] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  153.381046][ T8218] netlink: 'syz.2.781': attribute type 29 has an invalid length.
[  153.393244][ T8231] netlink: 12 bytes leftover after parsing attributes in process `syz.3.785'.
[  153.426116][ T8218] netlink: 'syz.2.781': attribute type 29 has an invalid length.
[  153.456021][ T8222] netlink: 'syz.2.781': attribute type 29 has an invalid length.
[  153.531280][ T8231] team0: Port device bridge2 added
[  153.538722][ T8218] netlink: 'syz.2.781': attribute type 29 has an invalid length.
[  153.571511][ T8239] netlink: 16 bytes leftover after parsing attributes in process `syz.0.784'.
[  153.596442][ T8243] netlink: 8 bytes leftover after parsing attributes in process `syz.3.785'.
[  153.608085][ T8227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.620844][ T8218] netlink: 256 bytes leftover after parsing attributes in process `syz.2.781'.
[  153.632061][ T8218] xt_l2tp: missing protocol rule (udp|l2tpip)
[  153.648401][ T8222] netlink: 'syz.2.781': attribute type 29 has an invalid length.
[  153.677565][ T8227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.853006][ T8023] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.030028][ T8265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.793'.
[  154.211448][ T8273] netlink: 12 bytes leftover after parsing attributes in process `syz.2.795'.
[  154.246175][ T8275] netlink: 12 bytes leftover after parsing attributes in process `syz.1.796'.
[  154.303515][ T8275] IPVS: Error joining to the multicast group
[  154.316803][ T8282] FAULT_INJECTION: forcing a failure.
[  154.316803][ T8282] name failslab, interval 1, probability 0, space 0, times 0
[  154.366301][ T8282] CPU: 0 PID: 8282 Comm: syz.3.798 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  154.376346][ T8282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  154.386517][ T8282] Call Trace:
[  154.389819][ T8282]  <TASK>
[  154.392764][ T8282]  dump_stack_lvl+0x241/0x360
[  154.397477][ T8282]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.402708][ T8282]  ? __pfx__printk+0x10/0x10
[  154.407336][ T8282]  ? __pfx___might_resched+0x10/0x10
[  154.412663][ T8282]  should_fail_ex+0x3b0/0x4e0
[  154.417385][ T8282]  ? nft_trans_table_add+0x53/0x270
[  154.422628][ T8282]  should_failslab+0x9/0x20
[  154.427167][ T8282]  kmalloc_trace_noprof+0x6c/0x2c0
[  154.432311][ T8282]  ? rhashtable_init_noprof+0x748/0xa60
[  154.437896][ T8282]  nft_trans_table_add+0x53/0x270
[  154.442954][ T8282]  nf_tables_newtable+0x10f6/0x1dc0
[  154.448198][ T8282]  ? __pfx_nf_tables_newtable+0x10/0x10
[  154.453784][ T8282]  ? __nla_parse+0x40/0x60
[  154.458224][ T8282]  nfnetlink_rcv+0x1427/0x2a80
[  154.463012][ T8282]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  154.469400][ T8282]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  154.474555][ T8282]  ? __dev_queue_xmit+0x2d2/0x3d30
[  154.479740][ T8282]  ? netlink_deliver_tap+0x2e/0x1b0
[  154.484972][ T8282]  ? skb_clone+0x240/0x390
[  154.489422][ T8282]  ? __pfx_lock_release+0x10/0x10
[  154.494487][ T8282]  ? netlink_deliver_tap+0x2e/0x1b0
[  154.499722][ T8282]  netlink_unicast+0x7ea/0x980
[  154.504527][ T8282]  ? __pfx_netlink_unicast+0x10/0x10
[  154.509846][ T8282]  ? __virt_addr_valid+0x183/0x520
[  154.514995][ T8282]  ? __check_object_size+0x49c/0x900
[  154.520309][ T8282]  ? bpf_lsm_netlink_send+0x9/0x10
[  154.525470][ T8282]  netlink_sendmsg+0x8db/0xcb0
[  154.530279][ T8282]  ? __pfx_netlink_sendmsg+0x10/0x10
[  154.535615][ T8282]  ? __mutex_trylock_common+0x183/0x2e0
[  154.541199][ T8282]  ? aa_sock_msg_perm+0x91/0x160
[  154.546168][ T8282]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  154.551473][ T8282]  ? security_socket_sendmsg+0x87/0xb0
[  154.556964][ T8282]  ? __pfx_netlink_sendmsg+0x10/0x10
[  154.560139][ T8023] veth0_vlan: entered promiscuous mode
[  154.562253][ T8282]  __sock_sendmsg+0x221/0x270
[  154.572495][ T8282]  sock_sendmsg+0x134/0x200
[  154.577035][ T8282]  ? __pfx_sock_sendmsg+0x10/0x10
[  154.582103][ T8282]  ? iov_iter_bvec+0x4e/0x180
[  154.586152][ T8023] veth1_vlan: entered promiscuous mode
[  154.586783][ T8282]  splice_to_socket+0xa13/0x10b0
[  154.597166][ T8282]  ? __pfx_lock_release+0x10/0x10
[  154.602240][ T8282]  ? __pfx_splice_to_socket+0x10/0x10
[  154.607757][ T8282]  ? __lock_acquire+0x1346/0x1fd0
[  154.612839][ T8282]  ? bpf_lsm_file_permission+0x9/0x10
[  154.618245][ T8282]  ? security_file_permission+0x7f/0xa0
[  154.623827][ T8282]  ? rw_verify_area+0x1d2/0x6b0
[  154.628723][ T8282]  ? __pfx_splice_to_socket+0x10/0x10
[  154.634128][ T8282]  do_splice+0xd77/0x1900
[  154.638538][ T8282]  ? __pfx_lock_release+0x10/0x10
[  154.643606][ T8282]  ? vfs_write+0x7c4/0xc90
[  154.648066][ T8282]  ? __mutex_unlock_slowpath+0x21d/0x750
[  154.653743][ T8282]  ? pipe_clear_nowait+0x196/0x220
[  154.658897][ T8282]  ? __pfx_do_splice+0x10/0x10
[  154.663710][ T8282]  __se_sys_splice+0x331/0x4a0
[  154.666731][ T8023] veth0_macvtap: entered promiscuous mode
[  154.668490][ T8282]  ? __pfx___se_sys_splice+0x10/0x10
[  154.668520][ T8282]  ? do_syscall_64+0x100/0x230
[  154.668549][ T8282]  ? __x64_sys_splice+0x21/0xf0
[  154.668572][ T8282]  do_syscall_64+0xf3/0x230
[  154.689662][ T8023] veth1_macvtap: entered promiscuous mode
[  154.693635][ T8282]  ? clear_bhb_loop+0x35/0x90
[  154.693664][ T8282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.710236][ T8282] RIP: 0033:0x7fd266f75b99
[  154.714674][ T8282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.734922][ T8282] RSP: 002b:00007fd267dc7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  154.737195][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.743343][ T8282] RAX: ffffffffffffffda RBX: 00007fd267104038 RCX: 00007fd266f75b99
[  154.743363][ T8282] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  154.743376][ T8282] RBP: 00007fd267dc70a0 R08: 0000000000007fff R09: 0000000000000000
[  154.743388][ T8282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.743400][ T8282] R13: 000000000000006e R14: 00007fd267104038 R15: 00007ffd8238a308
[  154.770918][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.777778][ T8282]  </TASK>
[  154.850449][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.864579][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.875470][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.886498][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.922433][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.946629][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.966964][ T8023] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.986551][ T8298] FAULT_INJECTION: forcing a failure.
[  154.986551][ T8298] name failslab, interval 1, probability 0, space 0, times 0
[  155.008382][ T8298] CPU: 1 PID: 8298 Comm: syz.1.802 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  155.018416][ T8298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  155.028499][ T8298] Call Trace:
[  155.031808][ T8298]  <TASK>
[  155.034765][ T8298]  dump_stack_lvl+0x241/0x360
[  155.039484][ T8298]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.044719][ T8298]  ? __pfx__printk+0x10/0x10
[  155.049345][ T8298]  ? __pfx___might_resched+0x10/0x10
[  155.054663][ T8298]  should_fail_ex+0x3b0/0x4e0
[  155.059372][ T8298]  ? ieee80211_start_roc_work+0x196/0xfe0
[  155.065122][ T8298]  should_failslab+0x9/0x20
[  155.069652][ T8298]  kmalloc_trace_noprof+0x6c/0x2c0
[  155.074808][ T8298]  ieee80211_start_roc_work+0x196/0xfe0
[  155.080405][ T8298]  ieee80211_remain_on_channel+0xda/0x120
[  155.086164][ T8298]  rdev_remain_on_channel+0x12f/0x300
[  155.091573][ T8298]  nl80211_remain_on_channel+0x48b/0x6f0
[  155.097228][ T8298]  ? __pfx_netdev_run_todo+0x10/0x10
[  155.102546][ T8298]  ? __pfx_nl80211_remain_on_channel+0x10/0x10
[  155.108759][ T8298]  genl_rcv_msg+0xb14/0xec0
[  155.113286][ T8298]  ? mark_lock+0x9a/0x350
[  155.117651][ T8298]  ? __pfx_genl_rcv_msg+0x10/0x10
[  155.122775][ T8298]  ? __pfx_lock_acquire+0x10/0x10
[  155.127825][ T8298]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  155.133237][ T8298]  ? __pfx_nl80211_remain_on_channel+0x10/0x10
[  155.139417][ T8298]  ? __pfx_nl80211_post_doit+0x10/0x10
[  155.144912][ T8298]  ? __pfx___might_resched+0x10/0x10
[  155.150239][ T8298]  netlink_rcv_skb+0x1e3/0x430
[  155.155037][ T8298]  ? __pfx_genl_rcv_msg+0x10/0x10
[  155.160087][ T8298]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  155.165424][ T8298]  ? __netlink_deliver_tap+0x77e/0x7c0
[  155.170926][ T8298]  genl_rcv+0x28/0x40
[  155.174928][ T8298]  netlink_unicast+0x7ea/0x980
[  155.179727][ T8298]  ? __pfx_netlink_unicast+0x10/0x10
[  155.185036][ T8298]  ? __virt_addr_valid+0x183/0x520
[  155.190184][ T8298]  ? __check_object_size+0x49c/0x900
[  155.195507][ T8298]  ? bpf_lsm_netlink_send+0x9/0x10
[  155.200661][ T8298]  netlink_sendmsg+0x8db/0xcb0
[  155.205478][ T8298]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.210807][ T8298]  ? __import_iovec+0x536/0x820
[  155.215760][ T8298]  ? aa_sock_msg_perm+0x91/0x160
[  155.220734][ T8298]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  155.226042][ T8298]  ? security_socket_sendmsg+0x87/0xb0
[  155.229509][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.231511][ T8298]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.244143][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.247180][ T8298]  __sock_sendmsg+0x221/0x270
[  155.247221][ T8298]  ____sys_sendmsg+0x525/0x7d0
[  155.247252][ T8298]  ? __pfx_____sys_sendmsg+0x10/0x10
[  155.247289][ T8298]  __sys_sendmsg+0x2b0/0x3a0
[  155.276417][ T8298]  ? __pfx___sys_sendmsg+0x10/0x10
[  155.278738][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.281551][ T8298]  ? vfs_write+0x7c4/0xc90
[  155.295931][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.296369][ T8298]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  155.313070][ T8298]  ? do_syscall_64+0x100/0x230
[  155.314473][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.317855][ T8298]  ? do_syscall_64+0xb6/0x230
[  155.317886][ T8298]  do_syscall_64+0xf3/0x230
[  155.317911][ T8298]  ? clear_bhb_loop+0x35/0x90
[  155.317931][ T8298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.317956][ T8298] RIP: 0033:0x7f6d9a575b99
[  155.317973][ T8298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.317988][ T8298] RSP: 002b:00007f6d9b378048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.318009][ T8298] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a575b99
[  155.318022][ T8298] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000007
[  155.318034][ T8298] RBP: 00007f6d9b3780a0 R08: 0000000000000000 R09: 0000000000000000
[  155.318047][ T8298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  155.318059][ T8298] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  155.318091][ T8298]  </TASK>
[  155.337592][ T5090] Bluetooth: hci1: command tx timeout
[  155.436111][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.446067][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.457060][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.468867][ T8023] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.529103][ T8304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.804'.
[  155.574307][ T8304] netlink: 14 bytes leftover after parsing attributes in process `syz.3.804'.
[  155.615838][ T8306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.804'.
[  155.656097][ T8023] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.676378][ T8023] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.686699][ T8023] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.718351][ T8023] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.772875][ T8313] netlink: 'syz.0.807': attribute type 10 has an invalid length.
[  155.813450][ T8313] geneve0: entered promiscuous mode
[  155.860494][ T8313] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  156.011385][ T8327] sctp: [Deprecated]: syz.3.811 (pid 8327) Use of struct sctp_assoc_value in delayed_ack socket option.
[  156.011385][ T8327] Use struct sctp_sack_info instead
[  156.032815][ T8319] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.112365][ T8325] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.236587][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.269336][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.326665][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.363684][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.873941][ T8356] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.952109][ T8362] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.980952][ T8368] netlink: 'syz.0.821': attribute type 13 has an invalid length.
[  156.991106][ T8368] veth0_macvtap: left promiscuous mode
[  156.996788][ T8368] macvtap0: entered allmulticast mode
[  157.023969][ T8368] macvtap0: refused to change device tx_queue_len
[  157.088184][ T8376] atomic_op ffff8880531bd998 conn xmit_atomic 0000000000000000
[  157.544009][ T8380] FAULT_INJECTION: forcing a failure.
[  157.544009][ T8380] name failslab, interval 1, probability 0, space 0, times 0
[  157.557233][ T8380] CPU: 1 PID: 8380 Comm: syz.2.826 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  157.567259][ T8380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  157.577333][ T8380] Call Trace:
[  157.580614][ T8380]  <TASK>
[  157.583537][ T8380]  dump_stack_lvl+0x241/0x360
[  157.588658][ T8380]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.593853][ T8380]  ? __pfx__printk+0x10/0x10
[  157.598448][ T8380]  should_fail_ex+0x3b0/0x4e0
[  157.603125][ T8380]  ? __alloc_skb+0x1c3/0x440
[  157.607713][ T8380]  should_failslab+0x9/0x20
[  157.612211][ T8380]  kmem_cache_alloc_node_noprof+0x71/0x320
[  157.618018][ T8380]  ? __kasan_kmalloc+0x98/0xb0
[  157.622776][ T8380]  __alloc_skb+0x1c3/0x440
[  157.627181][ T8380]  ? nfnetlink_rcv+0x297/0x2a80
[  157.632025][ T8380]  ? netlink_unicast+0x7ea/0x980
[  157.636954][ T8380]  ? netlink_sendmsg+0x8db/0xcb0
[  157.641892][ T8380]  ? __sock_sendmsg+0x221/0x270
[  157.646747][ T8380]  ? __pfx___alloc_skb+0x10/0x10
[  157.651702][ T8380]  netlink_dump+0x233/0xe50
[  157.656211][ T8380]  ? __pfx_netlink_dump+0x10/0x10
[  157.661251][ T8380]  ? trace_kmalloc+0x1f/0xd0
[  157.665852][ T8380]  ? kmalloc_node_track_caller_noprof+0x242/0x440
[  157.672278][ T8380]  ? kmemdup_noprof+0x45/0x60
[  157.676970][ T8380]  ? __asan_memcpy+0x40/0x70
[  157.681574][ T8380]  ? kmemdup_noprof+0x45/0x60
[  157.686256][ T8380]  __netlink_dump_start+0x59d/0x780
[  157.691456][ T8380]  ? nft_netlink_dump_start_rcu+0xcd/0x200
[  157.697259][ T8380]  nft_netlink_dump_start_rcu+0x139/0x200
[  157.702975][ T8380]  nf_tables_getset+0x73f/0xd10
[  157.707817][ T8380]  ? __pfx___nla_validate_parse+0x10/0x10
[  157.713539][ T8380]  ? __pfx_nf_tables_getset+0x10/0x10
[  157.718908][ T8380]  ? __pfx_nf_tables_dump_sets_start+0x10/0x10
[  157.725093][ T8380]  ? __pfx_nf_tables_dump_sets+0x10/0x10
[  157.730726][ T8380]  ? __pfx_nf_tables_dump_sets_done+0x10/0x10
[  157.736794][ T8380]  ? __nla_parse+0x40/0x60
[  157.741201][ T8380]  ? nfnetlink_rcv_msg+0x225/0x1180
[  157.746391][ T8380]  ? __pfx_nf_tables_getset+0x10/0x10
[  157.751754][ T8380]  nfnetlink_rcv_msg+0x8a2/0x1180
[  157.756773][ T8380]  ? nfnetlink_rcv_msg+0x225/0x1180
[  157.761983][ T8380]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  157.767432][ T8380]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  157.773420][ T8380]  ? __schedule+0x17f0/0x4a20
[  157.778094][ T8380]  ? __netlink_deliver_tap+0x54d/0x7c0
[  157.783556][ T8380]  ? netlink_sendmsg+0x8db/0xcb0
[  157.788489][ T8380]  ? ____sys_sendmsg+0x525/0x7d0
[  157.793437][ T8380]  netlink_rcv_skb+0x1e3/0x430
[  157.798199][ T8380]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  157.803652][ T8380]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  157.808940][ T8380]  ? apparmor_capable+0x138/0x1b0
[  157.813957][ T8380]  ? bpf_lsm_capable+0x9/0x10
[  157.818625][ T8380]  ? security_capable+0x90/0xb0
[  157.823477][ T8380]  nfnetlink_rcv+0x297/0x2a80
[  157.828341][ T8380]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  157.834320][ T8380]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  157.840645][ T8380]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  157.846530][ T8380]  ? lockdep_hardirqs_on+0x99/0x150
[  157.851722][ T8380]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  157.856826][ T8380]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  157.862708][ T8380]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  157.869034][ T8380]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[  157.875632][ T8380]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  157.882574][ T8380]  ? rcu_is_watching+0x15/0xb0
[  157.887338][ T8380]  ? rcu_read_unlock_special+0x470/0x550
[  157.892967][ T8380]  ? skb_clone+0x240/0x390
[  157.897463][ T8380]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  157.903458][ T8380]  ? __netlink_deliver_tap+0x77e/0x7c0
[  157.908920][ T8380]  ? __rcu_read_unlock+0xa1/0x110
[  157.913946][ T8380]  netlink_unicast+0x7ea/0x980
[  157.918710][ T8380]  ? __pfx_netlink_unicast+0x10/0x10
[  157.923986][ T8380]  ? __virt_addr_valid+0x183/0x520
[  157.929096][ T8380]  ? __check_object_size+0x49c/0x900
[  157.934391][ T8380]  ? bpf_lsm_netlink_send+0x9/0x10
[  157.939516][ T8380]  netlink_sendmsg+0x8db/0xcb0
[  157.944337][ T8380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.949618][ T8380]  ? __import_iovec+0x536/0x820
[  157.954457][ T8380]  ? aa_sock_msg_perm+0x91/0x160
[  157.959399][ T8380]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  157.964762][ T8380]  ? security_socket_sendmsg+0x87/0xb0
[  157.970219][ T8380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.975524][ T8380]  __sock_sendmsg+0x221/0x270
[  157.980243][ T8380]  ____sys_sendmsg+0x525/0x7d0
[  157.985084][ T8380]  ? __pfx_____sys_sendmsg+0x10/0x10
[  157.990392][ T8380]  __sys_sendmsg+0x2b0/0x3a0
[  157.994988][ T8380]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.000107][ T8380]  ? vfs_write+0x7c4/0xc90
[  158.004556][ T8380]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  158.010879][ T8380]  ? do_syscall_64+0x100/0x230
[  158.015647][ T8380]  ? do_syscall_64+0xb6/0x230
[  158.020408][ T8380]  do_syscall_64+0xf3/0x230
[  158.024928][ T8380]  ? clear_bhb_loop+0x35/0x90
[  158.029597][ T8380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.035488][ T8380] RIP: 0033:0x7f3e02f75b99
[  158.039900][ T8380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.059502][ T8380] RSP: 002b:00007f3e03ce4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.067909][ T8380] RAX: ffffffffffffffda RBX: 00007f3e03103f60 RCX: 00007f3e02f75b99
[  158.075872][ T8380] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000006
[  158.083855][ T8380] RBP: 00007f3e03ce40a0 R08: 0000000000000000 R09: 0000000000000000
[  158.091831][ T8380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.099795][ T8380] R13: 000000000000000b R14: 00007f3e03103f60 R15: 00007ffd90801968
[  158.107773][ T8380]  </TASK>
[  158.435208][ T8388] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  158.476537][ T8400] sctp: [Deprecated]: syz.3.831 (pid 8400) Use of struct sctp_assoc_value in delayed_ack socket option.
[  158.476537][ T8400] Use struct sctp_sack_info instead
[  158.530198][ T8388] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  158.704261][ T8403] sctp: [Deprecated]: syz.0.833 (pid 8403) Use of struct sctp_assoc_value in delayed_ack socket option.
[  158.704261][ T8403] Use struct sctp_sack_info instead
[  159.010454][ T8415] __nla_validate_parse: 5 callbacks suppressed
[  159.010476][ T8415] netlink: 16 bytes leftover after parsing attributes in process `syz.2.836'.
[  159.067783][ T8412] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.147310][ T8410] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.271470][ T8419] FAULT_INJECTION: forcing a failure.
[  159.271470][ T8419] name failslab, interval 1, probability 0, space 0, times 0
[  159.284509][ T8419] CPU: 1 PID: 8419 Comm: syz.1.838 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  159.294557][ T8419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  159.304674][ T8419] Call Trace:
[  159.307980][ T8419]  <TASK>
[  159.310923][ T8419]  dump_stack_lvl+0x241/0x360
[  159.315636][ T8419]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.320867][ T8419]  ? __pfx__printk+0x10/0x10
[  159.325489][ T8419]  ? tipc_conn_lookup+0x7f/0x380
[  159.330465][ T8419]  should_fail_ex+0x3b0/0x4e0
[  159.335183][ T8419]  ? tipc_topsrv_queue_evt+0xf1/0x300
[  159.340587][ T8419]  should_failslab+0x9/0x20
[  159.345128][ T8419]  kmalloc_trace_noprof+0x6c/0x2c0
[  159.350266][ T8419]  ? tipc_net+0x45/0x270
[  159.354541][ T8419]  tipc_topsrv_queue_evt+0xf1/0x300
[  159.359777][ T8419]  tipc_sub_report_overlap+0x4c9/0x840
[  159.365279][ T8419]  tipc_nametbl_insert_publ+0xfcc/0x1510
[  159.370978][ T8419]  tipc_nametbl_publish+0xc7/0x1e0
[  159.376132][ T8419]  tipc_sk_publish+0x205/0x480
[  159.380931][ T8419]  ? tipc_group_create_member+0x3fe/0x580
[  159.386693][ T8419]  ? __pfx_tipc_sk_publish+0x10/0x10
[  159.392017][ T8419]  ? tipc_nametbl_build_group+0x482/0x4c0
[  159.397767][ T8419]  ? tipc_nametbl_build_group+0x2e/0x4c0
[  159.403429][ T8419]  tipc_sk_join+0x42b/0x8a0
[  159.407952][ T8419]  ? __local_bh_enable_ip+0x168/0x200
[  159.413318][ T8419]  ? lockdep_hardirqs_on+0x99/0x150
[  159.418700][ T8419]  ? __pfx_tipc_sk_join+0x10/0x10
[  159.423726][ T8419]  tipc_setsockopt+0x831/0xc00
[  159.428501][ T8419]  ? __pfx_tipc_setsockopt+0x10/0x10
[  159.430268][ T8421] sctp: [Deprecated]: syz.3.839 (pid 8421) Use of struct sctp_assoc_value in delayed_ack socket option.
[  159.430268][ T8421] Use struct sctp_sack_info instead
[  159.433788][ T8419]  ? __pfx_lock_acquire+0x10/0x10
[  159.455000][ T8419]  ? aa_sock_opt_perm+0x79/0x120
[  159.459976][ T8419]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  159.465550][ T8419]  ? security_socket_setsockopt+0x87/0xb0
[  159.471304][ T8419]  ? __pfx_tipc_setsockopt+0x10/0x10
[  159.476618][ T8419]  do_sock_setsockopt+0x3af/0x720
[  159.481685][ T8419]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  159.487254][ T8419]  ? __fget_files+0x29/0x470
[  159.491885][ T8419]  ? __fget_files+0x3f6/0x470
[  159.496580][ T8419]  __sys_setsockopt+0x1ae/0x250
[  159.501452][ T8419]  __x64_sys_setsockopt+0xb5/0xd0
[  159.506591][ T8419]  do_syscall_64+0xf3/0x230
[  159.511123][ T8419]  ? clear_bhb_loop+0x35/0x90
[  159.515834][ T8419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.521827][ T8419] RIP: 0033:0x7f6d9a575b99
[  159.526340][ T8419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.546040][ T8419] RSP: 002b:00007f6d9b378048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  159.554474][ T8419] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a575b99
[  159.562452][ T8419] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000006
[  159.570418][ T8419] RBP: 00007f6d9b3780a0 R08: 00000000000004bd R09: 0000000000000000
[  159.578388][ T8419] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  159.586354][ T8419] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  159.594327][ T8419]  </TASK>
[  159.626838][ T2817] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.083688][ T8428] FAULT_INJECTION: forcing a failure.
[  160.083688][ T8428] name failslab, interval 1, probability 0, space 0, times 0
[  160.100514][ T8428] CPU: 0 PID: 8428 Comm: syz.1.841 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  160.110545][ T8428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  160.120620][ T8428] Call Trace:
[  160.123897][ T8428]  <TASK>
[  160.126822][ T8428]  dump_stack_lvl+0x241/0x360
[  160.131506][ T8428]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.136790][ T8428]  ? __pfx__printk+0x10/0x10
[  160.141379][ T8428]  ? __pfx___might_resched+0x10/0x10
[  160.146659][ T8428]  ? __asan_memset+0x23/0x50
[  160.151245][ T8428]  ? lockdep_init_map_type+0xa1/0x910
[  160.157058][ T8428]  should_fail_ex+0x3b0/0x4e0
[  160.161737][ T8428]  should_failslab+0x9/0x20
[  160.166259][ T8428]  __kmalloc_node_noprof+0xdf/0x440
[  160.171469][ T8428]  ? kvmalloc_node_noprof+0x72/0x190
[  160.176766][ T8428]  kvmalloc_node_noprof+0x72/0x190
[  160.181881][ T8428]  alloc_netdev_mqs+0xa21/0xf80
[  160.186738][ T8428]  rtnl_create_link+0x2f9/0xc20
[  160.191592][ T8428]  rtnl_newlink+0x1421/0x20a0
[  160.196286][ T8428]  ? __kernel_text_address+0xd/0x40
[  160.201495][ T8428]  ? rtnl_newlink+0xaf1/0x20a0
[  160.206278][ T8428]  ? __pfx_rtnl_newlink+0x10/0x10
[  160.211310][ T8428]  ? __pfx___mutex_trylock_common+0x10/0x10
[  160.217207][ T8428]  ? rcu_is_watching+0x15/0xb0
[  160.221966][ T8428]  ? trace_contention_end+0x3c/0x120
[  160.227294][ T8428]  ? __mutex_lock+0x2ef/0xd70
[  160.231976][ T8428]  ? __pfx_lock_release+0x10/0x10
[  160.237019][ T8428]  ? __pfx_rtnl_newlink+0x10/0x10
[  160.242045][ T8428]  rtnetlink_rcv_msg+0x89b/0x1180
[  160.247101][ T8428]  ? rtnetlink_rcv_msg+0x208/0x1180
[  160.252313][ T8428]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  160.257774][ T8428]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  160.263767][ T8428]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  160.270112][ T8428]  ? __local_bh_enable_ip+0x168/0x200
[  160.275525][ T8428]  ? lockdep_hardirqs_on+0x99/0x150
[  160.280751][ T8428]  ? __local_bh_enable_ip+0x168/0x200
[  160.286131][ T8428]  ? dev_hard_start_xmit+0x773/0x7e0
[  160.291423][ T8428]  ? __dev_queue_xmit+0x2d2/0x3d30
[  160.296537][ T8428]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  160.302259][ T8428]  ? __dev_queue_xmit+0x2d2/0x3d30
[  160.307387][ T8428]  ? __dev_queue_xmit+0x16c9/0x3d30
[  160.312794][ T8428]  ? __dev_queue_xmit+0x2d2/0x3d30
[  160.317929][ T8428]  ? ref_tracker_free+0x643/0x7e0
[  160.322967][ T8428]  netlink_rcv_skb+0x1e3/0x430
[  160.327736][ T8428]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  160.333200][ T8428]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  160.338498][ T8428]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.343804][ T8428]  netlink_unicast+0x7ea/0x980
[  160.349095][ T8428]  ? __pfx_netlink_unicast+0x10/0x10
[  160.354374][ T8428]  ? __virt_addr_valid+0x183/0x520
[  160.359504][ T8428]  ? __check_object_size+0x49c/0x900
[  160.364812][ T8428]  ? bpf_lsm_netlink_send+0x9/0x10
[  160.369932][ T8428]  netlink_sendmsg+0x8db/0xcb0
[  160.374708][ T8428]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.379990][ T8428]  ? __import_iovec+0x536/0x820
[  160.384832][ T8428]  ? aa_sock_msg_perm+0x91/0x160
[  160.389881][ T8428]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  160.395156][ T8428]  ? security_socket_sendmsg+0x87/0xb0
[  160.400609][ T8428]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.405888][ T8428]  __sock_sendmsg+0x221/0x270
[  160.410567][ T8428]  ____sys_sendmsg+0x525/0x7d0
[  160.415353][ T8428]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.420759][ T8428]  __sys_sendmsg+0x2b0/0x3a0
[  160.425382][ T8428]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.430502][ T8428]  ? vfs_write+0x7c4/0xc90
[  160.434955][ T8428]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  160.441281][ T8428]  ? do_syscall_64+0x100/0x230
[  160.446054][ T8428]  ? do_syscall_64+0xb6/0x230
[  160.450837][ T8428]  do_syscall_64+0xf3/0x230
[  160.455341][ T8428]  ? clear_bhb_loop+0x35/0x90
[  160.460015][ T8428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.465905][ T8428] RIP: 0033:0x7f6d9a575b99
[  160.470319][ T8428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.489925][ T8428] RSP: 002b:00007f6d9b378048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.498336][ T8428] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a575b99
[  160.506300][ T8428] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000a
[  160.514263][ T8428] RBP: 00007f6d9b3780a0 R08: 0000000000000000 R09: 0000000000000000
[  160.522239][ T8428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.530203][ T8428] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  160.538181][ T8428]  </TASK>
[  160.681911][ T2817] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.800726][ T8440] bond_slave_0: entered promiscuous mode
[  160.806812][ T8440] bond_slave_1: entered promiscuous mode
[  160.813562][ T8440] batadv0: entered promiscuous mode
[  160.890482][ T8440] vlan3: entered promiscuous mode
[  160.914994][ T8440] bond0: entered promiscuous mode
[  160.955467][ T8440] bond0: left promiscuous mode
[  161.013303][ T8440] bond_slave_0: left promiscuous mode
[  161.018875][ T8440] bond_slave_1: left promiscuous mode
[  161.024389][ T8440] batadv0: left promiscuous mode
[  161.068887][ T5101] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  161.079666][ T5101] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  161.088350][ T5101] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  161.100498][ T5101] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  161.119744][ T5101] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  161.128112][ T5101] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  161.308524][ T2817] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.505465][ T8465] netlink: 44 bytes leftover after parsing attributes in process `syz.2.851'.
[  161.506567][ T2817] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.565180][ T5090] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  161.576411][ T5090] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  161.591868][ T5090] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  161.608487][ T5090] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  161.616309][ T5090] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  161.629944][ T5090] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  161.852724][ T8479] netlink: 'syz.0.856': attribute type 4 has an invalid length.
[  161.917496][ T2817] bridge_slave_1: left allmulticast mode
[  161.923334][ T2817] bridge_slave_1: left promiscuous mode
[  161.929651][ T2817] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.941403][ T2817] bridge_slave_0: left allmulticast mode
[  161.947517][ T2817] bridge_slave_0: left promiscuous mode
[  161.953335][ T2817] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.244362][ T2817] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  162.255566][ T2817] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  162.273357][ T2817] bond0 (unregistering): Released all slaves
[  162.315478][ T8482] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  162.329088][ T8482] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.366896][ T8479] netlink: 'syz.0.856': attribute type 4 has an invalid length.
[  162.401642][ T8486] netlink: 'syz.0.856': attribute type 10 has an invalid length.
[  162.409891][ T8486] netlink: 2 bytes leftover after parsing attributes in process `syz.0.856'.
[  162.418850][ T8486] team0: entered promiscuous mode
[  162.423883][ T8486] team_slave_0: entered promiscuous mode
[  162.429869][ T8486] team_slave_1: entered promiscuous mode
[  162.435781][ T8486] bridge0: port 3(team0) entered blocking state
[  162.442723][ T8486] bridge0: port 3(team0) entered disabled state
[  162.449548][ T8486] team0: entered allmulticast mode
[  162.454688][ T8486] team_slave_0: entered allmulticast mode
[  162.460485][ T8486] team_slave_1: entered allmulticast mode
[  162.469736][ T8486] bridge0: port 3(team0) entered blocking state
[  162.476065][ T8486] bridge0: port 3(team0) entered forwarding state
[  162.592966][ T8482] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  162.604301][ T8482] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.734037][ T8482] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  162.755194][ T8482] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.810152][ T2817] hsr_slave_0: left promiscuous mode
[  162.823595][ T2817] hsr_slave_1: left promiscuous mode
[  162.832321][ T2817] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  162.840762][ T2817] batman_adv: batadv0: Removing interface: batadv_slave_0
[  162.850198][ T2817] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  162.859510][ T2817] batman_adv: batadv0: Removing interface: batadv_slave_1
[  162.883703][ T2817] veth1_macvtap: left promiscuous mode
[  162.889390][ T2817] veth0_macvtap: left promiscuous mode
[  162.894964][ T2817] veth1_vlan: left promiscuous mode
[  162.900335][ T2817] veth0_vlan: left promiscuous mode
[  163.139405][ T8502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  163.202036][ T8502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  163.237360][ T5101] Bluetooth: hci1: command tx timeout
[  163.355665][ T2817] team0 (unregistering): Port device team_slave_1 removed
[  163.393170][ T2817] team0 (unregistering): Port device team_slave_0 removed
[  163.717656][ T5101] Bluetooth: hci2: command tx timeout
[  163.774596][ T8482] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  163.785411][ T8482] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.804739][ T8499] netlink: 16 bytes leftover after parsing attributes in process `syz.0.861'.
[  163.814221][ T8455] chnl_net:caif_netlink_parms(): no params data found
[  163.978032][ T8455] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.985671][ T8455] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.993460][ T8455] bridge_slave_0: entered allmulticast mode
[  164.008176][ T8455] bridge_slave_0: entered promiscuous mode
[  164.016743][ T8455] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.024064][ T8455] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.031919][ T8455] bridge_slave_1: entered allmulticast mode
[  164.040209][ T8455] bridge_slave_1: entered promiscuous mode
[  164.091974][ T8482] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  164.106846][ T8482] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.158961][ T8482] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  164.168402][ T8482] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.187346][ T8455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.206304][ T8482] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  164.231177][ T8482] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.248376][ T8466] chnl_net:caif_netlink_parms(): no params data found
[  164.319627][ T8455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.347591][ T8482] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  164.355830][ T8482] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.356874][ T8521] FAULT_INJECTION: forcing a failure.
[  164.356874][ T8521] name failslab, interval 1, probability 0, space 0, times 0
[  164.377368][ T8513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  164.382660][ T8516] netlink: 16 bytes leftover after parsing attributes in process `syz.2.863'.
[  164.427468][ T8521] CPU: 1 PID: 8521 Comm: syz.0.864 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  164.430322][ T8513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  164.437468][ T8521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  164.437486][ T8521] Call Trace:
[  164.437496][ T8521]  <TASK>
[  164.437505][ T8521]  dump_stack_lvl+0x241/0x360
[  164.437539][ T8521]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.473538][ T8521]  ? __pfx__printk+0x10/0x10
[  164.478162][ T8521]  ? __pfx___might_resched+0x10/0x10
[  164.483474][ T8521]  should_fail_ex+0x3b0/0x4e0
[  164.488164][ T8521]  ? nft_trans_table_add+0x53/0x270
[  164.493381][ T8521]  should_failslab+0x9/0x20
[  164.497882][ T8521]  kmalloc_trace_noprof+0x6c/0x2c0
[  164.502983][ T8521]  ? rhashtable_init_noprof+0x748/0xa60
[  164.508526][ T8521]  nft_trans_table_add+0x53/0x270
[  164.513565][ T8521]  nf_tables_newtable+0x10f6/0x1dc0
[  164.518774][ T8521]  ? __pfx_nf_tables_newtable+0x10/0x10
[  164.524320][ T8521]  ? __nla_parse+0x40/0x60
[  164.528758][ T8521]  nfnetlink_rcv+0x1427/0x2a80
[  164.533524][ T8521]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  164.539896][ T8521]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  164.545018][ T8521]  ? __dev_queue_xmit+0x2d2/0x3d30
[  164.550156][ T8521]  ? netlink_deliver_tap+0x2e/0x1b0
[  164.555344][ T8521]  ? skb_clone+0x240/0x390
[  164.559753][ T8521]  ? __pfx_lock_release+0x10/0x10
[  164.564778][ T8521]  ? netlink_deliver_tap+0x2e/0x1b0
[  164.569973][ T8521]  netlink_unicast+0x7ea/0x980
[  164.574737][ T8521]  ? __pfx_netlink_unicast+0x10/0x10
[  164.580016][ T8521]  ? __virt_addr_valid+0x183/0x520
[  164.585121][ T8521]  ? __check_object_size+0x49c/0x900
[  164.590400][ T8521]  ? bpf_lsm_netlink_send+0x9/0x10
[  164.595510][ T8521]  netlink_sendmsg+0x8db/0xcb0
[  164.600282][ T8521]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.605650][ T8521]  ? __mutex_trylock_common+0x183/0x2e0
[  164.611191][ T8521]  ? aa_sock_msg_perm+0x91/0x160
[  164.616128][ T8521]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  164.621401][ T8521]  ? security_socket_sendmsg+0x87/0xb0
[  164.626855][ T8521]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.632132][ T8521]  __sock_sendmsg+0x221/0x270
[  164.636811][ T8521]  sock_sendmsg+0x134/0x200
[  164.641315][ T8521]  ? __pfx_sock_sendmsg+0x10/0x10
[  164.646352][ T8521]  ? iov_iter_bvec+0x4e/0x180
[  164.651028][ T8521]  splice_to_socket+0xa13/0x10b0
[  164.655955][ T8521]  ? __pfx_lock_release+0x10/0x10
[  164.660989][ T8521]  ? __pfx_splice_to_socket+0x10/0x10
[  164.666371][ T8521]  ? __lock_acquire+0x1346/0x1fd0
[  164.671401][ T8521]  ? bpf_lsm_file_permission+0x9/0x10
[  164.676766][ T8521]  ? security_file_permission+0x7f/0xa0
[  164.682308][ T8521]  ? rw_verify_area+0x1d2/0x6b0
[  164.687158][ T8521]  ? __pfx_splice_to_socket+0x10/0x10
[  164.692542][ T8521]  do_splice+0xd77/0x1900
[  164.696870][ T8521]  ? __pfx_lock_release+0x10/0x10
[  164.701887][ T8521]  ? vfs_write+0x7c4/0xc90
[  164.706300][ T8521]  ? __mutex_unlock_slowpath+0x21d/0x750
[  164.711928][ T8521]  ? pipe_clear_nowait+0x196/0x220
[  164.717131][ T8521]  ? __pfx_do_splice+0x10/0x10
[  164.721893][ T8521]  __se_sys_splice+0x331/0x4a0
[  164.726655][ T8521]  ? __pfx___se_sys_splice+0x10/0x10
[  164.732019][ T8521]  ? do_syscall_64+0x100/0x230
[  164.736783][ T8521]  ? __x64_sys_splice+0x21/0xf0
[  164.741626][ T8521]  do_syscall_64+0xf3/0x230
[  164.746126][ T8521]  ? clear_bhb_loop+0x35/0x90
[  164.750793][ T8521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.756700][ T8521] RIP: 0033:0x7f1d12175b99
[  164.761165][ T8521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.780770][ T8521] RSP: 002b:00007f1d12e6c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  164.789189][ T8521] RAX: ffffffffffffffda RBX: 00007f1d12304038 RCX: 00007f1d12175b99
[  164.797152][ T8521] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  164.805110][ T8521] RBP: 00007f1d12e6c0a0 R08: 0000000000007fff R09: 0000000000000000
[  164.813067][ T8521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.821044][ T8521] R13: 000000000000006e R14: 00007f1d12304038 R15: 00007ffcd091a6f8
[  164.829038][ T8521]  </TASK>
[  164.891597][ T8523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.865'.
[  164.913466][ T8523] bond2: entered allmulticast mode
[  164.972311][ T8455] team0: Port device team_slave_0 added
[  164.991175][ T8455] team0: Port device team_slave_1 added
[  165.001232][ T8531] netlink: 20 bytes leftover after parsing attributes in process `syz.1.866'.
[  165.031525][ T2817] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.080535][ T8531] netlink: 20 bytes leftover after parsing attributes in process `syz.1.866'.
[  165.090340][ T8466] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.098844][ T8466] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.106160][ T8466] bridge_slave_0: entered allmulticast mode
[  165.143145][ T8466] bridge_slave_0: entered promiscuous mode
[  165.187308][ T2817] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.202846][ T8466] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.210523][ T8466] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.222618][ T8466] bridge_slave_1: entered allmulticast mode
[  165.231435][ T8466] bridge_slave_1: entered promiscuous mode
[  165.247713][ T8455] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.277428][ T8455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.317725][ T5101] Bluetooth: hci1: command tx timeout
[  165.320503][ T8455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  165.358465][ T2817] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.424537][ T8455] batman_adv: batadv0: Adding interface: batadv_slave_1
[  165.446211][ T8455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.480114][ T8455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  165.527417][ T2817] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.565968][ T8466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.627423][ T8466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.764624][ T8466] team0: Port device team_slave_0 added
[  165.785837][ T8466] team0: Port device team_slave_1 added
[  165.797799][ T5101] Bluetooth: hci2: command tx timeout
[  165.856018][ T8455] hsr_slave_0: entered promiscuous mode
[  165.917497][ T8455] hsr_slave_1: entered promiscuous mode
[  165.925981][ T8455] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  165.937505][ T8455] Cannot create hsr debugfs directory
[  166.063848][ T8466] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.071080][ T8466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.101774][ T8466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.150566][ T8567] netlink: 176 bytes leftover after parsing attributes in process `syz.1.873'.
[  166.169176][ T8466] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.193793][ T8466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.241309][ T8466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.283331][ T8564] netlink: 16 bytes leftover after parsing attributes in process `syz.0.875'.
[  166.304252][ T8574] netlink: 12 bytes leftover after parsing attributes in process `syz.2.876'.
[  166.347712][ T8564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  166.365432][ T2817] vlan2: left allmulticast mode
[  166.375303][ T2817] vlan2: left promiscuous mode
[  166.381525][ T2817] bridge0: port 3(vlan2) entered disabled state
[  166.391262][ T2817] bridge_slave_1: left allmulticast mode
[  166.396946][ T2817] bridge_slave_1: left promiscuous mode
[  166.403330][ T2817] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.414111][ T2817] bridge_slave_0: left allmulticast mode
[  166.420225][ T2817] bridge_slave_0: left promiscuous mode
[  166.428668][ T2817] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.685250][ T2817] bond1 (unregistering): (slave bridge1): Releasing backup interface
[  166.746017][ T2817] team0: Port device bridge2 removed
[  166.882053][ T2817] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  166.894211][ T2817] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.905558][ T2817] bond0 (unregistering): Released all slaves
[  166.925150][ T2817] bond1 (unregistering): Released all slaves
[  167.024432][ T8466] hsr_slave_0: entered promiscuous mode
[  167.042205][ T8466] hsr_slave_1: entered promiscuous mode
[  167.061249][ T8466] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.079249][ T8466] Cannot create hsr debugfs directory
[  167.312037][ T8592] delete_channel: no stack
[  167.329030][ T8594] netlink: 28 bytes leftover after parsing attributes in process `syz.1.884'.
[  167.382223][ T8592] netlink: 'syz.2.883': attribute type 4 has an invalid length.
[  167.399946][ T5101] Bluetooth: hci1: command tx timeout
[  167.406672][ T8592] netlink: 17 bytes leftover after parsing attributes in process `syz.2.883'.
[  167.425096][ T8598] Cannot find add_set index 0 as target
[  167.564915][ T8603] netlink: 68 bytes leftover after parsing attributes in process `syz.1.887'.
[  167.690487][ T2817] hsr_slave_0: left promiscuous mode
[  167.712253][ T2817] hsr_slave_1: left promiscuous mode
[  167.730655][ T2817] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.743575][ T2817] batman_adv: batadv0: Removing interface: batadv_slave_0
[  167.752072][ T2817] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.759881][ T2817] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.779951][ T2817] veth1_macvtap: left promiscuous mode
[  167.785486][ T2817] veth0_macvtap: left promiscuous mode
[  167.791483][ T2817] veth1_vlan: left promiscuous mode
[  167.796872][ T2817] veth0_vlan: left promiscuous mode
[  167.849563][ T8608] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.878026][ T5101] Bluetooth: hci2: command tx timeout
[  168.239618][ T2817] team0 (unregistering): Port device team_slave_1 removed
[  168.282872][ T2817] team0 (unregistering): Port device team_slave_0 removed
[  168.862304][ T8622] FAULT_INJECTION: forcing a failure.
[  168.862304][ T8622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.886639][ T8622] CPU: 0 PID: 8622 Comm: syz.1.894 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  168.896681][ T8622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  168.906758][ T8622] Call Trace:
[  168.910063][ T8622]  <TASK>
[  168.913063][ T8622]  dump_stack_lvl+0x241/0x360
[  168.917783][ T8622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.923105][ T8622]  ? __pfx__printk+0x10/0x10
[  168.927737][ T8622]  should_fail_ex+0x3b0/0x4e0
[  168.932450][ T8622]  _copy_from_user+0x2f/0xe0
[  168.937060][ T8622]  move_addr_to_kernel+0x82/0x150
[  168.939158][ T8455] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  168.942097][ T8622]  __sys_sendto+0x2a3/0x4f0
[  168.953288][ T8622]  ? __pfx___sys_sendto+0x10/0x10
[  168.958377][ T8622]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  168.964386][ T8622]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  168.970736][ T8622]  ? exc_page_fault+0x590/0x8c0
[  168.975602][ T8622]  __x64_sys_sendto+0xde/0x100
[  168.980372][ T8622]  do_syscall_64+0xf3/0x230
[  168.984874][ T8622]  ? clear_bhb_loop+0x35/0x90
[  168.989546][ T8622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.995436][ T8622] RIP: 0033:0x7f6d9a57792c
[  168.999845][ T8622] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b
[  169.019450][ T8622] RSP: 002b:00007f6d9b376ed0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  169.027859][ T8622] RAX: ffffffffffffffda RBX: 00007f6d9b376fd0 RCX: 00007f6d9a57792c
[  169.035822][ T8622] RDX: 0000000000000020 RSI: 00007f6d9b377020 RDI: 0000000000000005
[  169.043781][ T8622] RBP: 0000000000000000 R08: 00007f6d9b376f24 R09: 000000000000000c
[  169.051745][ T8622] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005
[  169.059705][ T8622] R13: 00007f6d9b376f78 R14: 00007f6d9b377020 R15: 0000000000000000
[  169.067680][ T8622]  </TASK>
[  169.166038][ T8455] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  169.195330][ T8455] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  169.215679][ T8629] FAULT_INJECTION: forcing a failure.
[  169.215679][ T8629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.219061][ T8630] Cannot find add_set index 0 as target
[  169.238716][ T8629] CPU: 1 PID: 8629 Comm: syz.1.896 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  169.242975][ T8455] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  169.248715][ T8629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  169.248730][ T8629] Call Trace:
[  169.248739][ T8629]  <TASK>
[  169.248747][ T8629]  dump_stack_lvl+0x241/0x360
[  169.248778][ T8629]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.248801][ T8629]  ? __pfx__printk+0x10/0x10
[  169.248826][ T8629]  ? __pfx_lock_release+0x10/0x10
[  169.291294][ T8629]  should_fail_ex+0x3b0/0x4e0
[  169.296039][ T8629]  _copy_from_iter+0x1f6/0x1960
[  169.300918][ T8629]  ? __virt_addr_valid+0x183/0x520
[  169.306066][ T8629]  ? __pfx_lock_release+0x10/0x10
[  169.311125][ T8629]  ? __alloc_skb+0x28f/0x440
[  169.315751][ T8629]  ? __pfx__copy_from_iter+0x10/0x10
[  169.321072][ T8629]  ? __virt_addr_valid+0x183/0x520
[  169.326211][ T8629]  ? __virt_addr_valid+0x183/0x520
[  169.331356][ T8629]  ? __virt_addr_valid+0x44e/0x520
[  169.336498][ T8629]  ? __check_object_size+0x49c/0x900
[  169.341814][ T8629]  netlink_sendmsg+0x743/0xcb0
[  169.346594][ T8629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.351884][ T8629]  ? __import_iovec+0x536/0x820
[  169.356728][ T8629]  ? aa_sock_msg_perm+0x91/0x160
[  169.361669][ T8629]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  169.366943][ T8629]  ? security_socket_sendmsg+0x87/0xb0
[  169.372397][ T8629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.377673][ T8629]  __sock_sendmsg+0x221/0x270
[  169.382347][ T8629]  ____sys_sendmsg+0x525/0x7d0
[  169.387117][ T8629]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.392416][ T8629]  __sys_sendmsg+0x2b0/0x3a0
[  169.397004][ T8629]  ? __pfx___sys_sendmsg+0x10/0x10
[  169.402112][ T8629]  ? vfs_write+0x7c4/0xc90
[  169.406548][ T8629]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  169.412869][ T8629]  ? do_syscall_64+0x100/0x230
[  169.417633][ T8629]  ? do_syscall_64+0xb6/0x230
[  169.422304][ T8629]  do_syscall_64+0xf3/0x230
[  169.426803][ T8629]  ? clear_bhb_loop+0x35/0x90
[  169.431472][ T8629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.437362][ T8629] RIP: 0033:0x7f6d9a575b99
[  169.441768][ T8629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.461365][ T8629] RSP: 002b:00007f6d9b378048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.469771][ T8629] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a575b99
[  169.477733][ T8629] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[  169.485692][ T8629] RBP: 00007f6d9b3780a0 R08: 0000000000000000 R09: 0000000000000000
[  169.493661][ T8629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.501623][ T8629] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  169.509597][ T8629]  </TASK>
[  169.517387][ T5101] Bluetooth: hci1: command tx timeout
[  169.774776][ T8455] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.856931][ T8455] 8021q: adding VLAN 0 to HW filter on device team0
[  169.924172][ T5136] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.931396][ T5136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.958267][ T5101] Bluetooth: hci2: command tx timeout
[  169.978534][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.985702][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.051191][ T8466] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  170.078245][ T8656] netlink: 'syz.2.905': attribute type 21 has an invalid length.
[  170.086919][ T8656] __nla_validate_parse: 2 callbacks suppressed
[  170.086935][ T8656] netlink: 128 bytes leftover after parsing attributes in process `syz.2.905'.
[  170.110686][ T8656] netlink: 'syz.2.905': attribute type 4 has an invalid length.
[  170.128394][ T8656] netlink: 'syz.2.905': attribute type 5 has an invalid length.
[  170.136079][ T8656] netlink: 3 bytes leftover after parsing attributes in process `syz.2.905'.
[  170.148753][ T8649] netlink: 16 bytes leftover after parsing attributes in process `syz.1.904'.
[  170.158283][ T8466] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  170.168598][ T8466] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  170.181319][ T8649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  170.196401][ T8466] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  170.199416][ T8661] netlink: 'syz.0.907': attribute type 1 has an invalid length.
[  170.211307][ T8661] netlink: 'syz.0.907': attribute type 1 has an invalid length.
[  170.220914][ T8661] netlink: 9328 bytes leftover after parsing attributes in process `syz.0.907'.
[  170.230744][ T8661] netlink: 'syz.0.907': attribute type 1 has an invalid length.
[  170.306563][ T8662] netlink: 'syz.0.907': attribute type 4 has an invalid length.
[  170.314508][ T8662] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.907'.
[  170.523944][ T8466] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.572668][ T8466] 8021q: adding VLAN 0 to HW filter on device team0
[  170.594212][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.601557][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.630496][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.637707][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.695680][ T8455] 8021q: adding VLAN 0 to HW filter on device batadv0
[  170.725789][ T8466] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  170.746195][ T8466] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.871164][ T8680] netlink: 'syz.1.912': attribute type 4 has an invalid length.
[  170.892125][ T8680] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.912'.
[  171.061456][ T8466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.118417][ T8695] netlink: 16 bytes leftover after parsing attributes in process `syz.0.913'.
[  171.136600][ T8684] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.206679][ T8466] veth0_vlan: entered promiscuous mode
[  171.234806][ T8466] veth1_vlan: entered promiscuous mode
[  171.242356][ T8684] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.292429][ T8699] netlink: 'syz.1.916': attribute type 1 has an invalid length.
[  171.296853][ T8455] veth0_vlan: entered promiscuous mode
[  171.310155][ T8699] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.916'.
[  171.327632][ T8455] veth1_vlan: entered promiscuous mode
[  171.333184][ T8699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.916'.
[  171.372177][ T8466] veth0_macvtap: entered promiscuous mode
[  171.408373][ T8466] veth1_macvtap: entered promiscuous mode
[  171.416032][ T8455] veth0_macvtap: entered promiscuous mode
[  171.432813][ T8455] veth1_macvtap: entered promiscuous mode
[  171.459704][ T8466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.471191][ T8466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.481678][ T8466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.492309][ T8466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.502195][ T8466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.515001][ T8466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.527930][ T8466] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.544977][ T8466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.556937][ T8466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.568220][ T8466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.579044][ T8466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.589150][ T8466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.599754][ T8466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.611154][ T8466] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.626625][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.638068][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.648033][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.659017][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.669385][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.680269][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.690856][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.701492][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.713340][ T8455] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.722166][ T8705] netlink: 16 bytes leftover after parsing attributes in process `syz.1.917'.
[  171.733488][ T8705] bridge0: entered promiscuous mode
[  171.746223][ T8466] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.756826][ T8466] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.766300][ T8466] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.775310][ T8466] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.785929][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.798536][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.809014][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.819866][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.830099][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.840769][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.851274][ T8455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.865403][ T8455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.882821][ T8455] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.922011][ T8455] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.933765][ T8455] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.942660][ T8455] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.953111][ T8455] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.084053][ T1035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.094545][ T1035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.153258][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.175222][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.201172][ T2419] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.212353][ T2419] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.252164][ T1035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.264349][ T1035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.388485][ T8719] FAULT_INJECTION: forcing a failure.
[  172.388485][ T8719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.422859][ T8719] CPU: 0 PID: 8719 Comm: syz.1.922 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  172.432916][ T8719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  172.442997][ T8719] Call Trace:
[  172.446304][ T8719]  <TASK>
[  172.449272][ T8719]  dump_stack_lvl+0x241/0x360
[  172.453983][ T8719]  ? __pfx_dump_stack_lvl+0x10/0x10
[  172.459215][ T8719]  ? __pfx__printk+0x10/0x10
[  172.463841][ T8719]  ? snprintf+0xda/0x120
[  172.468128][ T8719]  should_fail_ex+0x3b0/0x4e0
[  172.472856][ T8719]  _copy_to_user+0x2f/0xb0
[  172.477313][ T8719]  simple_read_from_buffer+0xca/0x150
[  172.482736][ T8719]  proc_fail_nth_read+0x1e9/0x250
[  172.487811][ T8719]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.493393][ T8719]  ? rw_verify_area+0x514/0x6b0
[  172.498268][ T8719]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  172.503838][ T8719]  vfs_read+0x204/0xbd0
[  172.508028][ T8719]  ? __pfx_lock_release+0x10/0x10
[  172.513087][ T8719]  ? __pfx_vfs_read+0x10/0x10
[  172.517801][ T8719]  ? __fget_files+0x29/0x470
[  172.522422][ T8719]  ? __fget_files+0x3f6/0x470
[  172.527137][ T8719]  ksys_read+0x1a0/0x2c0
[  172.531415][ T8719]  ? __pfx_ksys_read+0x10/0x10
[  172.536207][ T8719]  ? do_syscall_64+0x100/0x230
[  172.541011][ T8719]  ? do_syscall_64+0xb6/0x230
[  172.545727][ T8719]  do_syscall_64+0xf3/0x230
[  172.550266][ T8719]  ? clear_bhb_loop+0x35/0x90
[  172.554976][ T8719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.560909][ T8719] RIP: 0033:0x7f6d9a57467c
[  172.565357][ T8719] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  172.585342][ T8719] RSP: 002b:00007f6d9b378040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  172.593792][ T8719] RAX: ffffffffffffffda RBX: 00007f6d9a703f60 RCX: 00007f6d9a57467c
[  172.601890][ T8719] RDX: 000000000000000f RSI: 00007f6d9b3780b0 RDI: 0000000000000004
[  172.609896][ T8719] RBP: 00007f6d9b3780a0 R08: 0000000000000000 R09: 0000000000000000
[  172.617900][ T8719] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  172.625891][ T8719] R13: 000000000000000b R14: 00007f6d9a703f60 R15: 00007ffe88bf3288
[  172.633983][ T8719]  </TASK>
[  172.670327][ T8728] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.754452][ T8718] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.863823][ T8740] FAULT_INJECTION: forcing a failure.
[  172.863823][ T8740] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.877683][ T8740] CPU: 0 PID: 8740 Comm: syz.0.929 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  172.887701][ T8740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  172.897783][ T8740] Call Trace:
[  172.901079][ T8740]  <TASK>
[  172.904018][ T8740]  dump_stack_lvl+0x241/0x360
[  172.908793][ T8740]  ? __pfx_dump_stack_lvl+0x10/0x10
[  172.913993][ T8740]  ? __pfx__printk+0x10/0x10
[  172.918593][ T8740]  should_fail_ex+0x3b0/0x4e0
[  172.923277][ T8740]  _copy_from_user+0x2f/0xe0
[  172.927868][ T8740]  move_addr_to_kernel+0x82/0x150
[  172.932930][ T8740]  copy_msghdr_from_user+0x43e/0x680
[  172.938212][ T8740]  ? _parse_integer_limit+0x1b5/0x200
[  172.943583][ T8740]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  172.949423][ T8740]  __sys_sendmmsg+0x374/0x740
[  172.954122][ T8740]  ? __pfx___sys_sendmmsg+0x10/0x10
[  172.959360][ T8740]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  172.965257][ T8740]  ? ksys_write+0x23e/0x2c0
[  172.969760][ T8740]  ? __pfx_lock_release+0x10/0x10
[  172.974783][ T8740]  ? vfs_write+0x7c4/0xc90
[  172.979226][ T8740]  ? __mutex_unlock_slowpath+0x21d/0x750
[  172.984870][ T8740]  ? __pfx_vfs_write+0x10/0x10
[  172.989653][ T8740]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  172.995669][ T8740]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  173.002004][ T8740]  ? do_syscall_64+0x100/0x230
[  173.006775][ T8740]  __x64_sys_sendmmsg+0xa0/0xb0
[  173.011629][ T8740]  do_syscall_64+0xf3/0x230
[  173.016128][ T8740]  ? clear_bhb_loop+0x35/0x90
[  173.020798][ T8740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.026693][ T8740] RIP: 0033:0x7f1d12175b99
[  173.031101][ T8740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.050704][ T8740] RSP: 002b:00007f1d12e8d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  173.059110][ T8740] RAX: ffffffffffffffda RBX: 00007f1d12303f60 RCX: 00007f1d12175b99
[  173.067071][ T8740] RDX: 0000000000000001 RSI: 0000000020001740 RDI: 0000000000000003
[  173.075030][ T8740] RBP: 00007f1d12e8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  173.083087][ T8740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.091057][ T8740] R13: 000000000000000b R14: 00007f1d12303f60 R15: 00007ffcd091a6f8
[  173.099035][ T8740]  </TASK>
[  173.242439][ T8749] validate_nla: 3 callbacks suppressed
[  173.242458][ T8749] netlink: 'syz.2.933': attribute type 3 has an invalid length.
[  173.605196][ T8767] FAULT_INJECTION: forcing a failure.
[  173.605196][ T8767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.627339][ T8767] CPU: 1 PID: 8767 Comm: syz.0.942 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  173.637641][ T8767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  173.647804][ T8767] Call Trace:
[  173.651181][ T8767]  <TASK>
[  173.654129][ T8767]  dump_stack_lvl+0x241/0x360
[  173.658848][ T8767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.664160][ T8767]  ? __pfx__printk+0x10/0x10
[  173.668782][ T8767]  ? snprintf+0xda/0x120
[  173.673049][ T8767]  should_fail_ex+0x3b0/0x4e0
[  173.677758][ T8767]  _copy_to_user+0x2f/0xb0
[  173.682199][ T8767]  simple_read_from_buffer+0xca/0x150
[  173.687606][ T8767]  proc_fail_nth_read+0x1e9/0x250
[  173.692654][ T8767]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.698228][ T8767]  ? rw_verify_area+0x514/0x6b0
[  173.703100][ T8767]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.708677][ T8767]  vfs_read+0x204/0xbd0
[  173.712862][ T8767]  ? __pfx_lock_release+0x10/0x10
[  173.718000][ T8767]  ? do_sock_setsockopt+0x3e2/0x720
[  173.723230][ T8767]  ? __pfx_vfs_read+0x10/0x10
[  173.727935][ T8767]  ? __fget_files+0x29/0x470
[  173.732565][ T8767]  ? __fget_files+0x3f6/0x470
[  173.737289][ T8767]  ksys_read+0x1a0/0x2c0
[  173.741566][ T8767]  ? __pfx_ksys_read+0x10/0x10
[  173.746353][ T8767]  ? do_syscall_64+0x100/0x230
[  173.751122][ T8767]  ? do_syscall_64+0xb6/0x230
[  173.755798][ T8767]  do_syscall_64+0xf3/0x230
[  173.760313][ T8767]  ? clear_bhb_loop+0x35/0x90
[  173.764985][ T8767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.770963][ T8767] RIP: 0033:0x7f1d1217467c
[  173.775368][ T8767] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  173.794973][ T8767] RSP: 002b:00007f1d12e8d040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  173.803389][ T8767] RAX: ffffffffffffffda RBX: 00007f1d12303f60 RCX: 00007f1d1217467c
[  173.811352][ T8767] RDX: 000000000000000f RSI: 00007f1d12e8d0b0 RDI: 0000000000000004
[  173.819310][ T8767] RBP: 00007f1d12e8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  173.827276][ T8767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.835236][ T8767] R13: 000000000000000b R14: 00007f1d12303f60 R15: 00007ffcd091a6f8
[  173.843214][ T8767]  </TASK>
[  174.023102][ T8758] netlink: 'syz.2.937': attribute type 9 has an invalid length.
[  174.366079][ T8795] netlink: 'syz.2.951': attribute type 2 has an invalid length.
[  174.564708][ T8802] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.647731][ T8799] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.714257][ T8818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.748000][ T8819] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.802090][ T8813] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.813503][ T8810] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  175.106377][ T8826] __nla_validate_parse: 8 callbacks suppressed
[  175.106390][ T8826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.957'.
[  175.126185][ T8826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.957'.
[  175.178659][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.013124][ T8832] FAULT_INJECTION: forcing a failure.
[  176.013124][ T8832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.057414][ T8832] CPU: 1 PID: 8832 Comm: syz.0.958 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  176.067446][ T8832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  176.077525][ T8832] Call Trace:
[  176.080819][ T8832]  <TASK>
[  176.083762][ T8832]  dump_stack_lvl+0x241/0x360
[  176.088481][ T8832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.093798][ T8832]  ? __pfx__printk+0x10/0x10
[  176.098427][ T8832]  ? __pfx_lock_release+0x10/0x10
[  176.103495][ T8832]  should_fail_ex+0x3b0/0x4e0
[  176.108226][ T8832]  _copy_from_user+0x2f/0xe0
[  176.112846][ T8832]  copy_msghdr_from_user+0xae/0x680
[  176.118071][ T8832]  ? __pfx___might_resched+0x10/0x10
[  176.123384][ T8832]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  176.129316][ T8832]  ? __might_fault+0xaa/0x120
[  176.134027][ T8832]  __sys_sendmmsg+0x374/0x740
[  176.138748][ T8832]  ? __pfx___sys_sendmmsg+0x10/0x10
[  176.143994][ T8832]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  176.149891][ T8832]  ? ksys_write+0x23e/0x2c0
[  176.154418][ T8832]  ? __pfx_lock_release+0x10/0x10
[  176.159452][ T8832]  ? vfs_write+0x7c4/0xc90
[  176.163894][ T8832]  ? __mutex_unlock_slowpath+0x21d/0x750
[  176.169537][ T8832]  ? __pfx_vfs_write+0x10/0x10
[  176.174328][ T8832]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  176.180319][ T8832]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  176.186649][ T8832]  ? do_syscall_64+0x100/0x230
[  176.191421][ T8832]  __x64_sys_sendmmsg+0xa0/0xb0
[  176.196274][ T8832]  do_syscall_64+0xf3/0x230
[  176.200829][ T8832]  ? clear_bhb_loop+0x35/0x90
[  176.205511][ T8832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.211424][ T8832] RIP: 0033:0x7f1d12175b99
[  176.215843][ T8832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.235482][ T8832] RSP: 002b:00007f1d12e8d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  176.243896][ T8832] RAX: ffffffffffffffda RBX: 00007f1d12303f60 RCX: 00007f1d12175b99
[  176.251863][ T8832] RDX: 00000000000003ef RSI: 0000000020000180 RDI: 0000000000000003
[  176.259826][ T8832] RBP: 00007f1d12e8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  176.267790][ T8832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  176.275835][ T8832] R13: 000000000000000b R14: 00007f1d12303f60 R15: 00007ffcd091a6f8
[  176.283816][ T8832]  </TASK>
[  176.345563][ T8843] FAULT_INJECTION: forcing a failure.
[  176.345563][ T8843] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.361957][ T8839] netlink: 4 bytes leftover after parsing attributes in process `syz.2.960'.
[  176.369605][ T5090] Bluetooth: hci4: command 0x0405 tx timeout
[  176.387883][ T8843] CPU: 0 PID: 8843 Comm: syz.3.962 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  176.397911][ T8843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  176.407989][ T8843] Call Trace:
[  176.411284][ T8843]  <TASK>
[  176.414233][ T8843]  dump_stack_lvl+0x241/0x360
[  176.418943][ T8843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.424171][ T8843]  ? __pfx__printk+0x10/0x10
[  176.428792][ T8843]  ? __pfx_lock_release+0x10/0x10
[  176.433851][ T8843]  should_fail_ex+0x3b0/0x4e0
[  176.438565][ T8843]  _copy_from_user+0x2f/0xe0
[  176.443184][ T8843]  copy_from_sockptr_offset+0x6b/0xb0
[  176.448587][ T8843]  do_ip6t_set_ctl+0xbe6/0x1270
[  176.453477][ T8843]  ? __pfx___might_resched+0x10/0x10
[  176.458798][ T8843]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  176.464119][ T8843]  ? __pfx_lock_release+0x10/0x10
[  176.469187][ T8843]  ? __mutex_unlock_slowpath+0x21d/0x750
[  176.474858][ T8843]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  176.480879][ T8843]  nf_setsockopt+0x295/0x2c0
[  176.485501][ T8843]  dccp_setsockopt+0x17c/0x12c0
[  176.490381][ T8843]  ? __pfx_aa_sk_perm+0x10/0x10
[  176.495355][ T8843]  ? __pfx_dccp_setsockopt+0x10/0x10
[  176.500675][ T8843]  ? aa_sock_opt_perm+0x79/0x120
[  176.505644][ T8843]  ? sock_common_setsockopt+0x37/0xc0
[  176.511036][ T8843]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  176.513681][ T5097] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  176.516924][ T8843]  do_sock_setsockopt+0x3af/0x720
[  176.516962][ T8843]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  176.516981][ T8843]  ? __fget_files+0x29/0x470
[  176.517007][ T8843]  ? __fget_files+0x3f6/0x470
[  176.529380][ T5097] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  176.534607][ T8843]  __sys_setsockopt+0x1ae/0x250
[  176.534644][ T8843]  __x64_sys_setsockopt+0xb5/0xd0
[  176.542647][ T5097] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  176.543869][ T8843]  do_syscall_64+0xf3/0x230
[  176.543902][ T8843]  ? clear_bhb_loop+0x35/0x90
[  176.559259][ T5097] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  176.560664][ T8843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.560700][ T8843] RIP: 0033:0x7f1b30f75b99
[  176.568993][ T5097] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  176.572110][ T8843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.572130][ T8843] RSP: 002b:00007f1b31d9c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  176.572153][ T8843] RAX: ffffffffffffffda RBX: 00007f1b31103f60 RCX: 00007f1b30f75b99
[  176.577575][ T5097] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  176.583715][ T8843] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  176.583733][ T8843] RBP: 00007f1b31d9c0a0 R08: 00000000000003b8 R09: 0000000000000000
[  176.583745][ T8843] R10: 0000000020000800 R11: 0000000000000246 R12: 0000000000000001
[  176.583757][ T8843] R13: 000000000000000b R14: 00007f1b31103f60 R15: 00007ffcba7d29d8
[  176.583786][ T8843]  </TASK>
[  176.713449][ T8846] tipc: Started in network mode
[  176.731416][ T8846] tipc: Node identity , cluster identity 4711
[  176.740277][ T8846] FAULT_INJECTION: forcing a failure.
[  176.740277][ T8846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.755167][ T8846] CPU: 0 PID: 8846 Comm: syz.0.964 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  176.765180][ T8846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  176.775248][ T8846] Call Trace:
[  176.778553][ T8846]  <TASK>
[  176.781477][ T8846]  dump_stack_lvl+0x241/0x360
[  176.786149][ T8846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.791342][ T8846]  ? __pfx__printk+0x10/0x10
[  176.795956][ T8846]  ? snprintf+0xda/0x120
[  176.800227][ T8846]  should_fail_ex+0x3b0/0x4e0
[  176.804924][ T8846]  _copy_to_user+0x2f/0xb0
[  176.809381][ T8846]  simple_read_from_buffer+0xca/0x150
[  176.814786][ T8846]  proc_fail_nth_read+0x1e9/0x250
[  176.815062][ T8854] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
[  176.819819][ T8846]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.832465][ T8854] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  176.837990][ T8846]  ? rw_verify_area+0x514/0x6b0
[  176.846373][ T8854] CPU: 1 PID: 8854 Comm: syz.3.965 Not tainted 6.10.0-rc5-syzkaller-00194-g8905a2c7d39b #0
[  176.851197][ T8846]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.861150][ T8854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  176.866664][ T8846]  vfs_read+0x204/0xbd0
[  176.876690][ T8854] RIP: 0010:dev_map_enqueue+0x31/0x3e0
[  176.880818][ T8846]  ? __pfx_lock_release+0x10/0x10
[  176.886245][ T8854] Code: 41 56 41 55 41 54 53 48 83 ec 18 49 89 d4 49 89 f5 48 89 fd 49 be 00 00 00 00 00 fc ff df e8 f6 a0 d7 ff 48 89 e8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 ef e8 50 56 3d 00 4c 8b 7d 00 48 83 c5
[  176.891241][ T8846]  ? __pfx_vfs_read+0x10/0x10
[  176.910811][ T8854] RSP: 0018:ffffc900a8787678 EFLAGS: 00010246
[  176.915458][ T8846]  ? __fget_files+0x29/0x470
[  176.921510][ T8854] 
[  176.926078][ T8846]  ? __fget_files+0x3f6/0x470
[  176.928392][ T8854] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  176.933051][ T8846]  ksys_read+0x1a0/0x2c0
[  176.940995][ T8854] RDX: ffffc90012300000 RSI: 00000000000008ef RDI: 00000000000008f0
[  176.945236][ T8846]  ? __pfx_ksys_read+0x10/0x10
[  176.953175][ T8854] RBP: 0000000000000000 R08: ffffffff8961aa26 R09: ffffffff8961a9e3
[  176.957914][ T8846]  ? do_syscall_64+0x100/0x230
[  176.965857][ T8854] R10: 0000000000000004 R11: ffff88802efd9e00 R12: ffff88802ad00000
[  176.970611][ T8846]  ? do_syscall_64+0xb6/0x230
[  176.978553][ T8854] R13: ffff88805251f070 R14: dffffc0000000000 R15: 0000000000000000
[  176.983383][ T8846]  do_syscall_64+0xf3/0x230
[  176.991346][ T8854] FS:  00007f1b31d7b6c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  176.995831][ T8846]  ? clear_bhb_loop+0x35/0x90
[  177.007092][ T8854] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  177.012106][ T8846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.018920][ T8854] CR2: 000000110c356c05 CR3: 000000005571c000 CR4: 00000000003506f0
[  177.024802][ T8846] RIP: 0033:0x7f1d1217467c
[  177.032751][ T8854] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  177.037256][ T8846] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  177.045218][ T8854] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  177.064818][ T8846] RSP: 002b:00007f1d12e8d040 EFLAGS: 00000246
[  177.072768][ T8854] Call Trace:
[  177.072782][ T8854]  <TASK>
[  177.078819][ T8846]  ORIG_RAX: 0000000000000000
[  177.082176][ T8854]  ? __die_body+0x88/0xe0
[  177.085084][ T8846] RAX: ffffffffffffffda RBX: 00007f1d12303f60 RCX: 00007f1d1217467c
[  177.089734][ T8854]  ? die_addr+0x108/0x140
[  177.094144][ T8846] RDX: 000000000000000f RSI: 00007f1d12e8d0b0 RDI: 0000000000000004
[  177.103985][ T8854]  ? exc_general_protection+0x3dd/0x5d0
[  177.109303][ T8846] RBP: 00007f1d12e8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  177.117357][ T8854]  ? asm_exc_general_protection+0x26/0x30
[  177.122955][ T8846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.131060][ T8854]  ? xdp_do_redirect_frame+0x243/0x660
[  177.136755][ T8846] R13: 000000000000000b R14: 00007f1d12303f60 R15: 00007ffcd091a6f8
[  177.144789][ T8854]  ? xdp_do_redirect_frame+0x286/0x660
[  177.150231][ T8846]  </TASK>
[  177.158277][ T8854]  ? dev_map_enqueue+0x31/0x3e0
[  177.172308][ T8854]  ? dev_map_enqueue+0x2a/0x3e0
[  177.177171][ T8854]  xdp_do_redirect_frame+0x2a6/0x660
[  177.182463][ T8854]  bpf_test_run_xdp_live+0xe60/0x1e60
[  177.188381][ T8854]  ? bpf_test_run_xdp_live+0x724/0x1e60
[  177.194361][ T8854]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  177.200215][ T8854]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  177.206143][ T8854]  ? __might_fault+0xaa/0x120
[  177.210931][ T8854]  ? __might_fault+0xc6/0x120
[  177.215607][ T8854]  ? _copy_from_user+0xa6/0xe0
[  177.220402][ T8854]  ? bpf_test_init+0x15a/0x180
[  177.225432][ T8854]  ? xdp_convert_md_to_buff+0x5b/0x330
[  177.231330][ T8854]  bpf_prog_test_run_xdp+0x80e/0x11b0
[  177.237393][ T8854]  ? __pfx_lock_release+0x10/0x10
[  177.243116][ T8854]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  177.248944][ T8854]  ? __fget_files+0x29/0x470
[  177.253544][ T8854]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  177.259417][ T8854]  bpf_prog_test_run+0x33a/0x3b0
[  177.264353][ T8854]  __sys_bpf+0x48d/0x810
[  177.268614][ T8854]  ? __pfx___sys_bpf+0x10/0x10
[  177.273570][ T8854]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  177.279563][ T8854]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  177.286000][ T8854]  ? do_syscall_64+0x100/0x230
[  177.290801][ T8854]  __x64_sys_bpf+0x7c/0x90
[  177.295257][ T8854]  do_syscall_64+0xf3/0x230
[  177.300441][ T8854]  ? clear_bhb_loop+0x35/0x90
[  177.305999][ T8854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.312090][ T8854] RIP: 0033:0x7f1b30f75b99
[  177.316707][ T8854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.336440][ T8854] RSP: 002b:00007f1b31d7b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  177.344866][ T8854] RAX: ffffffffffffffda RBX: 00007f1b31104038 RCX: 00007f1b30f75b99
[  177.352935][ T8854] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a
[  177.360902][ T8854] RBP: 00007f1b30fe4a7a R08: 0000000000000000 R09: 0000000000000000
[  177.368895][ T8854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  177.376905][ T8854] R13: 000000000000006e R14: 00007f1b31104038 R15: 00007ffcba7d29d8
[  177.384962][ T8854]  </TASK>
[  177.387969][ T8854] Modules linked in:
[  177.392033][ T8854] ---[ end trace 0000000000000000 ]---
[  177.397541][ T8854] RIP: 0010:dev_map_enqueue+0x31/0x3e0
[  177.403052][ T8854] Code: 41 56 41 55 41 54 53 48 83 ec 18 49 89 d4 49 89 f5 48 89 fd 49 be 00 00 00 00 00 fc ff df e8 f6 a0 d7 ff 48 89 e8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 ef e8 50 56 3d 00 4c 8b 7d 00 48 83 c5
[  177.422720][ T8854] RSP: 0018:ffffc900a8787678 EFLAGS: 00010246
[  177.428840][ T8854] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  177.436824][ T8854] RDX: ffffc90012300000 RSI: 00000000000008ef RDI: 00000000000008f0
[  177.445288][ T8854] RBP: 0000000000000000 R08: ffffffff8961aa26 R09: ffffffff8961a9e3
[  177.454113][ T8854] R10: 0000000000000004 R11: ffff88802efd9e00 R12: ffff88802ad00000
[  177.462175][ T8854] R13: ffff88805251f070 R14: dffffc0000000000 R15: 0000000000000000
[  177.470286][ T8854] FS:  00007f1b31d7b6c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  177.475096][ T8858] FAULT_INJECTION: forcing a failure.
[  177.475096][ T8858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.479271][ T8854] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  177.479292][ T8854] CR2: 000000110c356c05 CR3: 000000005571c000 CR4: 00000000003506f0
[  177.479308][ T8854] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  177.479319][ T8854] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  177.479333][ T8854] Kernel panic - not syncing: Fatal exception in interrupt
[  177.479662][ T8854] Kernel Offset: disabled