last executing test programs:

31.461075793s ago: executing program 1 (id=1780):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
r1 = socket$inet6(0xa, 0x3, 0xb5f)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0, @ANYBLOB="4b26c608fdc1c3f6c9f64b501f738a2056ff2fce6fb7a59f8527c4239ae62488312a65222c9be605c4a0d4ba36480766c32cf5ecb90b710ba6bbcfa9423456601392fae865c6fd7eac8c3a32", @ANYRES16=r1, @ANYRES64=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x8000400)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000200)={@val, @val={0x0, 0x7, 0x8001, 0x3, 0x17, 0xf3a0}, @eth={@multicast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x14, 0xe4, 0x0, 0x1, 0x6, 0x0, @remote, @remote}}}}}}, 0x30)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newtaction={0x48, 0x32, 0x1, 0x70bd25, 0x0, {0x0, 0x0, 0x11}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3, {0x1}}, {0xc}}}]}]}, 0x48}}, 0x44)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x110, 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4044081}, 0x8004)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7089b7d0000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000040000850000000100000085000000500000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="020100030e000000000000000000000005000600000000000a00000000000000fc000000000000000000000000000000000000000000000005000500000000000a00000000000000060100000000000000000000000000aa0100000000000000020013"], 0x70}}, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x810, 0xffffffffffffffff, 0x0)

30.627176328s ago: executing program 1 (id=1790):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={<r1=>0x0, @in={{0x2, 0x4e20, @multicast1}}, 0x5, 0x5}, &(0x7f0000000140)=0x90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)={0x48, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x4d}, @val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}]}]]}, 0x48}, 0x1, 0x0, 0x0, 0x8050}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000001c0)={r1, 0x5}, &(0x7f0000000380)=0x8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200002000000000000000000000008500000041000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r6, 0x0, 0xe, 0x0, &(0x7f0000000740)="6fd92f5c3fbecb0c72abdb6e3b92", 0x0, 0x1500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$unix(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001340)="94da5eccb51e1a20410c304bb9841c6c967a604d30a461d0388cc5fd426109c870743efecee87b334e805c3784d5c181a970fe7ccbb8db3cd674bb6002f327554c3e4d711279673da6e27ec54f82e695ea6d5b3dcf0469d09109c778e2d767221b8ccc69346c927c14b19cc1ae45d93aeaace92a9d8b7bfe1e85e7c3e3b05dbaa6acf16c804726566093aa57773bac4c1f1be5e98e7f7bc6a37195a66f1649b82e56c8b6a25796e3d7819f5cc66abd8c8ae79e38382ec434ed239a2ceda5ecef75515b1bf1a89654e5b1c64ed9dd282fdc78380ef06729daf13efa410c360f63398d557686303a60e10a56cce1cc27323d229015d3246d3ccee891490dffc537ec55673ada12b257d8de9542172e18466a666aaf92c1a46c9e6b7ffa0aea5e85c7275c8d3b63a4de4cd3585acb73bec3b1cc1b367209c5f39d21846e3514a3864c450ee03772706f0c0c971eea2b251c4aa2f4c1e09b548ffffa61acb4da7dd8455ac1ae19ada3776e73746c355bac4d59091a9901596c9de3d11da283ccaefd1777132a8f06a82ff6a1e88623c8339dd388b8e4229801b9d8b075b78e6ffde8b3f00930721d397707ca813875b2e06ea7bb817f416b63ae741c2b4afeeca2e9f36a7da8f5e6a71847e282859a28c8c52559b8fa67c4d7d78d4e2078db902f90c2e553effc8f8aae03904fcb4b0dec0f92bcad45cfe30031404a3c0869b2c8270997492ae2d2acb5d3167d696fbc9e76a60067fc11c84801507f056d20b7e79ca9ee49b177128cedd7d77548f9c7636dba807a5ee6a9c5031ce072ab55d41989ac01d68332ec3084002ab2c04af2d371ab0d5327fa9932632ac871caf4209fb9f7a86eaae0fbbc959c30451b30d0461352a5a8f1537a7edb033471b6cd3f241dc19807e9827d8dbb1d4009a178454d586d16f3dee36a437fa3b202eb7a4a1d7fdb20f9cb5e8ad6a89c5676c5397404e7550f2dd934dceeca80ce426310ddd4fcfa7424b6ecd4e8775f11deda90d7268d95dc951b3371e4c69d2fa56536f7e26f7217c639428e1a376b37a597b488dd4eaba7cfe16f78562d209836bfe294c51b655a73509d66c6d8b2e0a70273263e530fa7d08259a70799d86e436b0e5bab13c8011b58a5a81d2eb217cedf4a49e7c315e2fc3a19a1ed7e2cd219817f082a9dfa0ff7018f210aa70d73ac53787d0657ac3c17a9a89f28ff6d9273c0bf0f2abfc712482d3aadf10a41bf0a88f90d670a1f6158016c84675a001b2a50058e550e3baf33e355f758caae5c8f3d298c03d6e9ddce7af248702adda2ae3fb51bcc999d7cf62a5153da4f8c3bd1ec169f666722d0e2da66b219d6a2fe032a9fb64d494217bd4786d7535c3ef43b78bfbc2a2e05150d260f5971cc497db461a63ed53e04a9072522dca0db6786b6c82d6994b6f72afbe8d14348f3e8e1ee3307b170913eb4d741ffa8ef5df7a2d1ab71c2036dd7e6dab5bb00143bf4de2aa5ef161032be8d50c56801bf4f7c5bf3dd93d721d16c80fc831c7d7faa7dd38fa96f79d9a9a968d1f9c9a34ff00e7c9d648e6c17bd5aa855c6e48f534af1497c160540a40feff567fa7c5454fc16ebfbe27c5e86d0c02e0f59f683ae418a462c2b40e0a911f86912cf14f9723f327664231769fb0f8eb60e1a8d1afb75ab2108e4114316afd8bf61006622cd71548f62f931898d77a7f1a3f0c483b60417fd05c60db6595e10907ac3d52347b606e81933fbe6caa0efea0911c104b25790afab08b8e4d9ecc70dfe8fa39c148f0c521e2ca7f4974354f787ea8f655b448e6a7131134be870d6f1f55a72a8ebe44a5ea627a80b99c6a06c8e0b1ded736f2c3a06e18946befee1fb9cc689a478744cd2b8bb7d16a3a60e53a983364cc75d7e21c02ad5764793e833b93e1237b4eae2236a44314dc78451784a417120d07089443b7ff954877c18cdf8f22dab68062b984cef3c4393b4b6bf78c1a184ee2d6a59560a3e28714ed2dc87b50113b160585826777427a4bef3f5a32b7102779f114cf8e32c4206f61f85b79d3b98c208e858748061179bc2ecef6909a08f213a03c85022095b49548aef1fde9db58df7c32285fed374c078bf6892e6483d7e48d131391fc150f4055022cd5e091acf61b31fecd595bbbac3c99587f0d814c7f131bb91d348748d35bf4a21d93d69b5e77f605788d07ab30a40b9cc5c0c8c7e8ee24d8946def655dbdd5eb315e37149b16367b3c59eb375c413ee22ab1ffb70c1f100345efa5255a74f1578cb60d7272fe435eaee93692c3ebee41b8b815a2b9dcbd05771f5a1de063928ba49ea607dc8125bf0ad42fdc15e63f283b4f341e65de4553e3c054d7652420685e0c360d36b895e36eae25ff9decfce60a33280be2f34e80195f04ed14d27c5ef6dcec1f3851bafb0874f44ff609e754c9c2d8fe3b352656e79c106268ab854eae55ef58b3725feaacc808f2c09839a4916614cf7173ef04dc5df7d85b9e1d238a7dfba7db1be35545088bd6083bb5e3c5b79048f7a82bc04fd18ab6b92822a96ee13a5851c8194b4c25cd5ec3526633be55cf36dcce48426643e29d8c39bba7ca18054428577fb80842da89644c5e76f751996c8da610e706ba9789f3cd1127ec648338a7d140f2ddc539195a99ed7ff0831bb1bb5995566fe397bd90330b33e8d346d3e75fc72f8007d8e687e72c834d7365dcfa903183d7af301fba25affb80c596cb633309c11bb52a9f384a5eb8abc2c8abe528c49880c6129f3e211890c72dbe76ba0529e2c33e2b8d322c67107608d9f317cca562faadbd7c1172e9768794795950e4c9f54aabd55bbdd4a30158b694d23f6917c09e9f5f2defee60a504b2913ad50706467c2ed843c79ae85fea9a956598ffdb61981928eb4800873fb78f33b0d78d2f63c6615b36e5882ec34377e35df88e4d1b6bd1ea52a77254641d99beaeb31ef6a83fad9fea2982c2ea0c5dffe9c14b6b11b42d521aee6669345798fe8f87cfa4ee30527643b69d2590357da0f25bc38a5e37551e1c655f4c0b03d71e6a39a15f0de3778ed8619bcfc104b19b3fc21c285b9d7f6d26a45dd25dd1849800f3311b7dedc2d69c60f917cabd808c92ea83464fb0b0ea750439a1eb6eb9354baa28777371b758d68b1c72c158ecc06843671a91022d5c0bf0d4b80bbf1c10a6843d8bb0472a79d352409b14c5cbb2ef279648adb5af833a7fde4cf10d8ec3cb8ac54c866eb49eed0adcc46ae82cce842e13871fa5810bfd1633e9ef2cd6a9cdc753eae3d68c592ef53f6550f2807d6ee5fdd4070fd6d3b3e26ac6dd1932d0a6c04878f9e374d4aafae116e5ca32592022a213d3063785fb7836a64d5807f5cb05b490b01a30036a56a44a3efbe7d1f627a38ff4cfcb192f7be94694716fc602ba651ed68404b3d16edb82fa60d31dfb3881f3c551c6050b022d4399e909f5c38741d4309e6808d16302c4d9af6ae115a704181238754cda697211043f40b924742b862414e9ca451ef1a9a26e8a7ae0a54f8ed7571974f90996505ba49fc0b7c80a969aa8eb03d3f31d58057f24f91b46c5b1635f773a33f9024c2bda5c87261231675462d03ecb84de96f8c3d63aa8f45f6dcd4c7153cd1e237d9b88a6a3788948065a4dd11e4e198d545ff7f6c9c19a7cc6e59193f86aa1dea5ece57be9ce43afe32eb2d5228198857c1f83be05000fe819078932a2b4895b961ba86b6d2e2728f89ff1ee7b4d86608690e7fd7d9ebad12638c9432b4b7adde401be2fa8a983571746561af1fea7aaac8a1c54cdbe9107708ab86e676b43c33fa0941f71d11a2f3a2372e1a03e9dd5075fe7e8e3c70ef253886df082e737dc372c62adfa68e55be25874aec903678f125671d03314f7fe89bd8922f62f946b0cbd798ce4a482045d624ee5e1d694d967551d4fcf92c3e056241a0601b831c56b298a1735ec4c52339f2636139b2d10dcf9ac66ff71a9687128054d5542f526ba05a1f921d4d16bd2ef749557dee980f4c678591ee6ef93e9187799ed0f12d189137c08ad5dff262d0e000b675aab3ce37ba8a85b11648c5d98de361f926fd58679ae57899fd54c6e77cc182fad914dc67e4866ef8b41be489e210ddb9181704fb36781bb34f2a5c50cc51272107ad03ee6823b9e9ea7675e272d39cee4596e77c5bcecfb9e0709f163ff8d09525c6ab909d2ed4f94733df2306af8dd286534125f57eda3f97bafa27db8615ad99b820b33143494221c7540a2138dde34ecae2393b647e2fd7a06c50dc23d0464fb27556d8097881d3675d9af2853e0f3f3d873506f030356d4a820f48c12d774bb06af1a947b2cece054646c1463007d1d3e250c3a658b639d2f8c9601cf9264449ed928801cd9c714504339f8f99e517549ec99563900d6f1763e81f38b7de01c6ad708386513e413b0898c853a3f606ce768cdc83fce7d42dbd0b0790cf19460f6ce4a5fd8f07def3319aaf91fe53dd10ed95f24ebdf78d34808867f3f4be51ed5d047aa214355a1b98b5690cd8d13ff20cd14527c09e24e8a86010c4fbb5769d58dfb73c1fd0b7620117a96923182bde2765165301b76cd7bcdf42ed6466398fbc4fa4cc58c6edaa1d86bc0e3bcc5b77f93c952bcee177933bba6bd157c75df99383fe8740673f4fa818d6c29a848283ac7f98cf268924c70a94c80d8827ec90b286b3952ca024938208ee51efa1f40f22301b89ee41238d2bcd91add66680c2f84a6ec7d7a835216ed05c907ff26cf414c52b564c16bcb71b2821fead0233adcaef9e925dbd4c7579a4897f533afb58794611f7e416046575fafb298d55c8139e10524b7a167e5b3f3e60dde5fe6cb2afc704371bdc1d9c2129e4050fedecec5c551a833d2bf0ccc5080205c4e6ec697f94c40578f427bdeb78b5208182850d29c75bcbd8d6e6e9c2364471be22b3cf05f3c52fd61d257d497ed92b64fd2d08460ceb854cb5d250619ef01fa77c7d3e8af3c8c080a8f049fae9d8e430427a5e65625f4f14b857ed75ae8d08bf9d5e4476ee52ce4120d8df65e810a658c04a2e1349ad6dc96ebc04ea104456e00f7b2eb5a8058dd4c45a1fbb5e8e04fe885a14c2537364cb100877974c066e91253163fb34aeecf7ae49a2724bf42cd7cfa5e24bedcea3d81f7d19510eae600eec40bae2d0e0cfc8ca07ce84c266b7f69eea654a238ec4c5b31c4bac37412c315f29aa6462b6ab02b4e97625a05b59032948594537c8d1d48d2222cfc1b87deb26418ab6f2b9ab90ac4354b5e541b9e3c5ad9ad9031b1643ba303055b4cc59168851fb9a064a58b3ac03a4f5cac7148b053120b4aaf15437b4105617f910d77f410e1a9d385aa87cd9ea53d9c892e4def86ada42", 0xed1}], 0x1}, 0x20000001)
recvmsg$unix(r7, &(0x7f0000000580)={0x0, 0x2000000, 0x0}, 0x10002)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x11, 0x4, 0x4, 0x112, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r10, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={0x54, r11, 0x1, 0x70bd25, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xffffffffffffffd1, 0xb, 0x4}, {0x6}, {0x8, 0x13, 0xb}, {0x5}}]}, 0x54}, 0x1, 0x0, 0x0, 0x44040}, 0x4004000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r9}, &(0x7f00000006c0), &(0x7f0000000700)=r5}, 0x20)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r12, 0x2, 0x0, 0x0, @void, @value}, 0x10)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r13, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB="540000000706010d00000000000000000500000405000100070000000700010007"], 0x54}, 0x1, 0x0, 0x0, 0x24000040}, 0x14)
socket$packet(0x11, 0x3, 0x300)

29.625262655s ago: executing program 1 (id=1806):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r0, 0x0, 0x3}, 0x18)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x20008100)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x2)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0x806000)
ioctl$FS_IOC_RESVSP(r3, 0x40305829, &(0x7f0000000740)={0x0, 0x2, 0x2, 0x8000000000400})
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x13, r2, 0x7ca8e000)
writev(r3, &(0x7f0000000080)=[{0x0}], 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x14, 0x2, 0x6, 0x5}, 0x14}}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r4, 0x1, 0x52, 0x0, &(0x7f00000001c0))
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfeb0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000f8ffffffffffffff00ffdbdf2507006000"], 0x14}, 0x1, 0x0, 0x0, 0x4881}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="6c00000010001fff010000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000440012800b00010067656e657665000034000280"], 0x6c}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000012020000000000000000000001050000018000000000000000010000850200000000000000010000000000000400000000da"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={r6, 0x20, &(0x7f0000000440)={&(0x7f0000000780)=""/4125, 0x101d, 0x0, &(0x7f0000000380)=""/96, 0x60}}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58)
accept4(r7, 0x0, 0x0, 0x0)

29.283085297s ago: executing program 1 (id=1811):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010010000000ffdbdf2530", @ANYRES32, @ANYBLOB="20000000000000001c0012800b0001006d616373656300000c00028005000f"], 0x3c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x8, 0x10101, 0x7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r4}, 0xc)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="5000000010000100"/19, @ANYRES32=0x0, @ANYBLOB="022100000000000014000300766c616e30000000000000000000000008000a00", @ANYBLOB="14001680100001"], 0x50}}, 0x0)

15.648356828s ago: executing program 1 (id=1811):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010010000000ffdbdf2530", @ANYRES32, @ANYBLOB="20000000000000001c0012800b0001006d616373656300000c00028005000f"], 0x3c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x8, 0x10101, 0x7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r4}, 0xc)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="5000000010000100"/19, @ANYRES32=0x0, @ANYBLOB="022100000000000014000300766c616e30000000000000000000000008000a00", @ANYBLOB="14001680100001"], 0x50}}, 0x0)

3.740526805s ago: executing program 1 (id=1811):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010010000000ffdbdf2530", @ANYRES32, @ANYBLOB="20000000000000001c0012800b0001006d616373656300000c00028005000f"], 0x3c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x8, 0x10101, 0x7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r4}, 0xc)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="5000000010000100"/19, @ANYRES32=0x0, @ANYBLOB="022100000000000014000300766c616e30000000000000000000000008000a00", @ANYBLOB="14001680100001"], 0x50}}, 0x0)

2.453451287s ago: executing program 4 (id=2063):
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'dummy0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}}, 0x200000000000000)

2.411122238s ago: executing program 0 (id=2064):
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x3, 0xff)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305c3ffffff0000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

2.300176254s ago: executing program 4 (id=2065):
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="000086dd020303009c000a004000623d885d009c11fffc0000fff50000000000000000000000ff0200000000000000000000000000014e224e21009c90"], 0xd2)

2.267813226s ago: executing program 2 (id=2066):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000004d40)=[{{&(0x7f0000002f00)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10, &(0x7f0000003440)=[{&(0x7f0000002f40)="d60271e3251540aa8ec3a4260236d8612471e0bf4fc622d6f6e915b35ae59e9723", 0x21}, {&(0x7f0000002f80)="3680beb96801ba2b363f9089c2dcdafc85737db46d5c1f59fcad46f938385dfbc86a58d7609487a24caff21ffbbb75f4987021fe0df80be01d0db2487929d3d806efad51a42e826cd0e39f6e8ebb67a0a3e6ba451225ccb7e2a7ab718c185a3df24ab83a16cd5fb4cb957a5b2e94b98ea7809228a8dc4043044cdbe0a9222dd0cab2b946ef836f4f09fb3fcb0db108e52c90f6dc0518559ea57fd5a462c7187a303c8f8dfdcb01bd0d6330a07e61b0a38cba7780941367c765c2d10a7d2a1df91aa768e8", 0xc4}, {&(0x7f0000003080)="a29659c793574978a41d6bcf9df5f79f40da625c54c2768a34b3cd28bb138fe8146245ab8ddcd5b4165d2ca64616de89eafb66048fd07387bd56b0567c04330f330e00cbfe97c0f03bd4825bd7c2fb77021d5381ad93e82adfe934ef80e358eca8c9fffe8a00bcabbf1473dfd50824bd7c5a60c6f8f86daee665de754dfdb0a6f5c43b46bea18f04f6db8e721c7518969c28d4d5200c16b1f1dc9c63fdf7dba7315a23d4bb9221905eabb986564cde36d93061b1f4bf31ceb18f9fb2ee6fcb", 0xbf}, {&(0x7f0000003140)="71de191e235ab7cce71bb6d76f69f46f2341824002ad254cb9ab61847006c5f3270f86328fae3f9530464b526b6707c100f20b0bd96773cffeed463d4d0b6a8bc88fbd79d1573347de1a6077ac36e72590fae18308752c74f2fcccd6d9361cc2974b1fdaa35c79", 0x67}, {&(0x7f0000003240)="63d2698a35543b779a47da1e2f44cddbb95e97fde61237655951d05a1735a4dea01c0cf4ef1d59c90490e7ebd48182892281acaf34256721909ec0e77bac5cc77fb95742f1fc60a67939bfe459dc39d80f92d03ea7a2500c07febd875128e86d9f999b9e8dcca0894d6b5d19b120329d3b5c209fc4670ef4622696227d900fb666a838dfa7a122e6002409e4e7fb40e3645b08928beea2bc6acf01e42c77dc", 0x9f}, {&(0x7f0000003380)="e98326e8b96bbb2df9bfe646ed157cfdaa4188fdfd7b9a344c23974527b8c2925d", 0x21}], 0x6, &(0x7f00000034c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}, {{&(0x7f0000003500)={0x2, 0x4e24, @private=0xa010100}, 0x10, &(0x7f00000046c0)=[{&(0x7f0000003540)="25e79c0a3fb13b5b68cc5471ebf26a04ab1e6e3d9532b3bdfd76b37ac1d117dbe889735f62e0ce8f52add9d87ac61516eea7542083", 0x35}, {&(0x7f00000035c0)}], 0x2}}], 0x2, 0x8000)

2.12470964s ago: executing program 2 (id=2068):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001300)={<r0=>0xffffffffffffffff})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x274, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x23c, 0x4, 0x0, 0x1, [{0x238, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x212, 0x3, "d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbaddefdaa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c755ddcf27132985442e9b8df16f96c82e72e3e2491856d0775"}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}]}], {0x14}}, 0x29c}}, 0x4048010)
socket$tipc(0x1e, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x40080)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000304016100"/20, @ANYRESHEX=r0, @ANYBLOB="d3ddd1de00000000140012800b0001006d616373656300000400028008000500cf7852ff60940c5cdcaafcde793cba1207533a4fcd7a55b07d657b759a52739ac699223baaa7a9706b8b5a1f73b51af8167395518554b1ba324e531c0019e32777d91fa142", @ANYRES32=0x0, @ANYRES64=r2], 0x44}}, 0x4010)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x503, 0x2, 0x200000, {0x0, 0x0, 0x0, 0x0, 0x66e99, 0x74c4d}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40400c0}, 0x20000000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYBLOB="0040010001800000280037"], 0x48}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f00000000c0)={0x77359400}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="8500000008000000760000000000000027000000000000009500000000000000d9e029f8c1652bc575bc1dc3a9fa16094393337a693d6504978ceb558b41537525a394249a1506da9ac69561c187afa3ba7ebc3af563e1e94ceec996695d1d26bbfb2feebab62478775a18852a3359fb20d4d020daf585b85d18b24cf00e3ac10552a5c9acddcb10eae4445de245fe9c7bf90262293683e504b59ef6d4568f30efe6465b5e0aeb3c6f9f5c6ad0a0891670e48b75f800"/192], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37)
close(r6)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000f3ff0000000000e6bb3d9b9b5b5d9889d7a827a63c6d59002b94e74d4b4e3267e67b4020265bfc1da403015b0633ea95a169abf434266ee682b8d079e65064414e2648fa8834b52138f828bfc0a6f514e31de6c841a6c084d3e105d28d8fd7f24a3a0dff40b9f6f5edcb62d17d9e772119eaa5ddb5c33a67f4ce0a6d0b295e55e2f9acfea3a26ea78ca37f0d70", @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xf, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014100000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32=r7, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r7}, &(0x7f0000000100), &(0x7f0000000140)=r6}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r7, &(0x7f0000001340)="8b69b3f8490a0effab577b51c40edc0fa423d34dd6cc6ec13f8ffd673149c1b6c9d820c93c0dcbb569d5bb1e0fed0f296f4ab53cf31b6805f6b3f9823f348d9759f15f38d80355a2bf30659986b11870df48c6e67a06ad8e70ac77047a55f5f95aa2154fe6c74fab855e8ab004c977472a4953798d6972fe7b29ab4500cf549f311335f40979ba7a7e51c7e4560bd4f19cd3ff45c862fe34038db49c7ab35b6ecfaacf86d812181f5575bf1c235b99899cc42690ce0713f2a3307a16cc55c050e19a0675a628d550b5ab9f04318dca0cb4a1db41d7c63c7231fea255bd2c754b70deed601889ab91df5c674b636e92d11698e020a7e1cb19d5d4ef4aff182e702b51e7ef9e56321a9146c33962a1535c6a1b30d69fe43e757a5484fb931c1941474c66395536b77683fedd5339fb7f1768d1db8d5013a2440fa87d38024e22cf12bbf8a073ddb77fa34ebfa0311fdc5d99c2d85dd649b235ce4b60e7594d3c78df353cf2de995a0be087f3571a86ea529f3bb618e4209ef2fcf7416cdff8317880e779ad8d5acefaf426bdb598671748f32447f72103c13584864250440eca42dbd7602933303f02593968cc1a193717859cac4ea581ed2748e5ea001ce6362dffc83e68398c5b4e5d9cebbfe8d894dcd2befde91840ea3d8542b58964073c4f03e95b3d6f429f5002a60176baecef6aef21082581b40f7acc6e669e6be5d5ee7272ca80755f2350ce74a89778a7e8702b4c3fbfa01fb631e0ab00eee14a1238dbdecb124b4926a332ea33b55ff31719fde78eba69f49bc8fa26923a9c61f92440858cff24832138ee813acd28d19abbbea5b74003e8b2f7ebb4356913be0c67c74cbb2268e4485d8c4a9d25f5355de19bb38213be4c5b999bddee25a1db3db32bbf04f226b0d607c8b8155159ef22a1c236236cc9f660c4aeeda8fce926fe7139535d1ffa77a58166ea20c8025d7fa98aa2bdda30e0beafaed03de222101292b99beb9315f52d7385d395efca942d60765342cbd1ac8ad77708e1ec8e3d78c5ef08b20662d3bb688f4d260b9439f8d822022f23a06e77a2ddb7437b2a165abf14bea7e1389ad465ef8c8a8afa046e72b3990399888952c781488b74ec39f7ca0b31c2e5e875706cdc7faf317bac57c7dab620a3d987bb57a2d53ff1e2d43f87f8ea48a64315867a246172f6a82e330fbd21a533e0f09df60cddcb39e65642c50ca59455973603443eaeee970b661a7682f8225a06a759c3b2104530420e77a42e02ecd74a76c3de987830272120f3a685074c5506c9f5e5af46f0189f7cbf345cbbd69749807603136d8eda1cc583973312b03369adac73ccc7d179153fd65fdec6949c748aec9f36a22858690c63b1cd6fb3d0b3b3e72a6ac63f75e7fb0dae48f000d025a0a67efd35be7a53a6866cea37ffd409240940efd19e6b1a5f7bd3b0822c6253df70d0db45845e95612de05bc00d4d6326c11c4ada8da77030326d3af1013d25e3d8af636c07744d8015ca88081bda26d2b3f5af92091439b7fb5ab035f48fe578d7befea44cfaded23f2ea8000fc95a529052e98b00dddb7e1da58288a11b9304416b6bb47444e0cec76e124b6535744d68e3ef3e9cd0e11d9ff6554d0a6da42c4a8cade5c6a5245928748cbcbc56cce53ebe052bb3cd891a45332b120671d82801e366ea1418ea39377dda14fcda80fb7861b848d6a299282d4be4ef341917b20a38be69ecc7af7221711261da53e8cf24877c25c8c933a7c08e70d262da808abbb0e280179964099dd0e56b5ccac68665556ca632a7a05117c0bf4857fa4bafa56f2a1099a1c9990905766e5d5c43128e1fa11928a66ea7f4e67b47532242909946f0dfc9573c9e91a8c07dbdd3eab0bb50b8455896b2c64605d23a0f7eaee23b4243d59d9e4d31901d5ddf5894fd5d1ab57641207610399153ed50e248632fb77fde7415fae249f0d03f862129a5e6ccc2b3f729617dd898d2a0d4314dabe4ba44629e70187c39e479ac75f0e3f56084ed61edd7a87a64e1205ed463ff6c5360632077215bfbbc2a0355d146e761761e0ec13224fa6f2cff44236f699311833fb610a6dfe208b49fb043064a3bc07175bd49039a2ed526174f73ff3924c9acaebd00ad4ce9ea274d4696bd2769a3756f6bf6d398b615233dfa8bbc03a64a3d8978c2fb814e6d24e94bd2707bc0a7f7227236fb89afe09ff8e8cc0a0ad1e72fb2c5c1ca7191b3d159c1562f1707d62abb040d2f54b053494cd999c14de373912fb88576c0ac3c3832313cd20e18a3b7222a13e241b7fec80540a08942ac736e2ef5fafa9fb5d83e19ec14fa9d456e254b025a6c1c862b14b72bc241c4470d7e96302ebb6b77e292a321dabbaf571f5fda69d76cb3aacf779395afa005d65bcc1f8391ade7b67ab9928a216e9dbd52fca549ee2055fdd91962ac8bf6eddaeba2e18ac2367605c8369a119088a4dee179662ff5ac76c1ffa8aaf4fe4d74ef680bfd23a20fa9bf88fe9aa30b30550509086ab3e8b37ad6042f5b79589c2eff91a559d6550aec82f04da1170e889683a2c29e42c0999d1a779b6fcd3b07899372b230e0dc23c2392201110b4aa65ef2a10cb62eeb8994a5397360ca93b909979191da9d8425c8b9baf0193145f58b1469d9e69b5eb81e60fe54f8f27993cc59c748264c3aad830b5107ce7baffee585bf028dd00f23a10e5dcc249433671de0d6076c3ce123c35824bdbd78a88014aef7c8ce4f7587511d3d2897755bea395d395aa11e3f740a00db6095f07508350334758195c4b124f8ef0b0d80da03b601ed0a7c84bd041b3747cae9a233ac2093c1b8649581ec97f3dd61083ae6c1d650c39bbec9ce66c4f3fae421566aef316a4fecf85e107ab82423691ef8776e30c258696b8a2a0a0f76922f32b04a9f839075b0b31a0979045baff092c586781ba706e279aee9a07ba6cf164cb2d485434a05e86f7ae47752985f3951840b83ca279e4fc9b6dc37737ecc86baf688ba22ad0d01fcd0711ddcdeddf7eaa5ed489cd651f351a897df068c85e79fcb62f5547451eabb5d47c45d64aa4af09a86b9d0ccb471c84f9a80b554e0b78e7bc34b6ff30b910b796b36d416a170975639f563883f268153c636338e55705ad4476a02dc145b85b500812c08c8e1a13679b7b4a871636b7c8f6467fc3708f8217b78492427380cd6f0da8a474cfef5ace3f7f32e1157e89350ed6379868182e3f69518f6af9e0595358110946b8e79d0f770c68c366e708a0cf83032deb6f34067152c83befeb35aab7f08e98ff5dbbda738796f33573b76507f7ecd914a01224e2b57fc206c116e5b60627b4e790b4a004974ab55020b128a8e36da96fadc5cb56189d42f0902b26a560e77ad27ff1293b7bab45366d751db5d9fcc2b7e0ff92d84cb3e98ef36124134fa7e28f4b5dad3eb89c72782cb98800afd7f66bb563a41e4ac71d96aa0b3d82f25eec840812134cde20184e52f909e34ef8e07bba2dc4cc509cc6125c2e00be59632e24e62d36714c4ca253ba7c063848c7d10975d50345f3d74abfe337a9f3073c4c95b9d2c8998591f2c9375eef9b432af040a769d2cf7a5ebf7dfa75e1ba20aa1a11df6decd30f2525051bd45094081ecf4017fefd82c73fb02b804353b30f1203eeb37ce431d17198d3b83715ec6b74fb379970f6ac7cc3a2797ecbc63e7735c2f9a85e8e3247c1a98de36dfd51f535d5f70d0763a31b3c3984d611c8d42b25a44b5f254cbe523e23e9a932dbd79cda0a6e0d74ab1164730650680e0cbe0b84fbdbd439671482cd220119e1fb2bcdac99474a6896016358eaf97fcb00fd2a25db9b74061bd0c0c4bc1a2217ceb4badf17482370adc577aef0280b6a0ad7b12cc86f2609025e89b5bc0b3cd59bf12711c19821ac4c9bc8915b4e198ef84c1e936c80032e309042cf1e6744dcefb5585537b57d76077f98c64b0380de024cdcbd4209c61b093907fe41178336d944f306011fbf13e48d00d07add607bdc635484acd9637f8a68dd5e55e6e359399a22d2828360cb2478d423f529a11744be90d044ea8267b065ef6dd92102b3caac661f9ddb27d7b7dfc1a2cb99d736b60e5b4bfebd940c8e600bdea3208d76d15be74901138f55a6af868e2e1f1f53eadc5625c96829e7e822b867a87a07dd06049ad4a99bfe092c2c8444d3f3180f97f15382943a0bea6d3d4c28b90bbaa863f46ad39579614f6c246e13b54c4558bd3f9c35b187395cac1970cce55dad291fd4d483e4b96eb8d15f127334af6c50f8eba909910cf5deeb05283b098807919f982414ff21e3b73c8b576055c862826fe20434d94fd790b2d5afa104adfc8ac14145cd28fc279ad759d5de10ad4583f522b8113af74cf59520c9a334355966b4252b359e12ae66c58e30281e492e9d5c40c67f684c563954ba0ad6fd2c7890b297d98120fc5465372ac49edbd3a6e47dfb4680216d4904bab704e6b7d76e27dace2d1a9c06ac819f45afbc0a3363d139d06deb37c480639778112f61d64625305651515d62e9109464e65ae12745de0b8d3a6dde41ea7c3b63fe3dd2c75115519d37298991317f9d786985bd8f2d737c9f1a0f1ef4aeae0dbe5291fd6e7f11304a19a6a3bf0be46e109c871d4d6bb9d71b69c05fb8f2c5cd641c34745e91578cc6883250db758bd05e6e13248943089eb9cdffa07337ff880d40037a77e031472ab12b7d0cb085663a84afd910080752727e0e2c4ef539e9610f81d94d82d1852c4479b95c9389915db224f14db441b2c2b897b59130ef07084d5e8f53161e42a4a60e34d5b26da8ed7045da7e0a8add9f452b8ae7075d9e3f2905b66f1a702960f157afe0812d91bb878fc418534a8b3f52c9f3ff7636fa7ca3f5a2ed8cad7b6ca2f07e988fb4ec7bac064912ed9ae3d126963befca998673c2cf8be3eb107a719cd838f629a25c0d16b9c7aa0e1713bce925d71dadcfef99571cb63b05fedf63e82b22ae4a454d844c70a11cb269ed867fd31edd96f40726884501152a71be71f0036c4db21ef251b8e0279c6e2958d0492c7c6cc5e2c92c77172eef21b6fcf99d536901c29413f610f54fbfd09d70d36062b2b6596c9ed6f769fd864927dc26f652c78b07d6990bd44431459e7bbd2e25e576af2b8e9eb988cbbcf8ef53e9d6d7b7b999487d6a5e689326f1d585f056d98f4e1c767543489e84e3d6f8cbdc135c7e17b271eea7741d39b2fbe30fa2e1822c4eece6165e5b6ecbb51d8f077fb664e0dc92663bb53a94b23ed17ae8fe41ec1b3cc4c1e46ee7429932c1a3a022bd5257829044f1c44b12ae9322c8590bc0f1ce4581fad45950e3ce8135d1d8d530d7752c83af4d058f5551401a1c4fdf3d4f1fffa311e1cd6eb3be46f731f2b03ee7dd4607fe3b58fd81696c46f335fef8dfde4546c9fd8", &(0x7f00000003c0)=@buf="d57676da79bc118c46ee915fa999a5725b59fc57cafb5d0e06b7dbbfcb23f686fbc3b22123e422b5a925cfd549ee7291b2628ce97576da8e1c8a2a1edf5606f39d1daee9243495393ddd94316f39567f510fc05fb8b61dce386def4385413fb9c76b70e67ab0b3f89ed85acd69bafb192eba4a3f01114251cd55b30b3b731e5fdee13ba8234ace8f3c4e38567340b373c15b18aa651dcd1eab4610530fccc3d58e8cd4918a1d007b3da9aebcbbc95b015eaeae01467138e3d677475c3606420f4000928a48bf5f0afc07895574e3703c4f0bd55e"}, 0x20)
sendmmsg(r5, &(0x7f0000000000), 0x4000000000001f2, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000600010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x0)

2.120014383s ago: executing program 3 (id=2069):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1}, 0x0, 0x0}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r0, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2000000011000101000000000000000004000000", @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

1.939930217s ago: executing program 0 (id=2070):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801}}, 0x20}}, 0x0)
sendmsg$key(r0, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100000a0000000600000000000000030006000000000002000000ffffffff0000000003000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x200c00ca)

1.861145561s ago: executing program 2 (id=2071):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="3800000054000100000000000000000007000000", @ANYRES32, @ANYBLOB="170001"], 0x38}, 0x1, 0xf00}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
syz_genetlink_get_family_id$smc(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0xfffffffffffffeda)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={0x0}, 0x1, 0x0, 0x0, 0x41}, 0x20004000)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000001c0), 0x4)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002d40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@dstopts={{0x18, 0x29, 0x37, {0x8}}}], 0x18}}, {{&(0x7f0000000300)={0xa, 0x4e23, 0xd2f3, @empty, 0x3}, 0x1c, 0x0}}], 0x2, 0x800)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x22020600)
pselect6(0x517, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280), 0x8})
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a300000000040000380080001400000000008000240000000002c0003801400010063616966300000000000000000000000140001006d6163766c616e3100000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001007465616d3000"], 0x110}}, 0x800)

1.831811273s ago: executing program 3 (id=2072):
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x4, 0x4, 0xa4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c252500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1ad8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000080000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$rds(0x15, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket(0x40000000015, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
socket(0x10, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

1.796982563s ago: executing program 0 (id=2073):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000001400030400000000000000000a3f0000", @ANYRES32=r1, @ANYBLOB="14000200ff2300000008000000000000000000011400060000000000060000000000000000000000080008000004"], 0x48}}, 0x0)

1.645235343s ago: executing program 4 (id=2074):
r0 = socket$kcm(0x2, 0xa, 0x73)
socket$key(0xf, 0x3, 0x2) (async)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000001740)=0x2, 0x4)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000140)=""/83, &(0x7f0000000240)=0x53) (async)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000140)=""/83, &(0x7f0000000240)=0x53)
socket$kcm(0x2, 0xa, 0x2) (async)
r2 = socket$kcm(0x2, 0xa, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000002000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) (async)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000002000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000400fbfd0100350fc9f7000080000000", @ANYRES32=0x1, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000010000000400"/28], 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000100)={'team0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1e0000003200000003000000feffffff5a250000", @ANYRES32=r4, @ANYBLOB="ff025f000000ffea000000000000000000070080a5ea92eb11ec604e39b499cbd55f4ede9d5c000000", @ANYRES32=r5, @ANYRES32, @ANYBLOB="0100000002000000020000000300"/28], 0x50)

1.377635682s ago: executing program 4 (id=2075):
r0 = socket$alg(0x26, 0x5, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000002d00210041000000000000000400008008000c"], 0x1c}], 0x1}, 0x0)

937.093695ms ago: executing program 2 (id=2076):
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r3 = accept(r2, 0x0, &(0x7f0000000000))
socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=<r4=>0x0)
r5 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private1}, &(0x7f00000000c0)=0x1c, 0x80800)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r6, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r7, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040080}, 0x4000000)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f0000000240)=0x4, 0x4)
r8 = gettid()
syz_extract_tcp_res(&(0x7f0000000280), 0x800, 0x0)
getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f00000002c0)={@dev, <r9=>0x0}, &(0x7f0000000300)=0x14)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, r7, 0x800, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, r4}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_PID={0x8, 0x1c, r8}, @NL802154_ATTR_PID={0x8, 0x1c, r4}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r10}]}, 0x44}, 0x1, 0x0, 0x0, 0x200400c4}, 0x20000980)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='mm_shrink_slab_start\x00', r10, 0x0, 0xc}, 0x18)
sendmsg$nl_route(r3, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@bridge_dellink={0x38, 0x11, 0x1, 0x70bd28, 0x25dfdbfc, {0x7, 0x0, 0x0, r9, 0x4b04, 0x8000}, [@IFLA_MASTER={0x8, 0xa, r9}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x2}, @IFLA_LINKMODE={0x5, 0x11, 0xb}]}, 0x38}, 0x1, 0x0, 0x0, 0x840}, 0x8010)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000680)={r4, r10, 0x0, 0x9, &(0x7f0000000640)='nl802154\x00'}, 0x30)
r12 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
connect$inet(r10, &(0x7f00000006c0)={0x2, 0x4e24, @private=0xa010101}, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000700), 0xffffffffffffffff)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_FIOGETOWN(r10, 0x8903, &(0x7f0000000740)=<r14=>0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001b00)={0x0, 0x0, <r15=>0x0}, &(0x7f0000001b40)=0xc)
r16 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=@base={0x13, 0x298, 0x8, 0x800, 0x1009, r10, 0x1ff, '\x00', 0x0, r10, 0x1, 0x4, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001c00)={r10, <r17=>0xffffffffffffffff}, 0x4)
r18 = socket(0x5, 0x2, 0x7fff)
sendmsg$netlink(r13, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000780)={0x130c, 0x1d, 0x1, 0x70bd27, 0x25dfdbff, "", [@nested={0x39, 0xe66, 0x0, 0x1, [@nested={0x4, 0xe4}, @nested={0x4, 0x64}, @typed={0x8, 0x24, 0x0, 0x0, @fd=r5}, @nested={0x4, 0x66}, @nested={0x4, 0x2}, @typed={0x9, 0x139, 0x0, 0x0, @str='{\xc9\\[\x00'}, @generic="0880d23a4b84e9ca7d3bce7d85fb82f8e0"]}, @nested={0x10, 0xf4, 0x0, 0x1, [@nested={0x4, 0x20}, @nested={0x4, 0x119}, @nested={0x4, 0x81}]}, @nested={0x12ad, 0x26, 0x0, 0x1, [@nested={0x4, 0x70}, @generic="6376ecf7acc4477cc0bf07365c012aa8d4837e3feb1becc65ddc433a5fc8d132f29d96b8dc1eb7e131806b136d8d553d48b841c02ba5c3485c0e942b36", @typed={0x8, 0x48, 0x0, 0x0, @pid=r14}, @typed={0xcc, 0xd5, 0x0, 0x0, @binary="7aaeefb2f8d9ea39474a2da13f9b723111a8d2a4483a25acad7f344d82b2c87ef29f7f883b9fef0ac2e9c5d6b0a946429d94725fdda5b79170fddea914b25c85fa436906fe7d2f06cffa80568ee8b3afdb184eb28647e921bea05343df178c93232d349885e5d0e0553dd24d6c8fd3d71d87420ac442a6f0eff97708bcd421e844a2143a13abf6618b268cd8bc450526340ccf8076cc224edebfd8949945accbb7dd2cc2001196850b6f88711b6eedad031ea9f3fe9aae54007ec8dc4362321af28fa83ba1fc854b"}, @generic="5c42bf12402727aff344646f8571debdb4840eab50a30ebb95063b42452a20ea55a2e033d4445deebb509b9e6179631bdb4e686318c56788f846d95ffd8ef79a69b6a201d85690130ff4760aca262a9a16a64a2b32fdf6f3e0f72eb62d44f2ab61d566b94fa1394b5c97c62b3f374f3f2a2518cb55fef5650d1277a3388d35149525bc13402d476fac427bbe0eb0800180869fb8ed7f9b02a3b3bd5d4fc61394008c3f5bd368b0113d2e84dd0aebe41985ad0c5f6b1483e6169c5785504c492c67dfbe5496c49bdc39344038c28e601217d4b19f49e089f79e5d9963a8a312d5142951b25f25a3119a4cbeecf1dd4a3495199cee4ab917c71cfdc66518f52827c415649aa8e09bccd29821a6eb68ad2b346fdf99b7fba6aa7d2f14b37286e0333c83997881eebb895b89689f7fa8a00ce2016728b0940464241752c54636fde25bc66a542a75a2aac3570eab92f02c8d5345d559e20ad7fb267d82cb4713de6b5b424b0d748f0b8b1f16a2a04ce118598e30277ada85630454a20270affc025694370b8ecd963db0ba7ab44ab60a5a33dc0fd4acc6380731a8f38da9604e4bf233912f715d36b9c0af5133f1abd178db13f32bbee40f08a01c001849b4ba952a5b22427ebf49ba3a77879a352f64fea5b16122285b9442cae3082fc08f517713c2f3edff52d02772185dfdeda788ba9e683856854be40a73f2ef8a91395e6c1d0bb3a1def90efbbdb80cf73d6dd4c94a0f09b778d4bc8c912e5ebfae7ea8aeb352697baf1a2dc7c9f95ceeed480ccc8dfff360c53a82ff520f67f8f0119b178eb9e620111bae2fb3b925961aa1899830fd4d561290cc7227f53a78787c0e9c88cf125815810ab9ca408aed073c26d093f069ed9bb1824aa0925a59e8cb6dcc6dfb6e64fbbf37731e55ef4164ea1318dea4fc9b2453341f35f694dab1d9ada5c4ea7e10ac03574b17261ffd58cf8ae861997ebd626f53299ab7dd0760369e7ddab17aac7a601d5a6537e22b578003fac05073ed987db4aec84cee2ad2c3647994ca6e756256a203ef0c5ec73d710f52f79a62abda7eedd2cb26d6ba4db3bb1cbb2ba8932aeefbf648a276cd947c1e77f2cb18130df37cf4125a0f91478ab6003129ce5d4e3d6f98c6c56e96813ddfbac6870309c58fa324662792c097905ae1e1b650a6c0ebdd93999ece53eacd5bd0ada756d46aca32754cb17f8aae10cab05d4561e7fff32b9844c017e163e12a39d1f8afac0f1127b437f9553e5f8d1d5a0d1689e26f896d0ca52afafad8916c79ae6f6397148fc39c9836a7b4879ae7f573a40e51c59af6dfe38c053f6da2053bf80abfd8f3b6da537295a8ea456caef643a4e48c31f17adf48b05a7e54424ef70b0bd8f48600c322ae083a53da5483598ef75c02bb2fba6568430139e1dc1e9855a49e1a3c9a5dd4ace29a08278bbc028689c9d4081138ae811c59c7661e2c9730ae57667839f69c1248bbbf824e1249d2140e96d256aeb66c99f445c1ab895cb2934bf6b8e27f397bcef52f26d2b5f27db974035b96b7153dc4247f681f4bf949190dd5f1a4f5518589295f8d483a78db604935cd79c6f02e58a8bdf783da14c066fdd9bcbb80bdc7a27fc6600b8fdd8c3b745ec63dd8f1ad94e842866b5aab5901774f1df189c01c0c23eb0b74a9fa33948f74b2c2bf7656bdccc156113317f2c1fb21e2910c1dd41e047ebc7b3f8e0b0b62d559fd70a593fd82b0276c3c42e6ad91803eb43b1b71a3094349c10ebcf27a6fd4b3be74e1779d499f3ded6c61fe8b928056ef4ff05cfd1db3138e82e282d4b44b1d93e674facbe0f2d8b2741e9b05472b435c3ad2665f24b9fe049c0648aa5ad2c796945cd4f57312408549d2994602a614860576035bc3c60926251d262009ad4d5be66e46da9632a03625ad8cdf654f814968833c147f7133233c0724f1ad37c3ed9b3ef4fb57bddcabbf2c44f47357294a6ed84b3deaef47ae830b3d8ec44b162b534683363901043fc65665904439ee69623f1840557fd3e04d3b62a9a8373afa85225fea600db9664456a28969fa3ee5380b27d5487bd121c2905d54a8fa150e2a51deecff685fe6b41087bbb871e681b2a89fe93be23e45c64a59708f000aabc0e1456c9ee2d5b63bbd2b55118463775b0d171e52d13a25e3e0060cdd581a4cce327c623c8a5519ca7bec42ada802f8e75809a3b6265e87a8b7c28091791cbd3c8382c1de79fc4dfba812219fe1d28ab843640e484e67c3dfd8caf548bdd6cfec6dba0594a4a328be7ac1c53b4548aa2f9251e0e3bdbe5d39ac3656b36e60baf8eaa095dbe5905fba6cb57b582571b989ad86afbbd90ceff49141538b45aed701da713f83ac9bd10a359e89857d2e9664cf15786560d4b932430fda93a0cfa57f9f033dc0bd9f1fda97546f7e99dc304c0bac884aed56f4df20b6ebbe377305d66664d0923ffeab3683f75a2d64b595cbf1f45eb26074efc4404cfb1a7eafbf72603d872bc14e98f11f4cd0c0acf2936cdded6958aa577eb06e52bbcac44723eeb1cae4e0a8e36d3dd6a1012ebfe9266aa35081e1f90594a7d5864f1807a6729d7a558c54de929bc98f645400cf2d57d9ad278c04283b0a09ee2281f552a0476b2fe1adae863cd324dd635d759ead25bf496ad7b8a833250a414f761059d92f1e2a5e32d2bc6f337bd4b17e81f6ca9b8c5e4ac44fdae92d660317104e1fbb05165da2fac2fb5f55c28dd743fa9fccb34e053535068cd2c0ee3156a836d2d91404abaaabab0596f966be22742a15e93829bbb382aff4e0db26fe8801a74287776e400703452798152024152a42e781e1de21a44fc0daee81b77311bca6449009db4e272e5fb69f3b4529d1903408e811fe8ba19207fea29bd353c9f407faa777b6cbc74e7711119bd552f8bbb509aa802e1587125fb2caa6fe9a2a4afb43cd1478489050e941dfbaa52e903ec1fe88591b3c64916e922458e62300f3550b7bee391f19c66fd9de77c83544340659cafb54834e337fe8ab1fb32aea41b590eb7c573baba7620dc1fda0f784fc1f1252c08728ce1458314318ea3e5542f79eb4061f0f1f283e4b27e5d57824b6f220a973487a6ceb4829bf3e2d8c831f01d06eb821080acad9aab4913bb0f692ed7f7d08a7568b8e686a63cfa59d15d6e28bcfe123c9518f6740549b48dc7ae12718fc1025f5efc2dc52178ca76277a06ff0bf83bb4f6127fb5babf9b756fd973ad5daf5d9f0c78d8e3370d27e5504643104ae68b102c96250a61d7c3228c2488ee32bf3826253123bcd05f1bc8c3eb7f3290e81e793e519525e5e0029f6f558aeb1d999066ca743b05e30a4fbf12aabbd70befbb958c48f52bc2b157832f3c0a0479ee7cb26887270c6588ee61af10ef94d7cb8ad1f672fdc6255e9f6552b18019fb7551fa8bc8da068a269d327479c03c585ef3bddb422f2eacc0da84f93561225f68db4479c24507a5631d3f8fa1a09926815a32a281a7284fde41c91eaf9beaff52e018be0c2720dd0bfd28b2707ecc7ae9b3305885e4ad89ddfa4571b96ccad265c406d8da06a516dba9e5fedc801e21e126ec8efb2be3ba8d91a7ea6713f3ba40d88f18567b4cd1c9a2a0efe346a13eadfa0849c7293242dd691a1ca2e791a3dd724658578563082447bbb2a6a8a155b99348a65993ad3e22615d1b6819f750aeca28be2a6f441e016743bb29b9d3fbbb5e82e9b06fa509976cecc825eb3a682bd875beacb8ef558ff684126faba47bf55b29374ff8382622de1dfd6a618a4cdabce3432c6e1a6085483219f275ccfb42f9eb0f8a6ce802347976466089b8c1ea02c9f6e22b51643b230a843e8618e132fadce0d0bfe2ef11e67182c0074d38ebc98f25da7021ea4b10e06d3a089a92b4d69ad3342cf330b71b75688461a3e8736c4021ae18f8df1871ef99a133481b4466c6096ccec92374233c315dfe9ab56678cdab338db7d7ad5669e9ea841aef4c51692bc5f12685e584a21a0ecb3e71c91362b1204dcf6f4d373a677acb949fc60a076f5edb8aacccb20f59d51828626808f244c42eb516089898d7125725ff8c63c03b3de02a03a976c71d2ed71783495a6afbb293a6a2217ccd231b363620e33c050bd3a72ac728a272b89b5dee63a42b706a6b0cc89731eba1f96c9cf2625b43fb44e842440a7314a78794ed93668ba9c45f3a805fe241e39c10f23785987d8f8f02fc1dfe02cbce52368e3300075df5635407ed157bdd7395826264ef18b3cdcff213a0958079a063a1fd44040fe4bf5263ad4aa729cde98fef38c0c9f2ec31378250dcc5c9b99d7b14fad382a0f688d0885e64642c30a3a2edd1e7251c0fa91b4f426bdd861966751975d5737dcf551f6542e6ce22831e372298db362834f97bf895cdd79d5982a8f3c445ae0a53ccd2e165f3e25656a2a0dbe9e34a19894487fd60b7d932b7b082fffb161166d80b8c16b67ac1e3a65a66ba53c005b58d41942224f4e6741b3b99601aacea03a339945c8136bf5f0ed46529513ca39806fcc1c9fe084afb089f070a1363eda13c840225a42c605561b6cfd14178d95eb50e8374cedf99e75f2ebbb20c3c9fb170f33e3bbbdb737df94fd0c1e232aef552872ca35c40033859eb60fff3ecb1c9c5a700ec603e111ac8bbba5627ca3f4709dfbedcd0855cdb93443fe068e182a3f5a62829bda24100fcc421a9ab13b4c59bc379a14841538612b23672f52f2010e59ecef5bf7446189709d3af12006828446a3843924627753df886cb843cb3b984751b1a019eacf01f492c5a271c50e26129d64fb03f17668992e40eca7498a08246ffbb7b288f8699119a7d7416055db831274207ed00b778587465759241cec8e002b47fe45423bb5593042baf3ca00daa98e3281be37c010e3e3a4189af1b90f93195e8a32e4393a166296139536a150ccf3005ce2009cc38c3feb858fc12a9200a46086571cb641c51c6f8425d82ed75ff11d2e6a29c207bf87c1fd0965320c2e197b024e73523fbe4dd9cf65f1d0dc0ebf93eb448842f70335f33cb30caf0ce2ee96d20779ecf2f652227fe8a003384a92437aba50ccf4efabfecab1b12baff27719e6dbd2109a83498e7d437e3dea590e29644f4bfc90abbc0f326105ce796cde59e496ff56ecdd7bf8c4e3f9feacc077bf6c768568d8a5e172db9bd577b41b224a4146b580a3c70c5f5ff90a859ad96422748aea8ed1e3b0042e783c4b2c7967a38d60f83c5bf7b1d40abba76b844d898824781bdb654496749d9b9907ce09c0ed71a624a2eb1ea282d8b93286018e6a24dc1e5e6042691514f72a02b75911385bac7b1d66422e327bebe1e79644d422f3afee98d06fd7c6c73d245f0cc81c280589235a170859549b8c378ad4fe29cef9ffb2fefc43b0608318aa79b910fe680159f09aa3aff5184d81d19f5d98442edc90717d6cd8ae1716ec7affaf371b0650fab19ae4ca000ece29ba06d99e7a273c19196171c7aa83885999e0d8aef91f110b76fcd6b8350d39b226d1a2c9673ae7aeb2503499ebe30a10ef2253612e5b51e37c8551abf33f92ad27f591af4f2fa6607aa8e0a40af65e516007647189345b66d6145b2b0bd4d10bb1fd82eeb1b38b0604b4d7c5c7aff49f4554eebd36eea372f4790f6d2ae7073aabc2aca53304c3dfe70fbdd02b0b49cc63c256f5fd461cadd487f079ea4156744c0585c9ce32b62cb7f2a3ed89858ba007cd76966f1b2139f1294d2aa01a81bb08253ab5564ea9c3c1e36bfbecfe6c357df099681888592ce3eb3813a64674", @generic="c98604ffc4e45a8d5d30eee09edc42fc315d3ca5b534ac27be31f41d9b3bc5a9d70e283934ba2473a1a452c20cd88eec1208b7f52a8a8d6ca030148452ee4a6abce66d8c0b5593b9f4daee", @typed={0x4, 0x148}, @generic="b1f25b9ef372d50c33487a4156f10a435e52a58426681582338a4364ed9974a1cf9ef2bd7fb399abb2d2a506e71a0732107f77efcd0b9722055ba0b540bf74d7994401af34f55a19f75c52b54e9cc2a3102376c7c77d460a9468b284dd8a6a43d7e85c30591fbba6976358d32aee70cfb19832ff3172bf1725f44e9a9e5d9047477351c420f8409954cc8e92c015b71c540ff4447644c050e764cf899d6fd7266703f228d23c65778a442ea229bb3d9e1c06a5dbbf60ac4002c0d08c626acb7fc4d840057f3054a3cd7c9796f8bb5ac09bd171f3362dc258143b7cfbf8ed4e436263eb3cd6b1f5dc898ab05191989cfc6704", @generic="6fe5fcf03768e9f33baa1b8b1b6e22b3958e7d6b9577f14202faddf2602a76a5436d87a618137b50251ac44a38f01fac63812fe3a551ede776f20e81a74debdd91be0fa7898ada1421cd2d03b349de", @nested={0x4, 0xfd}]}]}, 0x130c}], 0x1, &(0x7f0000001e40)=[@rights={{0x1c, 0x1, 0x1, [r3, r12, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0xee00, r15}}}, @rights={{0x28, 0x1, 0x1, [r11, r16, r3, r17, r18, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r4}}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x18, 0x1, 0x1, [r12, 0xffffffffffffffff]}}], 0xd8, 0x4}, 0x4)

805.48036ms ago: executing program 0 (id=2077):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000006affffffffffffff000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c00028008000140000000080800034000000110"], 0xc4}}, 0x20050800)

805.08171ms ago: executing program 3 (id=2078):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e00000020000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x110)

757.816042ms ago: executing program 0 (id=2079):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='virtio_transport_alloc_pkt\x00'}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @remote, 0xb}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='veth0_to_bond\x00', 0x10)
syz_emit_ethernet(0x9a, &(0x7f00000002c0)=ANY=[@ANYBLOB="0180c200000eaaaaaaaaaaa486dd6001010000641100fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x7, &(0x7f0000000100)=0x10, 0x4)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000340)=@filter={'filter\x00', 0x42, 0x4, 0x2a0, 0xffffffff, 0x0, 0x0, 0x188, 0xffffffff, 0xffffffff, 0x238, 0x238, 0x238, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8, 0x0, {0x100000000000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x4, 0x2}, {0x0, 0x5, 0x4}, {0xffffffffffffffff, 0x1}, 0x3, 0x7fe0000}}}, {{@ip={@multicast1, @multicast2, 0x0, 0xff000000, 'vlan0\x00', 'syzkaller1\x00', {}, {}, 0x2e, 0x0, 0x41}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x4, 0xe, {0x80000000}}}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0xfd, {0xfffffffffffffffe}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300)
ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, &(0x7f0000000040)={0xc, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

670.239655ms ago: executing program 3 (id=2080):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000004d40)=[{{&(0x7f0000002f00)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10, &(0x7f0000003440)=[{&(0x7f0000002f40)="d60271e3251540aa8ec3a4260236d8612471e0bf4fc622d6f6e915b35ae59e9723", 0x21}, {&(0x7f0000002f80)="3680beb96801ba2b363f9089c2dcdafc85737db46d5c1f59fcad46f938385dfbc86a58d7609487a24caff21ffbbb75f4987000fe0df80be01d0db2487929d3d806efad51a42e826cd0e39f6e8ebb67a0a3e6ba451225ccb7e2a7ab718c185a3df24ab83a16cd5fb4cb957a5b2e94b98ea7809228a8dc4043044cdbe0a9222dd0cab2b946ef836f4f09fb3fcb0db108e52c90f6dc0518559ea57fd5a462c7187a303c8f8dfdcb01bd0d6330a07e61b0a38cba7780941367c765c2d10a7d2a1df91aa768e8", 0xc4}, {&(0x7f0000003080)="a29659c793574978a41d6bcf9df5f79f40da625c54c2768a34b3cd28bb138fe8146245ab8ddcd5b4165d2ca64616de89eafb66048fd07387bd56b0567c04330f330e00cbfe97c0f03bd4825bd7c2fb77021d5381ad93e82adfe934ef80e358eca8c9fffe8a00bcabbf1473dfd50824bd7c5a60c6f8f86daee665de754dfdb0a6f5c43b46bea18f04f6db8e721c7518969c28d4d5200c16b1f1dc9c63fdf7dba7315a23d4bb9221905eabb986564cde36d93061b1f4bf31ceb18f9fb2ee6fcb", 0xbf}, {&(0x7f0000003140)="71de191e235ab7cce71bb6d76f69f46f2341824002ad254cb9ab61847006c5f3270f86328fae3f9530464b526b6707c100f20b0bd96773cffeed463d4d0b6a8bc88fbd79d1573347de1a6077ac36e72590fae18308752c74f2fcccd6d9361cc2974b1fdaa35c79", 0x67}, {&(0x7f0000003240)="63d2698a35543b779a47da1e2f44cddbb95e97fde61237655951d05a1735a4dea01c0cf4ef1d59c90490e7ebd48182892281acaf34256721909ec0e77bac5cc77fb95742f1fc60a67939bfe459dc39d80f92d03ea7a2500c07febd875128e86d9f999b9e8dcca0894d6b5d19b120329d3b5c209fc4670ef4622696227d900fb666a838dfa7a122e6002409e4e7fb40e3645b08928beea2bc6acf01e42c77dc", 0x9f}, {&(0x7f0000003380)="e98326e8b96bbb2df9bfe646ed157cfdaa4188fdfd7b9a344c23974527b8c2925d", 0x21}], 0x6, &(0x7f00000034c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}, {{&(0x7f0000003500)={0x2, 0x4e24, @private=0xa010100}, 0x10, &(0x7f00000046c0)=[{&(0x7f0000003540)="25e79c0a3fb13b5b68cc5471ebf26a04ab1e6e3d9532b3bdfd76b37ac1d117dbe889735f62e0ce8f52add9d87ac61516eea7542083", 0x35}, {&(0x7f00000035c0)}], 0x2}}], 0x2, 0x8000) (fail_nth: 6)

563.908459ms ago: executing program 4 (id=2081):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002680)={&(0x7f0000002640)={0x14, 0x38, 0x1, 0x70bd2c, 0x25dfdbff, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0xc804)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000480)={@map, 0xffffffffffffffff, 0x34, 0x0, 0xffffffffffffffff, @void, @value}, 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRES64=r2, @ANYRES32=r0, @ANYBLOB="00000000000000005000128009000100766c616e00000000400002800600010000000000340003800c0001000ffe0000000000000c00030094040000000000000c00010000010000000000000c000100040000000000000008000500", @ANYRES64=r0], 0x80}}, 0x8000)

563.644502ms ago: executing program 2 (id=2082):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0xd, 0x10, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x2800, r0}}, {}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffc0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x6, 0xfe, &(0x7f0000000580)=""/254, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

522.661987ms ago: executing program 4 (id=2083):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_80211_inject_frame(&(0x7f00000001c0)=@device_b, &(0x7f0000000200)=@mgmt_frame=@disassoc={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x315a}, @device_a, @device_a, @random="deb171022099", {0x9, 0x9}}, 0x42, @val={0x8c, 0x18, {0xcff, "06f56bb997f0", @long="c4d2a02c7c37472d30829cbb0d5f91a5"}}}, 0x34)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_80211_inject_frame(&(0x7f0000000340)=@device_b, &(0x7f0000000380)=@ctrl_frame=@cf_end={{}, {0xb9}, @device_b}, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x4, 0x8, 0x401, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1ff}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x7ff}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000040}, 0x40001)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="200000006800010026bd7000ffdbdf250a0001000000000004000b0004000400635e33b80fdb35bb82a2c06d1ba081254052e844dece17e2dd1a0eb654315b9a5f5569a205f268ad39de8e73f2ee1fcb98772f8638d42ab5ca2b6661bb9252f76a27cb4e37d9b1c30411c75ab64336c23bb1b1cf42c014b1bed1bab2630891ae2f64692ea79361752b1b94b0d72ab54904d4bc5e67926b5fee5c56406e44"], 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000080)={0x0, 0xb, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000001030101000000050000000000000040"], 0x14}}, 0x0)

445.894249ms ago: executing program 2 (id=2084):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x8000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x1398, 0xffffffff, 0x0, 0x11d8, 0x10f8, 0xffffffff, 0xffffffff, 0x1300, 0x1300, 0x1300, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @multicast1, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0x10d0, 0x10f8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x7}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x0, 0x0, './cgroup.net/syz1\x00'}}]}, @REJECT={0x28}}, {{@ip={@remote, @broadcast, 0x0, 0x0, 'batadv_slave_1\x00', 'macvtap0\x00'}, 0x0, 0xa0, 0xe0, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}, {{@ip={@private, @loopback, 0x0, 0x0, 'erspan0\x00', 'ip6erspan0\x00'}, 0x0, 0xe0, 0x128, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}, @common=@socket0={{0x20}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x13f8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x19, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000240)=0x8)

345.550426ms ago: executing program 3 (id=2085):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030e000000000700000000000004000900a0000000e9255bb992464e73a02159d3720df19f7a1dfec30000000003000600000000000200000003000000000000002000000002000100000000fffffffbfc00000000030005"], 0x70}, 0x1, 0x7}, 0x0)

78.473999ms ago: executing program 3 (id=2086):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0xb5)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000005200000", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000014000800000000000000"], 0x65)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x10)

0s ago: executing program 0 (id=2087):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DEL(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xc0a00110}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xb0, 0xa, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x3c, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x1000}, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010100}}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}]}, @IPSET_ATTR_LINENO={0x8}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x4}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x7}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x51}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x7}, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x6}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x40}, 0x48041)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x4, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x4e22, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@mcast2, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0xb, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0xee01}}, {{@in=@multicast1, 0x0, 0x6c}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xf000000}}, 0xe8)
listen(r2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r3=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280), 0x0, 0xffffd6c0, r3}, 0x38)

kernel console output (not intermixed with test programs):

failure.
[  183.189311][ T9585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.213651][ T9577] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1241'.
[  183.220645][ T9581] netlink: 'syz.3.1241': attribute type 10 has an invalid length.
[  183.291537][ T9588] netlink: 900 bytes leftover after parsing attributes in process `syz.4.1246'.
[  183.298855][ T9585] CPU: 0 UID: 0 PID: 9585 Comm: syz.4.1246 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  183.298881][ T9585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  183.298892][ T9585] Call Trace:
[  183.298899][ T9585]  <TASK>
[  183.298905][ T9585]  dump_stack_lvl+0x189/0x250
[  183.298930][ T9585]  ? __lock_acquire+0xaac/0xd20
[  183.298953][ T9585]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.298975][ T9585]  ? __pfx__printk+0x10/0x10
[  183.298990][ T9585]  ? __might_fault+0xb0/0x130
[  183.299021][ T9585]  should_fail_ex+0x414/0x560
[  183.299047][ T9585]  _copy_from_user+0x2d/0xb0
[  183.299068][ T9585]  ___sys_sendmsg+0x158/0x2a0
[  183.299089][ T9585]  ? __pfx____sys_sendmsg+0x10/0x10
[  183.299139][ T9585]  ? __fget_files+0x2a/0x420
[  183.299157][ T9585]  ? __fget_files+0x3a0/0x420
[  183.299186][ T9585]  __x64_sys_sendmsg+0x19b/0x260
[  183.299205][ T9585]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  183.299238][ T9585]  ? do_syscall_64+0xba/0x210
[  183.299261][ T9585]  do_syscall_64+0xf6/0x210
[  183.299281][ T9585]  ? clear_bhb_loop+0x45/0xa0
[  183.299300][ T9585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.299315][ T9585] RIP: 0033:0x7f1e58f8e969
[  183.299342][ T9585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.299355][ T9585] RSP: 002b:00007f1e56df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.299372][ T9585] RAX: ffffffffffffffda RBX: 00007f1e591b5fa0 RCX: 00007f1e58f8e969
[  183.299384][ T9585] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000007
[  183.299394][ T9585] RBP: 00007f1e56df6090 R08: 0000000000000000 R09: 0000000000000000
[  183.299404][ T9585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.299413][ T9585] R13: 0000000000000000 R14: 00007f1e591b5fa0 R15: 00007ffea22b7c98
[  183.299439][ T9585]  </TASK>
[  183.459318][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  183.507037][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  183.692088][ T9596] netlink: 900 bytes leftover after parsing attributes in process `syz.3.1241'.
[  183.710791][ T9606] netlink: 'syz.4.1248': attribute type 10 has an invalid length.
[  183.722191][ T9606] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1248'.
[  183.743839][ T9608] x_tables: ip_tables: NFQUEUE.3 target: invalid size 8 (kernel) != (user) 0
[  183.824029][ T9609] netlink: 'syz.4.1248': attribute type 10 has an invalid length.
[  183.832155][ T9609] bridge0: port 3(batadv0) entered disabled state
[  183.839009][ T9609] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.846429][ T9609] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.965651][ T9612] netlink: 'syz.0.1250': attribute type 1 has an invalid length.
[  183.978800][ T9614] vlan2: entered promiscuous mode
[  184.062421][ T9612] 8021q: adding VLAN 0 to HW filter on device bond32
[  184.481994][ T9653] 8021q: VLANs not supported on vcan0
[  184.819292][ T9660] 8021q: adding VLAN 0 to HW filter on device bond29
[  185.401577][ T9684] netlink: 'syz.4.1276': attribute type 1 has an invalid length.
[  185.507905][ T9684] 8021q: adding VLAN 0 to HW filter on device bond27
[  185.601882][ T9690] vlan2: entered promiscuous mode
[  185.957110][ T9702] net_ratelimit: 8 callbacks suppressed
[  185.957128][ T9702] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  186.190129][   T12] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  186.204635][   T12] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  186.703413][ T9717] 8021q: adding VLAN 0 to HW filter on device bond30
[  186.709103][ T9725] netlink: 'syz.0.1291': attribute type 1 has an invalid length.
[  186.792862][   T62] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  186.807432][   T62] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  186.848193][ T9725] 8021q: adding VLAN 0 to HW filter on device bond33
[  187.096835][ T9737] vlan2: entered promiscuous mode
[  187.102288][ T9737] bridge0: entered promiscuous mode
[  187.370525][   T12] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  187.385332][   T12] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  187.484939][ T9759] netlink: 'syz.0.1305': attribute type 1 has an invalid length.
[  187.539763][ T9759] 8021q: adding VLAN 0 to HW filter on device bond34
[  187.982599][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  188.001114][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  188.218622][ T9776] __nla_validate_parse: 10 callbacks suppressed
[  188.218639][ T9776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1311'.
[  188.387870][ T9782] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1312'.
[  188.448265][ T9782] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1312'.
[  188.518895][ T9786] vlan2: entered promiscuous mode
[  188.599897][   T36] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  188.744066][ T9794] netlink: 'syz.2.1317': attribute type 1 has an invalid length.
[  188.789417][ T9794] 8021q: adding VLAN 0 to HW filter on device bond30
[  189.048302][ T9797] 8021q: adding VLAN 0 to HW filter on device bond35
[  189.623435][ T9822] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1326'.
[  189.652401][ T9822] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1326'.
[  189.721153][ T9826] netlink: 'syz.4.1328': attribute type 1 has an invalid length.
[  189.796692][ T9826] 8021q: adding VLAN 0 to HW filter on device bond28
[  189.964869][ T9838] 8021q: VLANs not supported on vcan0
[  190.166072][ T9847] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input16
[  190.187405][ T9846] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1337'.
[  190.332004][ T9849] netlink: 184 bytes leftover after parsing attributes in process `syz.2.1336'.
[  190.467484][ T9851] FAULT_INJECTION: forcing a failure.
[  190.467484][ T9851] name failslab, interval 1, probability 0, space 0, times 0
[  190.515769][ T9851] CPU: 0 UID: 0 PID: 9851 Comm: syz.4.1338 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  190.515790][ T9851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  190.515798][ T9851] Call Trace:
[  190.515803][ T9851]  <TASK>
[  190.515809][ T9851]  dump_stack_lvl+0x189/0x250
[  190.515834][ T9851]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.515851][ T9851]  ? __pfx__printk+0x10/0x10
[  190.515867][ T9851]  ? __pfx___might_resched+0x10/0x10
[  190.515880][ T9851]  ? fs_reclaim_acquire+0x7d/0x100
[  190.515903][ T9851]  should_fail_ex+0x414/0x560
[  190.515927][ T9851]  should_failslab+0xa8/0x100
[  190.515947][ T9851]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  190.515967][ T9851]  ? __alloc_skb+0x112/0x2d0
[  190.515987][ T9851]  __alloc_skb+0x112/0x2d0
[  190.516006][ T9851]  alloc_skb_with_frags+0xca/0x890
[  190.516023][ T9851]  ? aa_label_sk_perm+0x413/0x560
[  190.516052][ T9851]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  190.516080][ T9851]  sock_alloc_send_pskb+0x857/0x990
[  190.516119][ T9851]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  190.516150][ T9851]  ? aa_sk_perm+0x81e/0x950
[  190.516175][ T9851]  hci_sock_sendmsg+0x207/0xee0
[  190.516199][ T9851]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  190.516215][ T9851]  ? aa_sock_msg_perm+0x94/0x160
[  190.516233][ T9851]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  190.516251][ T9851]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  190.516268][ T9851]  __sock_sendmsg+0x219/0x270
[  190.516293][ T9851]  sock_write_iter+0x258/0x330
[  190.516317][ T9851]  ? __pfx_sock_write_iter+0x10/0x10
[  190.516349][ T9851]  ? bpf_lsm_file_permission+0x9/0x20
[  190.516367][ T9851]  ? security_file_permission+0x75/0x290
[  190.516398][ T9851]  vfs_write+0x548/0xa90
[  190.516422][ T9851]  ? __pfx_sock_write_iter+0x10/0x10
[  190.516442][ T9851]  ? __pfx_vfs_write+0x10/0x10
[  190.516470][ T9851]  ? __fget_files+0x2a/0x420
[  190.516499][ T9851]  ksys_write+0x145/0x250
[  190.516519][ T9851]  ? __pfx_ksys_write+0x10/0x10
[  190.516540][ T9851]  ? do_syscall_64+0xba/0x210
[  190.516564][ T9851]  do_syscall_64+0xf6/0x210
[  190.516585][ T9851]  ? clear_bhb_loop+0x45/0xa0
[  190.516605][ T9851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.516621][ T9851] RIP: 0033:0x7f1e58f8e969
[  190.516636][ T9851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.516649][ T9851] RSP: 002b:00007f1e56df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  190.516675][ T9851] RAX: ffffffffffffffda RBX: 00007f1e591b5fa0 RCX: 00007f1e58f8e969
[  190.516687][ T9851] RDX: 0000000000000007 RSI: 0000200000000000 RDI: 0000000000000004
[  190.516697][ T9851] RBP: 00007f1e56df6090 R08: 0000000000000000 R09: 0000000000000000
[  190.516707][ T9851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.516716][ T9851] R13: 0000000000000000 R14: 00007f1e591b5fa0 R15: 00007ffea22b7c98
[  190.516744][ T9851]  </TASK>
[  190.562162][ T9855] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1340'.
[  190.724718][ T9856] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1340'.
[  191.038885][ T9861] netlink: 'syz.1.1344': attribute type 1 has an invalid length.
[  191.168769][ T9861] 8021q: adding VLAN 0 to HW filter on device bond20
[  191.218182][ T1316] net_ratelimit: 9 callbacks suppressed
[  191.218200][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  191.238431][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  191.509030][ T9875] 8021q: adding VLAN 0 to HW filter on device bond29
[  191.559994][ T9876] 8021q: VLANs not supported on vcan0
[  191.808122][   T36] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  191.822889][   T36] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  192.121972][ T9894] xt_hashlimit: overflow, rate too high: 1125899906842624
[  192.341892][ T9902] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1353'.
[  192.386176][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  192.400648][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  192.485954][ T9909] netlink: 'syz.0.1356': attribute type 1 has an invalid length.
[  192.523067][ T9909] 8021q: adding VLAN 0 to HW filter on device bond36
[  192.536531][ T9907] 8021q: VLANs not supported on vcan0
[  192.951186][  T143] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  192.965832][  T143] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  193.302663][ T9935] __nla_validate_parse: 1 callbacks suppressed
[  193.302685][ T9935] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1368'.
[  193.394480][ T9935] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1368'.
[  193.431736][ T9939] lo speed is unknown, defaulting to 1000
[  193.527451][ T9946] netlink: 'syz.0.1372': attribute type 1 has an invalid length.
[  193.588748][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  193.603080][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  193.682852][ T9953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1372'.
[  193.690625][ T9946] 8021q: adding VLAN 0 to HW filter on device bond37
[  193.777677][ T9952] 8021q: VLANs not supported on vcan0
[  194.255326][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  194.261749][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  194.279078][ T9970] netlink: 'syz.4.1382': attribute type 10 has an invalid length.
[  194.291036][ T9974] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1384'.
[  194.300139][ T9970] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1382'.
[  194.332806][ T9970] batman_adv: batadv0: Interface deactivated: dummy0
[  194.342979][ T9974] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1384'.
[  194.362324][ T9970] batman_adv: batadv0: Removing interface: dummy0
[  194.371926][ T9970] bridge0: port 4(dummy0) entered blocking state
[  194.384999][ T9970] bridge0: port 4(dummy0) entered disabled state
[  194.394217][ T9970] dummy0: entered allmulticast mode
[  194.421511][ T9970] dummy0: left allmulticast mode
[  194.576703][ T9984] netlink: 'syz.1.1388': attribute type 1 has an invalid length.
[  194.640296][ T9984] 8021q: adding VLAN 0 to HW filter on device bond21
[  194.650869][ T9988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1388'.
[  194.823496][T10001] FAULT_INJECTION: forcing a failure.
[  194.823496][T10001] name failslab, interval 1, probability 0, space 0, times 0
[  194.850651][T10001] CPU: 0 UID: 0 PID: 10001 Comm: syz.1.1393 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  194.850677][T10001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  194.850686][T10001] Call Trace:
[  194.850693][T10001]  <TASK>
[  194.850700][T10001]  dump_stack_lvl+0x189/0x250
[  194.850730][T10001]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.850752][T10001]  ? __pfx__printk+0x10/0x10
[  194.850772][T10001]  ? trace_fib_table_lookup+0x85/0x200
[  194.850798][T10001]  should_fail_ex+0x414/0x560
[  194.850827][T10001]  should_failslab+0xa8/0x100
[  194.850849][T10001]  kmem_cache_alloc_noprof+0x73/0x3c0
[  194.850868][T10001]  ? dst_alloc+0x105/0x170
[  194.850884][T10001]  ? fib_lookup+0x76/0x440
[  194.850904][T10001]  dst_alloc+0x105/0x170
[  194.850926][T10001]  ip_route_output_key_hash_rcu+0x1482/0x23a0
[  194.850955][T10001]  ? ip_route_output_key_hash+0xde/0x2e0
[  194.850976][T10001]  ip_route_output_key_hash+0x1b9/0x2e0
[  194.850998][T10001]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  194.851035][T10001]  ip_route_output_flow+0x2a/0x150
[  194.851050][T10001]  ? security_sk_classify_flow+0x70/0x180
[  194.851074][T10001]  udp_sendmsg+0x13dd/0x22e0
[  194.851110][T10001]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  194.851127][T10001]  ? __pfx_udp_sendmsg+0x10/0x10
[  194.851162][T10001]  ? __lock_acquire+0xaac/0xd20
[  194.851211][T10001]  udpv6_sendmsg+0xc52/0x2700
[  194.851246][T10001]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  194.851268][T10001]  ? __pfx___might_resched+0x10/0x10
[  194.851292][T10001]  ? stack_depot_save_flags+0x40/0x910
[  194.851329][T10001]  ? aa_sk_perm+0x81e/0x950
[  194.851361][T10001]  ? sock_rps_record_flow+0x19/0x410
[  194.851389][T10001]  ? inet6_sendmsg+0xe4/0x120
[  194.851410][T10001]  __sock_sendmsg+0xe5/0x270
[  194.851434][T10001]  ____sys_sendmsg+0x52d/0x830
[  194.851457][T10001]  ? __pfx_____sys_sendmsg+0x10/0x10
[  194.851485][T10001]  ? import_iovec+0x74/0xa0
[  194.851508][T10001]  ___sys_sendmsg+0x21f/0x2a0
[  194.851527][T10001]  ? __pfx____sys_sendmsg+0x10/0x10
[  194.851590][T10001]  ? __might_fault+0xb0/0x130
[  194.851614][T10001]  __sys_sendmmsg+0x227/0x430
[  194.851638][T10001]  ? __pfx___sys_sendmmsg+0x10/0x10
[  194.851669][T10001]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  194.851708][T10001]  ? ksys_write+0x1f0/0x250
[  194.851724][T10001]  ? rcu_is_watching+0x15/0xb0
[  194.851758][T10001]  __x64_sys_sendmmsg+0xa0/0xc0
[  194.851776][T10001]  do_syscall_64+0xf6/0x210
[  194.851798][T10001]  ? clear_bhb_loop+0x45/0xa0
[  194.851819][T10001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.851834][T10001] RIP: 0033:0x7fa36bf8e969
[  194.851849][T10001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.851862][T10001] RSP: 002b:00007fa36cd3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  194.851879][T10001] RAX: ffffffffffffffda RBX: 00007fa36c1b5fa0 RCX: 00007fa36bf8e969
[  194.851891][T10001] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  194.851903][T10001] RBP: 00007fa36cd3f090 R08: 0000000000000000 R09: 0000000000000000
[  194.851913][T10001] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000002
[  194.851924][T10001] R13: 0000000000000000 R14: 00007fa36c1b5fa0 R15: 00007ffd64130058
[  194.851951][T10001]  </TASK>
[  195.333766][T10011] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1397'.
[  195.349286][T10011] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1397'.
[  195.539127][T10021] netlink: 'syz.1.1401': attribute type 1 has an invalid length.
[  195.597916][T10021] 8021q: adding VLAN 0 to HW filter on device bond22
[  195.610324][T10024] netlink: 'syz.4.1404': attribute type 10 has an invalid length.
[  195.613368][T10021] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1401'.
[  195.641524][T10024] netlink: 'syz.4.1404': attribute type 10 has an invalid length.
[  195.655837][T10027] xt_TCPMSS: Only works on TCP SYN packets
[  195.764591][T10030] lo speed is unknown, defaulting to 1000
[  196.298779][T10059] FAULT_INJECTION: forcing a failure.
[  196.298779][T10059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.326615][ T5836] Bluetooth: hci2: command 0x0406 tx timeout
[  196.326662][ T5848] Bluetooth: hci1: command 0x0406 tx timeout
[  196.334264][ T5836] Bluetooth: hci3: command 0x0406 tx timeout
[  196.338849][ T5842] Bluetooth: hci0: command 0x0406 tx timeout
[  196.376856][T10062] xt_connbytes: Forcing CT accounting to be enabled
[  196.380875][ T1316] net_ratelimit: 9 callbacks suppressed
[  196.380890][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  196.383932][T10062] Cannot find add_set index 0 as target
[  196.389225][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  196.407853][T10059] CPU: 1 UID: 0 PID: 10059 Comm: syz.3.1415 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  196.407878][T10059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  196.407906][T10059] Call Trace:
[  196.407913][T10059]  <TASK>
[  196.407920][T10059]  dump_stack_lvl+0x189/0x250
[  196.407951][T10059]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.407974][T10059]  ? __pfx__printk+0x10/0x10
[  196.408002][T10059]  should_fail_ex+0x414/0x560
[  196.408040][T10059]  _copy_to_user+0x31/0xb0
[  196.408062][T10059]  simple_read_from_buffer+0xe1/0x170
[  196.408086][T10059]  proc_fail_nth_read+0x1df/0x250
[  196.408111][T10059]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  196.408136][T10059]  ? rw_verify_area+0x258/0x650
[  196.408153][T10059]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  196.408176][T10059]  vfs_read+0x1fd/0x980
[  196.408199][T10059]  ? __pfx___mutex_lock+0x10/0x10
[  196.408220][T10059]  ? __pfx_vfs_read+0x10/0x10
[  196.408240][T10059]  ? __fget_files+0x2a/0x420
[  196.408264][T10059]  ? __fget_files+0x3a0/0x420
[  196.408282][T10059]  ? __fget_files+0x2a/0x420
[  196.408310][T10059]  ksys_read+0x145/0x250
[  196.408331][T10059]  ? __pfx_ksys_read+0x10/0x10
[  196.408351][T10059]  ? do_syscall_64+0xba/0x210
[  196.408376][T10059]  do_syscall_64+0xf6/0x210
[  196.408396][T10059]  ? clear_bhb_loop+0x45/0xa0
[  196.408417][T10059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.408432][T10059] RIP: 0033:0x7f322c98d37c
[  196.408448][T10059] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  196.408462][T10059] RSP: 002b:00007f322d789030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  196.408479][T10059] RAX: ffffffffffffffda RBX: 00007f322cbb5fa0 RCX: 00007f322c98d37c
[  196.408491][T10059] RDX: 000000000000000f RSI: 00007f322d7890a0 RDI: 0000000000000006
[  196.408502][T10059] RBP: 00007f322d789090 R08: 0000000000000000 R09: 0000000000000000
[  196.408513][T10059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.408522][T10059] R13: 0000000000000000 R14: 00007f322cbb5fa0 R15: 00007ffc7d6b8fb8
[  196.408550][T10059]  </TASK>
[  196.524193][T10064] netlink: 'syz.0.1418': attribute type 1 has an invalid length.
[  196.742912][T10064] 8021q: adding VLAN 0 to HW filter on device bond38
[  196.913695][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  196.928243][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  197.000458][T10082] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  197.186491][T10091] bond23: entered promiscuous mode
[  197.193134][T10091] 8021q: adding VLAN 0 to HW filter on device bond23
[  197.462227][T10109] netlink: 'syz.1.1433': attribute type 1 has an invalid length.
[  197.482749][   T62] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  197.501368][   T62] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  197.558015][T10109] 8021q: adding VLAN 0 to HW filter on device bond24
[  197.573541][T10118] xt_recent: Unsupported userspace flags (00000048)
[  197.707531][T10124] nbd: device at index 64 is going down
[  197.752915][T10126] FAULT_INJECTION: forcing a failure.
[  197.752915][T10126] name failslab, interval 1, probability 0, space 0, times 0
[  197.804983][T10126] CPU: 1 UID: 0 PID: 10126 Comm: syz.1.1438 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  197.805009][T10126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  197.805019][T10126] Call Trace:
[  197.805025][T10126]  <TASK>
[  197.805032][T10126]  dump_stack_lvl+0x189/0x250
[  197.805063][T10126]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.805086][T10126]  ? __pfx__printk+0x10/0x10
[  197.805109][T10126]  ? __pfx___might_resched+0x10/0x10
[  197.805124][T10126]  ? fs_reclaim_acquire+0x7d/0x100
[  197.805157][T10126]  should_fail_ex+0x414/0x560
[  197.805186][T10126]  should_failslab+0xa8/0x100
[  197.805210][T10126]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  197.805230][T10126]  ? __pfx_tcp_set_state+0x10/0x10
[  197.805248][T10126]  ? __alloc_skb+0x112/0x2d0
[  197.805269][T10126]  __alloc_skb+0x112/0x2d0
[  197.805289][T10126]  tcp_send_active_reset+0x8c/0x6d0
[  197.805314][T10126]  tcp_disconnect+0x171/0x1b20
[  197.805343][T10126]  __mptcp_close_ssk+0x482/0xfd0
[  197.805367][T10126]  mptcp_destroy_common+0x152/0x320
[  197.805393][T10126]  mptcp_disconnect+0x23d/0x680
[  197.805417][T10126]  __inet_stream_connect+0x37f/0xf10
[  197.805448][T10126]  ? __local_bh_enable_ip+0x12d/0x1c0
[  197.805472][T10126]  ? __pfx___inet_stream_connect+0x10/0x10
[  197.805493][T10126]  ? __local_bh_enable_ip+0x12d/0x1c0
[  197.805516][T10126]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  197.805549][T10126]  inet_stream_connect+0x66/0xa0
[  197.805573][T10126]  __sys_connect+0x313/0x440
[  197.805596][T10126]  ? __fget_files+0x3a0/0x420
[  197.805618][T10126]  ? __pfx___sys_connect+0x10/0x10
[  197.805664][T10126]  __x64_sys_connect+0x7a/0x90
[  197.805689][T10126]  do_syscall_64+0xf6/0x210
[  197.805710][T10126]  ? clear_bhb_loop+0x45/0xa0
[  197.805731][T10126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.805748][T10126] RIP: 0033:0x7fa36bf8e969
[  197.805763][T10126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.805777][T10126] RSP: 002b:00007fa36cd3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  197.805793][T10126] RAX: ffffffffffffffda RBX: 00007fa36c1b5fa0 RCX: 00007fa36bf8e969
[  197.805805][T10126] RDX: 000000000000006e RSI: 000020000057eff8 RDI: 0000000000000006
[  197.805816][T10126] RBP: 00007fa36cd3f090 R08: 0000000000000000 R09: 0000000000000000
[  197.805826][T10126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.805835][T10126] R13: 0000000000000000 R14: 00007fa36c1b5fa0 R15: 00007ffd64130058
[  197.805865][T10126]  </TASK>
[  197.825925][T10130] netlink: 'syz.4.1439': attribute type 1 has an invalid length.
[  198.090757][ T9604] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  198.108283][ T9604] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  198.249575][T10134] 8021q: adding VLAN 0 to HW filter on device bond39
[  198.692544][T10164] __nla_validate_parse: 13 callbacks suppressed
[  198.693067][T10164] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1447'.
[  198.696078][T10165] netlink: 'syz.4.1448': attribute type 1 has an invalid length.
[  198.725189][ T9604] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  198.854472][T10165] 8021q: adding VLAN 0 to HW filter on device bond30
[  199.097465][T10185] No such timeout policy "syz0"
[  199.331653][T10201] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1461'.
[  199.398727][T10201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1461'.
[  199.440380][T10212] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1464'.
[  199.442104][T10201] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1461'.
[  200.200603][T10240] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1473'.
[  200.228503][T10244] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1476'.
[  200.238827][T10243] netlink: 'syz.1.1475': attribute type 3 has an invalid length.
[  200.297481][T10244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1476'.
[  200.307009][T10246] netlink: 'syz.2.1473': attribute type 1 has an invalid length.
[  200.317239][T10244] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1476'.
[  200.479341][T10246] bond31: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  200.533347][T10261] trusted_key: syz.0.1483 sent an empty control message without MSG_MORE.
[  200.604900][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1483'.
[  201.169413][T10284] netem: incorrect ge model size
[  201.174686][T10284] netem: change failed
[  201.195274][T10278] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  201.837265][ T9604] net_ratelimit: 30 callbacks suppressed
[  201.837282][ T9604] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  201.860764][ T9604] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  201.976566][T10321] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  202.022782][T10319] tipc: Disabling bearer <eth:syzkaller0>
[  202.436676][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  202.451415][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  202.799484][T10363] 8021q: VLANs not supported on vcan0
[  202.914036][T10370] vlan0: entered promiscuous mode
[  202.983246][T10376] netlink: 'syz.0.1524': attribute type 10 has an invalid length.
[  202.993294][T10376] FAULT_INJECTION: forcing a failure.
[  202.993294][T10376] name failslab, interval 1, probability 0, space 0, times 0
[  203.010482][T10376] CPU: 1 UID: 0 PID: 10376 Comm: syz.0.1524 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  203.010505][T10376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  203.010515][T10376] Call Trace:
[  203.010521][T10376]  <TASK>
[  203.010529][T10376]  dump_stack_lvl+0x189/0x250
[  203.010559][T10376]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.010582][T10376]  ? __pfx__printk+0x10/0x10
[  203.010604][T10376]  ? __pfx___might_resched+0x10/0x10
[  203.010624][T10376]  should_fail_ex+0x414/0x560
[  203.010654][T10376]  should_failslab+0xa8/0x100
[  203.010676][T10376]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  203.010696][T10376]  ? __alloc_skb+0x112/0x2d0
[  203.010715][T10376]  __alloc_skb+0x112/0x2d0
[  203.010732][T10376]  netlink_sendmsg+0x5c6/0xb30
[  203.010756][T10376]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.010774][T10376]  ? aa_sock_msg_perm+0x94/0x160
[  203.010793][T10376]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  203.010810][T10376]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.010826][T10376]  __sock_sendmsg+0x219/0x270
[  203.010851][T10376]  ____sys_sendmsg+0x505/0x830
[  203.010874][T10376]  ? __pfx_____sys_sendmsg+0x10/0x10
[  203.010902][T10376]  ? import_iovec+0x74/0xa0
[  203.010925][T10376]  ___sys_sendmsg+0x21f/0x2a0
[  203.010945][T10376]  ? __pfx____sys_sendmsg+0x10/0x10
[  203.010998][T10376]  ? __fget_files+0x2a/0x420
[  203.011017][T10376]  ? __fget_files+0x3a0/0x420
[  203.011047][T10376]  __x64_sys_sendmsg+0x19b/0x260
[  203.011067][T10376]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  203.011100][T10376]  ? do_syscall_64+0xba/0x210
[  203.011126][T10376]  do_syscall_64+0xf6/0x210
[  203.011146][T10376]  ? clear_bhb_loop+0x45/0xa0
[  203.011166][T10376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.011181][T10376] RIP: 0033:0x7f9ca518e969
[  203.011196][T10376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.011210][T10376] RSP: 002b:00007f9ca5f4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.011228][T10376] RAX: ffffffffffffffda RBX: 00007f9ca53b5fa0 RCX: 00007f9ca518e969
[  203.011240][T10376] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000007
[  203.011251][T10376] RBP: 00007f9ca5f4c090 R08: 0000000000000000 R09: 0000000000000000
[  203.011261][T10376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.011271][T10376] R13: 0000000000000000 R14: 00007f9ca53b5fa0 R15: 00007ffd6aa16918
[  203.011298][T10376]  </TASK>
[  203.272185][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  203.289241][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  203.401918][T10379] netlink: 'syz.1.1527': attribute type 10 has an invalid length.
[  203.473156][T10384] x_tables: ip_tables: NFQUEUE.3 target: invalid size 8 (kernel) != (user) 0
[  203.847850][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  203.862207][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  204.180713][T10410] FAULT_INJECTION: forcing a failure.
[  204.180713][T10410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.224359][T10410] CPU: 0 UID: 0 PID: 10410 Comm: syz.3.1536 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  204.224390][T10410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  204.224403][T10410] Call Trace:
[  204.224410][T10410]  <TASK>
[  204.224418][T10410]  dump_stack_lvl+0x189/0x250
[  204.224461][T10410]  ? __lock_acquire+0xaac/0xd20
[  204.224503][T10410]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.224524][T10410]  ? __pfx__printk+0x10/0x10
[  204.224540][T10410]  ? __might_fault+0xb0/0x130
[  204.224572][T10410]  should_fail_ex+0x414/0x560
[  204.224606][T10410]  _copy_from_user+0x2d/0xb0
[  204.224640][T10410]  ___sys_sendmsg+0x158/0x2a0
[  204.224663][T10410]  ? __pfx____sys_sendmsg+0x10/0x10
[  204.224717][T10410]  ? __fget_files+0x2a/0x420
[  204.224752][T10410]  ? __fget_files+0x3a0/0x420
[  204.224780][T10410]  __sys_sendmmsg+0x227/0x430
[  204.224806][T10410]  ? __pfx___sys_sendmmsg+0x10/0x10
[  204.224847][T10410]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  204.224884][T10410]  ? ksys_write+0x1f0/0x250
[  204.224899][T10410]  ? rcu_is_watching+0x15/0xb0
[  204.224931][T10410]  __x64_sys_sendmmsg+0xa0/0xc0
[  204.224951][T10410]  do_syscall_64+0xf6/0x210
[  204.224973][T10410]  ? clear_bhb_loop+0x45/0xa0
[  204.224994][T10410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.225010][T10410] RIP: 0033:0x7f322c98e969
[  204.225025][T10410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.225040][T10410] RSP: 002b:00007f322d789038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  204.225057][T10410] RAX: ffffffffffffffda RBX: 00007f322cbb5fa0 RCX: 00007f322c98e969
[  204.225070][T10410] RDX: 0000000000000002 RSI: 0000200000004d40 RDI: 0000000000000003
[  204.225081][T10410] RBP: 00007f322d789090 R08: 0000000000000000 R09: 0000000000000000
[  204.225091][T10410] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  204.225102][T10410] R13: 0000000000000000 R14: 00007f322cbb5fa0 R15: 00007ffc7d6b8fb8
[  204.225129][T10410]  </TASK>
[  204.437842][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  204.452315][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  204.475138][T10416] __nla_validate_parse: 18 callbacks suppressed
[  204.475154][T10416] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1538'.
[  204.533627][T10416] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1538'.
[  204.628591][T10418] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1539'.
[  205.221759][T10449] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1550'.
[  205.281871][T10449] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1550'.
[  205.366959][T10451] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1551'.
[  205.779333][T10470] netlink: 'syz.0.1560': attribute type 19 has an invalid length.
[  205.824972][T10470] syz_tun: entered allmulticast mode
[  205.857764][T10470] dvmrp8: entered allmulticast mode
[  205.872393][T10469] syz_tun: left allmulticast mode
[  205.883232][T10469] dvmrp8: left allmulticast mode
[  206.021473][T10481] IPVS: set_ctl: invalid protocol: 103 255.255.255.255:20001
[  206.057413][ T5912] IPVS: starting estimator thread 0...
[  206.094854][T10484] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1564'.
[  206.108344][T10484] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1564'.
[  206.155755][T10482] IPVS: using max 38 ests per chain, 91200 per kthread
[  206.169060][T10486] Cannot find add_set index 0 as target
[  206.193067][T10488] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1566'.
[  206.204651][T10488] xt_recent: Unsupported userspace flags (00000048)
[  206.215981][T10488] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1566'.
[  206.305941][T10492] nbd: device at index 64 is going down
[  206.313555][T10491] xt_recent: Unsupported userspace flags (00000048)
[  206.344147][T10491] nbd: device at index 64 is going down
[  206.381754][T10491] nbd: device at index 64 is going down
[  206.854232][T10520] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  207.130405][ T1316] net_ratelimit: 10 callbacks suppressed
[  207.130423][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  207.150868][ T1316] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  207.165892][T10531] lo speed is unknown, defaulting to 1000
[  207.176625][T10531] lo speed is unknown, defaulting to 1000
[  207.184176][T10531] lo speed is unknown, defaulting to 1000
[  207.203859][T10531] infiniband s›z0: RDMA CMA: cma_listen_on_dev, error -98
[  207.257886][ T5839] lo speed is unknown, defaulting to 1000
[  207.320209][T10531] lo speed is unknown, defaulting to 1000
[  207.356480][T10531] lo speed is unknown, defaulting to 1000
[  207.364512][T10531] lo speed is unknown, defaulting to 1000
[  207.372307][T10531] lo speed is unknown, defaulting to 1000
[  207.380695][T10531] lo speed is unknown, defaulting to 1000
[  207.580801][T10550] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input17
[  207.705621][ T5839] IPVS: starting estimator thread 0...
[  207.719975][   T62] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  207.734435][   T62] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  207.805815][T10557] IPVS: using max 28 ests per chain, 67200 per kthread
[  208.269397][  T143] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  208.283976][  T143] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  208.444578][T10549] batman_adv: batadv0: Interface deactivated: dummy0
[  208.788641][T10549] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.822982][T10549] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.994170][T10549] vlan0: left promiscuous mode
[  209.099186][T10549] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  209.119943][T10549] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  209.131597][T10549] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  209.140591][T10549] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  209.419466][T10571] workqueue: Failed to create a rescuer kthread for wq "bond25": -EINTR
[  209.425468][T10552] workqueue: Failed to create a rescuer kthread for wq "bond40": -EINTR
[  210.363565][T10618] 8021q: adding VLAN 0 to HW filter on device bond31
[  210.682264][T10631] FAULT_INJECTION: forcing a failure.
[  210.682264][T10631] name failslab, interval 1, probability 0, space 0, times 0
[  210.709123][T10631] CPU: 1 UID: 0 PID: 10631 Comm: syz.1.1610 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  210.709147][T10631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  210.709157][T10631] Call Trace:
[  210.709164][T10631]  <TASK>
[  210.709171][T10631]  dump_stack_lvl+0x189/0x250
[  210.709205][T10631]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.709225][T10631]  ? __pfx__printk+0x10/0x10
[  210.709254][T10631]  should_fail_ex+0x414/0x560
[  210.709282][T10631]  should_failslab+0xa8/0x100
[  210.709303][T10631]  __kmalloc_cache_noprof+0x70/0x3d0
[  210.709323][T10631]  ? sctp_add_bind_addr+0x8c/0x370
[  210.709349][T10631]  sctp_add_bind_addr+0x8c/0x370
[  210.709373][T10631]  sctp_copy_local_addr_list+0x30b/0x4e0
[  210.709397][T10631]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  210.709418][T10631]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  210.709440][T10631]  ? sctp_v6_is_any+0x64/0x80
[  210.709463][T10631]  ? sctp_copy_one_addr+0x93/0x360
[  210.709485][T10631]  sctp_bind_addr_copy+0xb3/0x3c0
[  210.709506][T10631]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  210.709528][T10631]  sctp_connect_new_asoc+0x2e0/0x690
[  210.709549][T10631]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  210.709562][T10631]  ? __local_bh_enable_ip+0x12d/0x1c0
[  210.709649][T10631]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  210.709662][T10631]  ? security_sctp_bind_connect+0x7e/0x2e0
[  210.709676][T10631]  sctp_sendmsg+0x155c/0x2810
[  210.709693][T10631]  ? __pfx_sctp_sendmsg+0x10/0x10
[  210.709704][T10631]  ? aa_sk_perm+0x81e/0x950
[  210.709720][T10631]  ? __pfx_aa_sk_perm+0x10/0x10
[  210.709735][T10631]  ? sock_rps_record_flow+0x19/0x410
[  210.709748][T10631]  ? inet_sendmsg+0x2f4/0x370
[  210.709762][T10631]  __sock_sendmsg+0x19c/0x270
[  210.709777][T10631]  __sys_sendto+0x3bd/0x520
[  210.709787][T10631]  ? __pfx___sys_sendto+0x10/0x10
[  210.709795][T10631]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  210.709814][T10631]  ? __fget_files+0x3a0/0x420
[  210.709832][T10631]  ? ksys_write+0x1f0/0x250
[  210.709844][T10631]  ? rcu_is_watching+0x15/0xb0
[  210.709862][T10631]  __x64_sys_sendto+0xde/0x100
[  210.709873][T10631]  do_syscall_64+0xf6/0x210
[  210.709886][T10631]  ? clear_bhb_loop+0x45/0xa0
[  210.709898][T10631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.709908][T10631] RIP: 0033:0x7fa36bf8e969
[  210.709918][T10631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.709926][T10631] RSP: 002b:00007fa36cd3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  210.709937][T10631] RAX: ffffffffffffffda RBX: 00007fa36c1b5fa0 RCX: 00007fa36bf8e969
[  210.709943][T10631] RDX: 0000000000000001 RSI: 0000200000847fff RDI: 0000000000000003
[  210.709949][T10631] RBP: 00007fa36cd3f090 R08: 000020000005ffe4 R09: 000000000000001c
[  210.709955][T10631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  210.709960][T10631] R13: 0000000000000000 R14: 00007fa36c1b5fa0 R15: 00007ffd64130058
[  210.709976][T10631]  </TASK>
[  211.112791][T10636] lo speed is unknown, defaulting to 1000
[  211.120916][T10636] lo speed is unknown, defaulting to 1000
[  211.177125][T10629] lo speed is unknown, defaulting to 1000
[  211.197144][T10629] lo speed is unknown, defaulting to 1000
[  211.272018][T10639] lo speed is unknown, defaulting to 1000
[  211.344723][T10639] lo speed is unknown, defaulting to 1000
[  212.249134][T10680] netlink: 'syz.1.1621': attribute type 1 has an invalid length.
[  212.300865][T10683] __nla_validate_parse: 9 callbacks suppressed
[  212.300882][T10683] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1621'.
[  212.334061][T10682] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1622'.
[  212.345007][T10682] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1622'.
[  212.370853][T10683] batadv2: entered promiscuous mode
[  212.403629][T10683] batadv2: entered allmulticast mode
[  212.429598][T10682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  212.445259][T10682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.458321][T10685] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1621'.
[  212.860287][T10693] 8021q: VLANs not supported on vcan0
[  213.268995][T10713] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  213.290391][T10712] tipc: Disabling bearer <eth:syzkaller0>
[  213.485961][T10722] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1636'.
[  213.495841][T10719] bridge0: Device is already in use.
[  213.771790][T10739] openvswitch: netlink: Flow actions attr not present in new flow.
[  213.880818][T10733] netlink: 'syz.1.1641': attribute type 1 has an invalid length.
[  213.924832][T10733] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1641'.
[  214.026164][T10734] 8021q: adding VLAN 0 to HW filter on device bond31
[  214.297100][T10761] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1648'.
[  214.323555][T10761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1648'.
[  214.342820][T10766] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1650'.
[  214.362221][T10761] netlink: 'syz.4.1648': attribute type 14 has an invalid length.
[  214.363341][T10767] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1649'.
[  214.383162][T10761] netlink: 'syz.4.1648': attribute type 13 has an invalid length.
[  214.992223][T10798] netlink: 'syz.1.1660': attribute type 11 has an invalid length.
[  215.182185][T10793] 8021q: adding VLAN 0 to HW filter on device bond32
[  215.193562][T10807] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  215.305634][   T30] audit: type=1800 audit(1745962934.811:2): pid=10809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1664" name="memory.events" dev="tmpfs" ino=1692 res=0 errno=0
[  215.358977][   T30] audit: type=1804 audit(1745962934.871:3): pid=10809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1664" name="memory.events" dev="tmpfs" ino=1692 res=1 errno=0
[  215.393611][T10806] team0 (unregistering): left promiscuous mode
[  215.402535][T10806] team_slave_0: left promiscuous mode
[  215.412380][T10806] team_slave_1: left promiscuous mode
[  215.418193][T10806] gretap1: left promiscuous mode
[  215.434848][T10806] team0 (unregistering): Port device team_slave_0 removed
[  215.451895][T10806] team0 (unregistering): Port device team_slave_1 removed
[  215.468142][T10806] team0 (unregistering): Port device gretap1 removed
[  215.653859][T10823] FAULT_INJECTION: forcing a failure.
[  215.653859][T10823] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.671544][T10823] CPU: 0 UID: 0 PID: 10823 Comm: syz.2.1670 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  215.671568][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  215.671578][T10823] Call Trace:
[  215.671585][T10823]  <TASK>
[  215.671592][T10823]  dump_stack_lvl+0x189/0x250
[  215.671621][T10823]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.671642][T10823]  ? __pfx__printk+0x10/0x10
[  215.671670][T10823]  should_fail_ex+0x414/0x560
[  215.671698][T10823]  _copy_from_user+0x2d/0xb0
[  215.671719][T10823]  __copy_msghdr+0x3c5/0x5b0
[  215.671742][T10823]  ___sys_sendmsg+0x1a5/0x2a0
[  215.671762][T10823]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.671814][T10823]  ? __fget_files+0x2a/0x420
[  215.671834][T10823]  ? __fget_files+0x3a0/0x420
[  215.671864][T10823]  __sys_sendmmsg+0x227/0x430
[  215.671888][T10823]  ? __pfx___sys_sendmmsg+0x10/0x10
[  215.671914][T10823]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  215.671958][T10823]  ? ksys_write+0x1f0/0x250
[  215.671975][T10823]  ? rcu_is_watching+0x15/0xb0
[  215.672007][T10823]  __x64_sys_sendmmsg+0xa0/0xc0
[  215.672027][T10823]  do_syscall_64+0xf6/0x210
[  215.672049][T10823]  ? clear_bhb_loop+0x45/0xa0
[  215.672070][T10823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.672085][T10823] RIP: 0033:0x7f14c658e969
[  215.672100][T10823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.672123][T10823] RSP: 002b:00007f14c734a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  215.672142][T10823] RAX: ffffffffffffffda RBX: 00007f14c67b5fa0 RCX: 00007f14c658e969
[  215.672154][T10823] RDX: 0000000000000002 RSI: 0000200000004d40 RDI: 0000000000000003
[  215.672165][T10823] RBP: 00007f14c734a090 R08: 0000000000000000 R09: 0000000000000000
[  215.672175][T10823] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  215.672185][T10823] R13: 0000000000000000 R14: 00007f14c67b5fa0 R15: 00007ffe5625f188
[  215.672213][T10823]  </TASK>
[  216.089746][T10838] netlink: 'syz.3.1675': attribute type 10 has an invalid length.
[  216.121259][T10839] vlan2: entered promiscuous mode
[  216.142857][T10847] netlink: 'syz.3.1675': attribute type 10 has an invalid length.
[  216.162006][T10845] netlink: 'syz.1.1676': attribute type 11 has an invalid length.
[  216.484872][ T5838] Bluetooth: hci4: command 0x0405 tx timeout
[  216.504523][T10867] netlink: 'syz.2.1682': attribute type 1 has an invalid length.
[  216.580313][T10870] FAULT_INJECTION: forcing a failure.
[  216.580313][T10870] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.584288][T10865] 8021q: adding VLAN 0 to HW filter on device bond32
[  216.601999][T10870] CPU: 0 UID: 0 PID: 10870 Comm: syz.1.1684 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  216.602024][T10870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  216.602035][T10870] Call Trace:
[  216.602042][T10870]  <TASK>
[  216.602049][T10870]  dump_stack_lvl+0x189/0x250
[  216.602075][T10870]  ? __lock_acquire+0xaac/0xd20
[  216.602100][T10870]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.602122][T10870]  ? __pfx__printk+0x10/0x10
[  216.602140][T10870]  ? __might_fault+0xb0/0x130
[  216.602172][T10870]  should_fail_ex+0x414/0x560
[  216.602201][T10870]  _copy_from_user+0x2d/0xb0
[  216.602222][T10870]  generic_map_update_batch+0x572/0x7f0
[  216.602259][T10870]  ? __pfx_generic_map_update_batch+0x10/0x10
[  216.602284][T10870]  ? __fget_files+0x2a/0x420
[  216.602311][T10870]  ? __pfx_generic_map_update_batch+0x10/0x10
[  216.602334][T10870]  bpf_map_do_batch+0x369/0x5f0
[  216.602361][T10870]  __sys_bpf+0x384/0x860
[  216.602382][T10870]  ? __pfx___sys_bpf+0x10/0x10
[  216.602414][T10870]  ? ksys_write+0x1f0/0x250
[  216.602431][T10870]  ? rcu_is_watching+0x15/0xb0
[  216.602465][T10870]  __x64_sys_bpf+0x7c/0x90
[  216.602483][T10870]  do_syscall_64+0xf6/0x210
[  216.602506][T10870]  ? clear_bhb_loop+0x45/0xa0
[  216.602526][T10870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.602542][T10870] RIP: 0033:0x7fa36bf8e969
[  216.602557][T10870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.602572][T10870] RSP: 002b:00007fa36cd3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  216.602590][T10870] RAX: ffffffffffffffda RBX: 00007fa36c1b5fa0 RCX: 00007fa36bf8e969
[  216.602603][T10870] RDX: 0000000000000038 RSI: 0000200000000140 RDI: 000000000000001a
[  216.602613][T10870] RBP: 00007fa36cd3f090 R08: 0000000000000000 R09: 0000000000000000
[  216.602624][T10870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  216.602633][T10870] R13: 0000000000000000 R14: 00007fa36c1b5fa0 R15: 00007ffd64130058
[  216.602661][T10870]  </TASK>
[  216.842253][T10873] nbd: must specify a size in bytes for the device
[  217.192944][T10892] netlink: 'syz.1.1691': attribute type 10 has an invalid length.
[  217.205356][T10892] batadv0: entered promiscuous mode
[  217.210624][T10892] batadv0: entered allmulticast mode
[  217.238351][T10892] bond0: (slave batadv0): Releasing backup interface
[  217.251169][T10898] netlink: 'syz.1.1691': attribute type 10 has an invalid length.
[  217.328208][T10892] bridge0: port 3(batadv0) entered blocking state
[  217.358403][T10892] bridge0: port 3(batadv0) entered disabled state
[  217.391319][T10898] __nla_validate_parse: 12 callbacks suppressed
[  217.391338][T10898] netlink: 900 bytes leftover after parsing attributes in process `syz.1.1691'.
[  217.436861][   T62] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  217.446299][   T62] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  217.496334][T10914] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  217.771638][T10923] lo speed is unknown, defaulting to 1000
[  217.792645][T10923] lo speed is unknown, defaulting to 1000
[  218.177025][T10945] xt_connbytes: Forcing CT accounting to be enabled
[  218.190057][T10945] Cannot find del_set index 1 as target
[  218.235800][T10947] FAULT_INJECTION: forcing a failure.
[  218.235800][T10947] name failslab, interval 1, probability 0, space 0, times 0
[  218.298837][T10947] CPU: 1 UID: 0 PID: 10947 Comm: syz.4.1710 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  218.298863][T10947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  218.298874][T10947] Call Trace:
[  218.298880][T10947]  <TASK>
[  218.298887][T10947]  dump_stack_lvl+0x189/0x250
[  218.298918][T10947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.298940][T10947]  ? __pfx__printk+0x10/0x10
[  218.298962][T10947]  ? __pfx___might_resched+0x10/0x10
[  218.298983][T10947]  should_fail_ex+0x414/0x560
[  218.299012][T10947]  should_failslab+0xa8/0x100
[  218.299035][T10947]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  218.299055][T10947]  ? __alloc_skb+0x112/0x2d0
[  218.299069][T10947]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  218.299092][T10947]  __alloc_skb+0x112/0x2d0
[  218.299117][T10947]  __ip_append_data+0x2db9/0x40f0
[  218.299155][T10947]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  218.299194][T10947]  ? __pfx___ip_append_data+0x10/0x10
[  218.299210][T10947]  ? ipv4_mtu+0x23/0x5c0
[  218.299230][T10947]  ? ip_setup_cork+0x579/0x9b0
[  218.299252][T10947]  ip_make_skb+0x1de/0x3f0
[  218.299277][T10947]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  218.299296][T10947]  ? __pfx_ip_make_skb+0x10/0x10
[  218.299335][T10947]  udp_sendmsg+0x18f6/0x22e0
[  218.299376][T10947]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  218.299395][T10947]  ? __pfx_udp_sendmsg+0x10/0x10
[  218.299422][T10947]  ? page_table_check_set+0x16b/0x710
[  218.299441][T10947]  ? cgroup_rstat_updated+0x144/0xb50
[  218.299493][T10947]  ? __count_memcg_events+0x19f/0x370
[  218.299524][T10947]  udpv6_sendmsg+0xc52/0x2700
[  218.299560][T10947]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  218.299581][T10947]  ? __pfx___might_resched+0x10/0x10
[  218.299614][T10947]  ? aa_sk_perm+0x81e/0x950
[  218.299645][T10947]  ? sock_rps_record_flow+0x19/0x410
[  218.299673][T10947]  ? inet6_sendmsg+0xe4/0x120
[  218.299697][T10947]  __sock_sendmsg+0xe5/0x270
[  218.299721][T10947]  ____sys_sendmsg+0x52d/0x830
[  218.299745][T10947]  ? __pfx_____sys_sendmsg+0x10/0x10
[  218.299772][T10947]  ? import_iovec+0x74/0xa0
[  218.299796][T10947]  ___sys_sendmsg+0x21f/0x2a0
[  218.299819][T10947]  ? __pfx____sys_sendmsg+0x10/0x10
[  218.299871][T10947]  ? __fget_files+0x2a/0x420
[  218.299891][T10947]  ? __fget_files+0x3a0/0x420
[  218.299921][T10947]  __sys_sendmmsg+0x227/0x430
[  218.299944][T10947]  ? __pfx___sys_sendmmsg+0x10/0x10
[  218.299972][T10947]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  218.300011][T10947]  ? ksys_write+0x1f0/0x250
[  218.300027][T10947]  ? rcu_is_watching+0x15/0xb0
[  218.300060][T10947]  __x64_sys_sendmmsg+0xa0/0xc0
[  218.300081][T10947]  do_syscall_64+0xf6/0x210
[  218.300111][T10947]  ? clear_bhb_loop+0x45/0xa0
[  218.300132][T10947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.300148][T10947] RIP: 0033:0x7f1e58f8e969
[  218.300162][T10947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.300177][T10947] RSP: 002b:00007f1e56df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  218.300195][T10947] RAX: ffffffffffffffda RBX: 00007f1e591b5fa0 RCX: 00007f1e58f8e969
[  218.300207][T10947] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  218.300217][T10947] RBP: 00007f1e56df6090 R08: 0000000000000000 R09: 0000000000000000
[  218.300227][T10947] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000002
[  218.300237][T10947] R13: 0000000000000000 R14: 00007f1e591b5fa0 R15: 00007ffea22b7c98
[  218.300265][T10947]  </TASK>
[  218.708529][T10952] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1711'.
[  218.761328][T10954] xt_recent: Unsupported userspace flags (00000048)
[  218.787397][T10954] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1711'.
[  218.886416][T10943] 8021q: adding VLAN 0 to HW filter on device bond32
[  219.049358][T10963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1714'.
[  219.067378][T10952] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1711'.
[  219.078214][T10955] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1711'.
[  219.087343][T10955] nbd: device at index 64 is going down
[  219.128229][T10963] xt_recent: Unsupported userspace flags (00000048)
[  219.173862][T10963] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1714'.
[  219.183403][T10963] nbd: device at index 64 is going down
[  219.192347][T10963] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1714'.
[  219.220740][T10963] nbd: device at index 64 is going down
[  219.484924][T10979] netlink: 'syz.4.1718': attribute type 10 has an invalid length.
[  219.519697][T10979] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1718'.
[  219.528015][T10983] pimreg: entered allmulticast mode
[  219.556581][T10983] 8021q: VLANs not supported on pimreg
[  219.570675][T10979] netlink: 'syz.4.1718': attribute type 10 has an invalid length.
[  219.591386][T10979] netlink: 900 bytes leftover after parsing attributes in process `syz.4.1718'.
[  219.593421][T10983] netlink: 'syz.2.1720': attribute type 1 has an invalid length.
[  219.984370][T11008] x_tables: duplicate underflow at hook 1
[  220.252839][T11015] FAULT_INJECTION: forcing a failure.
[  220.252839][T11015] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.270624][T11015] CPU: 0 UID: 0 PID: 11015 Comm: syz.1.1729 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  220.270655][T11015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  220.270666][T11015] Call Trace:
[  220.270673][T11015]  <TASK>
[  220.270680][T11015]  dump_stack_lvl+0x189/0x250
[  220.270704][T11015]  ? __lock_acquire+0xaac/0xd20
[  220.270728][T11015]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.270751][T11015]  ? __pfx__printk+0x10/0x10
[  220.270767][T11015]  ? __might_fault+0xb0/0x130
[  220.270799][T11015]  should_fail_ex+0x414/0x560
[  220.270827][T11015]  _copy_from_iter+0x1db/0x15a0
[  220.270853][T11015]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  220.270871][T11015]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  220.270892][T11015]  ? __pfx__copy_from_iter+0x10/0x10
[  220.270912][T11015]  ? __build_skb_around+0x257/0x3e0
[  220.270932][T11015]  ? netlink_sendmsg+0x642/0xb30
[  220.270946][T11015]  ? skb_put+0x11b/0x210
[  220.270966][T11015]  netlink_sendmsg+0x6b2/0xb30
[  220.270991][T11015]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.271010][T11015]  ? aa_sock_msg_perm+0x94/0x160
[  220.271029][T11015]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  220.271047][T11015]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.271064][T11015]  __sock_sendmsg+0x219/0x270
[  220.271089][T11015]  ____sys_sendmsg+0x505/0x830
[  220.271113][T11015]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.271140][T11015]  ? import_iovec+0x74/0xa0
[  220.271164][T11015]  ___sys_sendmsg+0x21f/0x2a0
[  220.271184][T11015]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.271238][T11015]  ? __fget_files+0x2a/0x420
[  220.271258][T11015]  ? __fget_files+0x3a0/0x420
[  220.271288][T11015]  __x64_sys_sendmsg+0x19b/0x260
[  220.271309][T11015]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  220.271344][T11015]  ? do_syscall_64+0xba/0x210
[  220.271369][T11015]  do_syscall_64+0xf6/0x210
[  220.271389][T11015]  ? clear_bhb_loop+0x45/0xa0
[  220.271409][T11015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.271424][T11015] RIP: 0033:0x7fa36bf8e969
[  220.271439][T11015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.271454][T11015] RSP: 002b:00007fa36cd3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.271472][T11015] RAX: ffffffffffffffda RBX: 00007fa36c1b5fa0 RCX: 00007fa36bf8e969
[  220.271484][T11015] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  220.271494][T11015] RBP: 00007fa36cd3f090 R08: 0000000000000000 R09: 0000000000000000
[  220.271505][T11015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.271515][T11015] R13: 0000000000000000 R14: 00007fa36c1b5fa0 R15: 00007ffd64130058
[  220.271542][T11015]  </TASK>
[  220.589798][T11012] 8021q: adding VLAN 0 to HW filter on device bond33
[  221.068980][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.097834][T11045] netlink: 'syz.2.1741': attribute type 2 has an invalid length.
[  221.107884][T11046] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  221.138929][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.215870][T11051] 8021q: VLANs not supported on vcan0
[  221.449991][T11064] netlink: 'syz.4.1747': attribute type 10 has an invalid length.
[  221.727240][T11069] netlink: 'syz.2.1749': attribute type 6 has an invalid length.
[  221.756482][T11057] 8021q: adding VLAN 0 to HW filter on device bond25
[  221.906735][T11080] FAULT_INJECTION: forcing a failure.
[  221.906735][T11080] name failslab, interval 1, probability 0, space 0, times 0
[  221.946654][T11080] CPU: 0 UID: 0 PID: 11080 Comm: syz.3.1751 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  221.946680][T11080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  221.946689][T11080] Call Trace:
[  221.946695][T11080]  <TASK>
[  221.946703][T11080]  dump_stack_lvl+0x189/0x250
[  221.946741][T11080]  ? __pfx_dump_stack_lvl+0x10/0x10
[  221.946764][T11080]  ? __pfx__printk+0x10/0x10
[  221.946796][T11080]  should_fail_ex+0x414/0x560
[  221.946826][T11080]  should_failslab+0xa8/0x100
[  221.946849][T11080]  __kmalloc_cache_noprof+0x70/0x3d0
[  221.946869][T11080]  ? sctp_add_bind_addr+0x8c/0x370
[  221.946894][T11080]  sctp_add_bind_addr+0x8c/0x370
[  221.946919][T11080]  sctp_copy_local_addr_list+0x30b/0x4e0
[  221.946945][T11080]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  221.946966][T11080]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  221.946990][T11080]  ? sctp_v6_is_any+0x64/0x80
[  221.947014][T11080]  ? sctp_copy_one_addr+0x93/0x360
[  221.947039][T11080]  sctp_bind_addr_copy+0xb3/0x3c0
[  221.947062][T11080]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  221.947085][T11080]  sctp_connect_new_asoc+0x2e0/0x690
[  221.947106][T11080]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  221.947121][T11080]  ? __local_bh_enable_ip+0x12d/0x1c0
[  221.947153][T11080]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  221.947172][T11080]  ? security_sctp_bind_connect+0x7e/0x2e0
[  221.947198][T11080]  sctp_sendmsg+0x155c/0x2810
[  221.947228][T11080]  ? __pfx_sctp_sendmsg+0x10/0x10
[  221.947252][T11080]  ? aa_sk_perm+0x81e/0x950
[  221.947282][T11080]  ? __pfx_aa_sk_perm+0x10/0x10
[  221.947309][T11080]  ? sock_rps_record_flow+0x19/0x410
[  221.947333][T11080]  ? inet_sendmsg+0x2f4/0x370
[  221.947358][T11080]  __sock_sendmsg+0x19c/0x270
[  221.947384][T11080]  __sys_sendto+0x3bd/0x520
[  221.947403][T11080]  ? __pfx___sys_sendto+0x10/0x10
[  221.947416][T11080]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  221.947452][T11080]  ? __fget_files+0x3a0/0x420
[  221.947483][T11080]  ? ksys_write+0x1f0/0x250
[  221.947499][T11080]  ? rcu_is_watching+0x15/0xb0
[  221.947532][T11080]  __x64_sys_sendto+0xde/0x100
[  221.947552][T11080]  do_syscall_64+0xf6/0x210
[  221.947574][T11080]  ? clear_bhb_loop+0x45/0xa0
[  221.947596][T11080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.947612][T11080] RIP: 0033:0x7f322c98e969
[  221.947627][T11080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.947642][T11080] RSP: 002b:00007f322d789038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  221.947660][T11080] RAX: ffffffffffffffda RBX: 00007f322cbb5fa0 RCX: 00007f322c98e969
[  221.947672][T11080] RDX: 0000000000000001 RSI: 0000200000847fff RDI: 0000000000000003
[  221.947683][T11080] RBP: 00007f322d789090 R08: 000020000005ffe4 R09: 000000000000001c
[  221.947694][T11080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  221.947704][T11080] R13: 0000000000000000 R14: 00007f322cbb5fa0 R15: 00007ffc7d6b8fb8
[  221.947736][T11080]  </TASK>
[  222.682630][T11094] netlink: 'syz.2.1759': attribute type 10 has an invalid length.
[  222.769843][T11102] __nla_validate_parse: 3 callbacks suppressed
[  222.769860][T11102] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1761'.
[  222.777604][T11092] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input18
[  222.788848][T11102] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1761'.
[  223.099381][T11111] IPVS: length: 78 != 40976008
[  223.115156][T11119] FAULT_INJECTION: forcing a failure.
[  223.115156][T11119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.149838][T11119] CPU: 0 UID: 0 PID: 11119 Comm: syz.1.1766 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  223.149886][T11119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  223.149896][T11119] Call Trace:
[  223.149903][T11119]  <TASK>
[  223.149910][T11119]  dump_stack_lvl+0x189/0x250
[  223.149936][T11119]  ? __lock_acquire+0xaac/0xd20
[  223.149961][T11119]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.149983][T11119]  ? __pfx__printk+0x10/0x10
[  223.150000][T11119]  ? __might_fault+0xb0/0x130
[  223.150032][T11119]  should_fail_ex+0x414/0x560
[  223.150061][T11119]  _copy_from_user+0x2d/0xb0
[  223.150128][T11119]  ___sys_sendmsg+0x158/0x2a0
[  223.150153][T11119]  ? __pfx____sys_sendmsg+0x10/0x10
[  223.150214][T11119]  ? __might_fault+0xb0/0x130
[  223.150238][T11119]  __sys_sendmmsg+0x227/0x430
[  223.150262][T11119]  ? __pfx___sys_sendmmsg+0x10/0x10
[  223.150289][T11119]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  223.150325][T11119]  ? ksys_write+0x1f0/0x250
[  223.150342][T11119]  ? rcu_is_watching+0x15/0xb0
[  223.150382][T11119]  __x64_sys_sendmmsg+0xa0/0xc0
[  223.150402][T11119]  do_syscall_64+0xf6/0x210
[  223.150424][T11119]  ? clear_bhb_loop+0x45/0xa0
[  223.150445][T11119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.150461][T11119] RIP: 0033:0x7fa36bf8e969
[  223.150476][T11119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.150490][T11119] RSP: 002b:00007fa36cd3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  223.150508][T11119] RAX: ffffffffffffffda RBX: 00007fa36c1b5fa0 RCX: 00007fa36bf8e969
[  223.150520][T11119] RDX: 00000000040001b6 RSI: 0000200000001540 RDI: 0000000000000003
[  223.150531][T11119] RBP: 00007fa36cd3f090 R08: 0000000000000000 R09: 0000000000000000
[  223.150541][T11119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  223.150551][T11119] R13: 0000000000000000 R14: 00007fa36c1b5fa0 R15: 00007ffd64130058
[  223.150579][T11119]  </TASK>
[  223.571013][T11127] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1769'.
[  223.715520][T11134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1772'.
[  223.734027][T11134] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1772'.
[  223.750471][T11133] tipc: Started in network mode
[  223.765057][T11133] tipc: Node identity , cluster identity 4711
[  223.776800][T11133] tipc: Failed to obtain node identity
[  223.799478][T11133] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  223.951331][T11144] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1776'.
[  224.063965][T11144] 8021q: adding VLAN 0 to HW filter on device team1
[  224.247103][T11151] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1789'.
[  224.536510][T11156] 8021q: adding VLAN 0 to HW filter on device bond33
[  224.614233][T11169] netlink: 'syz.1.1780': attribute type 3 has an invalid length.
[  224.975492][T11178] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1784'.
[  225.038041][T11153] 8021q: adding VLAN 0 to HW filter on device bond33
[  225.053251][T11179] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1784'.
[  225.204597][T11185] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1786'.
[  225.223458][T11184] IPVS: set_ctl: invalid protocol: 59 172.30.1.5:20002
[  225.354678][T11193] netlink: 'syz.1.1790': attribute type 1 has an invalid length.
[  225.426018][T11193] netlink: 'syz.1.1790': attribute type 1 has an invalid length.
[  225.549638][T11207] 8021q: VLANs not supported on vcan0
[  226.284233][T11222] team0 (unregistering): left promiscuous mode
[  226.290645][T11222] team_slave_0: left promiscuous mode
[  226.297784][T11222] team_slave_1: left promiscuous mode
[  226.322101][T11222] team0 (unregistering): Port device team_slave_0 removed
[  226.337305][T11222] team0 (unregistering): Port device team_slave_1 removed
[  226.373082][T11227] workqueue: Failed to create a rescuer kthread for wq "phy4": -EINTR
[  226.486234][T11242] x_tables: ip_tables: NFQUEUE.3 target: invalid size 8 (kernel) != (user) 0
[  226.714257][  T143] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.849064][  T143] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.034089][  T143] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.166002][T11273] x_tables: ip_tables: udp match: only valid for protocol 17
[  227.194150][  T143] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.224611][T11275] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  227.453456][T11282] netlink: 'syz.2.1823': attribute type 10 has an invalid length.
[  227.476283][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  227.485077][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  227.495008][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  227.503293][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  227.511031][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  227.535784][T11282] batman_adv: batadv0: Interface activated: dummy0
[  227.555549][T11282] batadv0: mtu less than device minimum
[  227.562515][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.574390][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.586154][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.594547][T11293] Bluetooth: MGMT ver 1.23
[  227.597876][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.612728][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.624505][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.636358][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.648208][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.659958][T11282] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  227.693525][T11282] batman_adv: batadv0: Interface deactivated: dummy0
[  227.701773][T11282] batman_adv: batadv0: Removing interface: dummy0
[  227.717120][T11282] bridge0: port 3(dummy0) entered blocking state
[  227.723616][T11282] bridge0: port 3(dummy0) entered disabled state
[  227.730312][T11282] dummy0: entered allmulticast mode
[  227.736958][T11282] dummy0: left allmulticast mode
[  227.743170][  T143] bridge0: port 3(batadv0) entered disabled state
[  227.756899][  T143] bridge_slave_1: left allmulticast mode
[  227.768536][  T143] bridge_slave_1: left promiscuous mode
[  227.774334][  T143] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.783097][  T143] bridge_slave_0: left allmulticast mode
[  227.788971][  T143] bridge_slave_0: left promiscuous mode
[  227.794623][  T143] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.990660][  T143] bond6 (unregistering): (slave gretap1): Releasing backup interface
[  228.089690][  T143] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  228.212401][  T143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  228.224082][  T143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  228.233962][  T143] bond0 (unregistering): Released all slaves
[  228.325182][  T143] bond1 (unregistering): Released all slaves
[  228.413741][  T143] bond2 (unregistering): Released all slaves
[  228.495935][  T143] bond3 (unregistering): Released all slaves
[  228.581662][  T143] bond4 (unregistering): Released all slaves
[  228.668105][  T143] bond5 (unregistering): Released all slaves
[  228.758276][  T143] bond6 (unregistering): Released all slaves
[  228.846154][  T143] bond7 (unregistering): Released all slaves
[  228.938554][  T143] bond8 (unregistering): Released all slaves
[  229.026223][  T143] bond9 (unregistering): Released all slaves
[  229.115360][  T143] bond10 (unregistering): Released all slaves
[  229.204686][  T143] bond11 (unregistering): Released all slaves
[  229.290763][  T143] bond12 (unregistering): Released all slaves
[  229.370045][  T143] bond13 (unregistering): Released all slaves
[  229.454329][  T143] bond14 (unregistering): Released all slaves
[  229.538494][  T143] bond15 (unregistering): Released all slaves
[  229.608612][ T5838] Bluetooth: hci3: command tx timeout
[  229.625408][  T143] bond16 (unregistering): Released all slaves
[  229.710137][  T143] bond17 (unregistering): Released all slaves
[  229.798632][  T143] bond18 (unregistering): Released all slaves
[  229.884076][  T143] bond19 (unregistering): Released all slaves
[  229.967950][  T143] bond20 (unregistering): Released all slaves
[  230.050272][  T143] bond21 (unregistering): Released all slaves
[  230.146598][  T143] bond22 (unregistering): Released all slaves
[  230.239775][  T143] bond23 (unregistering): Released all slaves
[  230.327043][  T143] bond24 (unregistering): Released all slaves
[  230.412088][  T143] bond25 (unregistering): Released all slaves
[  230.682162][T11288] lo speed is unknown, defaulting to 1000
[  230.716113][T11317] smc: net device bond0 applied user defined pnetid SYZ2
[  230.719424][T11288] lo speed is unknown, defaulting to 1000
[  231.550239][T11340] lo speed is unknown, defaulting to 1000
[  231.592853][T11340] lo speed is unknown, defaulting to 1000
[  231.690239][  T143] hsr_slave_0: left promiscuous mode
[  231.695234][ T5838] Bluetooth: hci3: command tx timeout
[  231.708059][  T143] hsr_slave_1: left promiscuous mode
[  231.730944][  T143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  231.757352][  T143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  231.777291][  T143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  231.791393][  T143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  231.861953][  T143] veth1_macvtap: left allmulticast mode
[  231.878268][  T143] veth1_macvtap: left promiscuous mode
[  231.893084][  T143] veth0_macvtap: left promiscuous mode
[  231.904051][  T143] veth1_vlan: left promiscuous mode
[  231.934884][T11360] __nla_validate_parse: 12 callbacks suppressed
[  231.934901][T11360] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1847'.
[  232.287924][T11367] nbd: socks must be embedded in a SOCK_ITEM attr
[  232.968960][T11288] chnl_net:caif_netlink_parms(): no params data found
[  233.150054][ T5881] IPVS: starting estimator thread 0...
[  233.203073][T11371] Cannot find add_set index 0 as target
[  233.248236][T11377] IPVS: using max 28 ests per chain, 67200 per kthread
[  233.309663][T11382] netlink: 'syz.0.1852': attribute type 3 has an invalid length.
[  233.407764][T11382] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1852'.
[  233.416928][T11382] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1852'.
[  233.427368][T11394] FAULT_INJECTION: forcing a failure.
[  233.427368][T11394] name failslab, interval 1, probability 0, space 0, times 0
[  233.445140][T11394] CPU: 0 UID: 0 PID: 11394 Comm: syz.2.1855 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  233.445175][T11394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  233.445190][T11394] Call Trace:
[  233.445197][T11394]  <TASK>
[  233.445203][T11394]  dump_stack_lvl+0x189/0x250
[  233.445231][T11394]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.445250][T11394]  ? __pfx__printk+0x10/0x10
[  233.445269][T11394]  ? __pfx___might_resched+0x10/0x10
[  233.445281][T11394]  ? fs_reclaim_acquire+0x7d/0x100
[  233.445304][T11394]  should_fail_ex+0x414/0x560
[  233.445335][T11394]  should_failslab+0xa8/0x100
[  233.445353][T11394]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  233.445370][T11394]  ? __d_alloc+0x31/0x6f0
[  233.445393][T11394]  __d_alloc+0x31/0x6f0
[  233.445416][T11394]  d_alloc_pseudo+0x1f/0xb0
[  233.445435][T11394]  alloc_file_pseudo+0xcc/0x210
[  233.445456][T11394]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  233.445487][T11394]  anon_inode_getfd+0xca/0x1b0
[  233.445508][T11394]  map_create+0xdb6/0x1150
[  233.445533][T11394]  ? security_bpf+0x7e/0x300
[  233.445562][T11394]  __sys_bpf+0x67e/0x860
[  233.445586][T11394]  ? __pfx___sys_bpf+0x10/0x10
[  233.445614][T11394]  ? ksys_write+0x1f0/0x250
[  233.445628][T11394]  ? rcu_is_watching+0x15/0xb0
[  233.445658][T11394]  __x64_sys_bpf+0x7c/0x90
[  233.445673][T11394]  do_syscall_64+0xf6/0x210
[  233.445693][T11394]  ? clear_bhb_loop+0x45/0xa0
[  233.445711][T11394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.445724][T11394] RIP: 0033:0x7f14c658e969
[  233.445738][T11394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.445751][T11394] RSP: 002b:00007f14c734a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  233.445767][T11394] RAX: ffffffffffffffda RBX: 00007f14c67b5fa0 RCX: 00007f14c658e969
[  233.445777][T11394] RDX: 0000000000000048 RSI: 00002000000009c0 RDI: 0000000000000000
[  233.445786][T11394] RBP: 00007f14c734a090 R08: 0000000000000000 R09: 0000000000000000
[  233.445794][T11394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.445802][T11394] R13: 0000000000000001 R14: 00007f14c67b5fa0 R15: 00007ffe5625f188
[  233.445827][T11394]  </TASK>
[  233.761990][T11288] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.773157][T11288] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.782256][T11288] bridge_slave_0: entered allmulticast mode
[  233.788474][ T5838] Bluetooth: hci3: command tx timeout
[  233.800444][T11288] bridge_slave_0: entered promiscuous mode
[  233.809314][T11288] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.816600][T11288] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.823910][T11288] bridge_slave_1: entered allmulticast mode
[  233.834087][T11288] bridge_slave_1: entered promiscuous mode
[  234.046504][T11288] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.077332][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1863'.
[  234.095522][T11288] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.182824][T11288] team0: Port device team_slave_0 added
[  234.277176][T11288] team0: Port device team_slave_1 added
[  234.359765][T11288] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.367261][T11288] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.393893][T11288] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.410444][T11288] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.420917][T11288] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.450470][T11288] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.475179][T11437] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  234.503660][T11430] tipc: Disabling bearer <eth:syzkaller0>
[  234.514512][T11434] lo speed is unknown, defaulting to 1000
[  234.561068][T11433] lo speed is unknown, defaulting to 1000
[  234.581072][T11434] lo speed is unknown, defaulting to 1000
[  234.600326][T11288] hsr_slave_0: entered promiscuous mode
[  234.618096][T11288] hsr_slave_1: entered promiscuous mode
[  234.624482][T11288] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  234.637061][T11288] Cannot create hsr debugfs directory
[  234.655485][T11433] lo speed is unknown, defaulting to 1000
[  234.697405][T11448] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  235.252795][T11463] ªªªªªª: renamed from lo
[  235.512261][T11483] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1882'.
[  235.606124][T11485] ipt_REJECT: TCP_RESET invalid for non-tcp
[  235.724158][T11488] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1883'.
[  235.743429][T11478] 8021q: adding VLAN 0 to HW filter on device bond34
[  235.846589][ T5838] Bluetooth: hci3: command tx timeout
[  236.107164][T11288] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  236.142656][T11288] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  236.177119][T11288] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  236.207545][T11288] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  236.452342][T11288] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.463028][T11525] IPVS: set_ctl: invalid protocol: 50179 184.42.3.0:0
[  236.513337][T11288] 8021q: adding VLAN 0 to HW filter on device team0
[  236.542701][ T4514] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.549887][ T4514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.624033][T11531] vlan2: entered allmulticast mode
[  236.642578][T11531] bond0: entered allmulticast mode
[  236.652694][T11531] bond_slave_0: entered allmulticast mode
[  236.668645][T11531] bond_slave_1: entered allmulticast mode
[  236.674492][T11531] bridge0: entered allmulticast mode
[  236.687244][T11535] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1900'.
[  236.698647][ T4514] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.705801][ T4514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.910466][T11542] bond_slave_0: entered promiscuous mode
[  236.916206][T11542] bond_slave_1: entered promiscuous mode
[  236.942385][T11542] vlan3: entered promiscuous mode
[  236.952940][T11542] bond0: entered promiscuous mode
[  236.960473][T11542] bridge0: entered promiscuous mode
[  237.054343][T11550] x_tables: ip_tables: udp match: only valid for protocol 17
[  237.180601][T11288] 8021q: adding VLAN 0 to HW filter on device batadv0
[  237.284583][T11288] veth0_vlan: entered promiscuous mode
[  237.402785][T11557] 8021q: adding VLAN 0 to HW filter on device bond34
[  237.481184][T11288] veth1_vlan: entered promiscuous mode
[  237.568344][T11564] FAULT_INJECTION: forcing a failure.
[  237.568344][T11564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.581694][T11564] CPU: 0 UID: 0 PID: 11564 Comm: syz.4.1910 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  237.581718][T11564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  237.581729][T11564] Call Trace:
[  237.581736][T11564]  <TASK>
[  237.581743][T11564]  dump_stack_lvl+0x189/0x250
[  237.581768][T11564]  ? __lock_acquire+0xaac/0xd20
[  237.581793][T11564]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.581815][T11564]  ? __pfx__printk+0x10/0x10
[  237.581832][T11564]  ? __might_fault+0xb0/0x130
[  237.581864][T11564]  should_fail_ex+0x414/0x560
[  237.581892][T11564]  _copy_from_user+0x2d/0xb0
[  237.581913][T11564]  generic_map_update_batch+0x572/0x7f0
[  237.581952][T11564]  ? __pfx_generic_map_update_batch+0x10/0x10
[  237.581976][T11564]  ? __fget_files+0x2a/0x420
[  237.582004][T11564]  ? __pfx_generic_map_update_batch+0x10/0x10
[  237.582027][T11564]  bpf_map_do_batch+0x369/0x5f0
[  237.582054][T11564]  __sys_bpf+0x384/0x860
[  237.582076][T11564]  ? __pfx___sys_bpf+0x10/0x10
[  237.582108][T11564]  ? ksys_write+0x1f0/0x250
[  237.582124][T11564]  ? rcu_is_watching+0x15/0xb0
[  237.582166][T11564]  __x64_sys_bpf+0x7c/0x90
[  237.582185][T11564]  do_syscall_64+0xf6/0x210
[  237.582208][T11564]  ? clear_bhb_loop+0x45/0xa0
[  237.582229][T11564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.582245][T11564] RIP: 0033:0x7f1e58f8e969
[  237.582260][T11564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.582274][T11564] RSP: 002b:00007f1e56df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  237.582292][T11564] RAX: ffffffffffffffda RBX: 00007f1e591b5fa0 RCX: 00007f1e58f8e969
[  237.582305][T11564] RDX: 0000000000000038 RSI: 0000200000000140 RDI: 000000000000001a
[  237.582316][T11564] RBP: 00007f1e56df6090 R08: 0000000000000000 R09: 0000000000000000
[  237.582326][T11564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.582336][T11564] R13: 0000000000000000 R14: 00007f1e591b5fa0 R15: 00007ffea22b7c98
[  237.582364][T11564]  </TASK>
[  237.806571][T11288] veth0_macvtap: entered promiscuous mode
[  237.816225][T11288] veth1_macvtap: entered promiscuous mode
[  237.834274][T11288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.845226][T11288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.855063][T11288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.865535][T11288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.875397][T11288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  237.885858][T11288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.899298][T11288] batman_adv: batadv0: Interface activated: batadv_slave_0
[  237.922024][T11288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.933256][T11288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.943163][T11288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.953669][T11288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.963559][T11288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.974038][T11288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.985321][T11288] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.002281][T11288] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.012967][T11288] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.034801][T11288] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.043521][T11288] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.123650][T11574] ip6gretap0: entered promiscuous mode
[  238.170926][T11576] netlink: 'syz.3.1915': attribute type 1 has an invalid length.
[  238.231328][T11576] bond35: entered promiscuous mode
[  238.242876][T11576] 8021q: adding VLAN 0 to HW filter on device bond35
[  238.262005][T11583] sctp: [Deprecated]: syz.2.1918 (pid 11583) Use of struct sctp_assoc_value in delayed_ack socket option.
[  238.262005][T11583] Use struct sctp_sack_info instead
[  238.295352][  T143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.309679][  T143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.380800][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.399623][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.574661][T11599] xt_connbytes: Forcing CT accounting to be enabled
[  238.590313][T11599] Cannot find del_set index 1 as target
[  238.673807][T11603] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1925'.
[  238.732005][T11603] xt_recent: Unsupported userspace flags (00000048)
[  238.736633][T11605] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  238.751507][T11603] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1925'.
[  238.825204][T11610] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1925'.
[  238.838195][T11610] nbd: device at index 64 is going down
[  238.850418][T11606] 8021q: adding VLAN 0 to HW filter on device bond35
[  239.147004][T11624] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1929'.
[  239.357305][T11637] net_ratelimit: 15 callbacks suppressed
[  239.357323][T11637] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  239.536009][T11652] netlink: 'syz.0.1941': attribute type 1 has an invalid length.
[  239.549285][T11654] netlink: 'syz.2.1942': attribute type 1 has an invalid length.
[  239.610206][T11652] 8021q: adding VLAN 0 to HW filter on device bond40
[  239.626930][T11661] FAULT_INJECTION: forcing a failure.
[  239.626930][T11661] name failslab, interval 1, probability 0, space 0, times 0
[  239.651401][T11661] CPU: 1 UID: 0 PID: 11661 Comm: syz.2.1942 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  239.651426][T11661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  239.651436][T11661] Call Trace:
[  239.651443][T11661]  <TASK>
[  239.651451][T11661]  dump_stack_lvl+0x189/0x250
[  239.651482][T11661]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.651504][T11661]  ? __pfx__printk+0x10/0x10
[  239.651527][T11661]  ? __pfx___might_resched+0x10/0x10
[  239.651548][T11661]  should_fail_ex+0x414/0x560
[  239.651577][T11661]  should_failslab+0xa8/0x100
[  239.651599][T11661]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  239.651620][T11661]  ? __alloc_skb+0x112/0x2d0
[  239.651641][T11661]  __alloc_skb+0x112/0x2d0
[  239.651661][T11661]  netlink_sendmsg+0x5c6/0xb30
[  239.651687][T11661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.651706][T11661]  ? aa_sock_msg_perm+0x94/0x160
[  239.651725][T11661]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  239.651743][T11661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.651760][T11661]  __sock_sendmsg+0x219/0x270
[  239.651791][T11661]  ____sys_sendmsg+0x505/0x830
[  239.651815][T11661]  ? __pfx_____sys_sendmsg+0x10/0x10
[  239.651843][T11661]  ? import_iovec+0x74/0xa0
[  239.651867][T11661]  ___sys_sendmsg+0x21f/0x2a0
[  239.651887][T11661]  ? __pfx____sys_sendmsg+0x10/0x10
[  239.651942][T11661]  ? __fget_files+0x2a/0x420
[  239.651962][T11661]  ? __fget_files+0x3a0/0x420
[  239.651992][T11661]  __x64_sys_sendmsg+0x19b/0x260
[  239.652013][T11661]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  239.652047][T11661]  ? do_syscall_64+0xba/0x210
[  239.652073][T11661]  do_syscall_64+0xf6/0x210
[  239.652093][T11661]  ? clear_bhb_loop+0x45/0xa0
[  239.652114][T11661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.652130][T11661] RIP: 0033:0x7f14c658e969
[  239.652145][T11661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.652159][T11661] RSP: 002b:00007f14c7329038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  239.652177][T11661] RAX: ffffffffffffffda RBX: 00007f14c67b6080 RCX: 00007f14c658e969
[  239.652188][T11661] RDX: 0000000000000040 RSI: 00002000000000c0 RDI: 0000000000000003
[  239.652199][T11661] RBP: 00007f14c7329090 R08: 0000000000000000 R09: 0000000000000000
[  239.652210][T11661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.652219][T11661] R13: 0000000000000001 R14: 00007f14c67b6080 R15: 00007ffe5625f188
[  239.652246][T11661]  </TASK>
[  239.911242][T11657] IPVS: persistence engine module ip_vs_pe_ not found
[  239.911815][T11654] 8021q: adding VLAN 0 to HW filter on device bond36
[  239.968012][T11657] lo speed is unknown, defaulting to 1000
[  239.999906][T11657] lo speed is unknown, defaulting to 1000
[  240.082508][T11659] 8021q: adding VLAN 0 to HW filter on device bond35
[  240.458508][  T143] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.539947][T11663] lo speed is unknown, defaulting to 1000
[  240.560756][T11663] lo speed is unknown, defaulting to 1000
[  240.626255][T11686] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1947'.
[  241.151642][  T143] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.196497][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  241.206935][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  241.214604][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  241.223866][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  241.238783][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  241.293028][  T143] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.323021][T11715] FAULT_INJECTION: forcing a failure.
[  241.323021][T11715] name failslab, interval 1, probability 0, space 0, times 0
[  241.410725][T11715] CPU: 0 UID: 0 PID: 11715 Comm: syz.4.1954 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  241.410752][T11715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  241.410768][T11715] Call Trace:
[  241.410775][T11715]  <TASK>
[  241.410783][T11715]  dump_stack_lvl+0x189/0x250
[  241.410813][T11715]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.410836][T11715]  ? __pfx__printk+0x10/0x10
[  241.410858][T11715]  ? __pfx___might_resched+0x10/0x10
[  241.410872][T11715]  ? fs_reclaim_acquire+0x7d/0x100
[  241.410900][T11715]  should_fail_ex+0x414/0x560
[  241.410930][T11715]  should_failslab+0xa8/0x100
[  241.410952][T11715]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  241.410973][T11715]  ? __alloc_skb+0x112/0x2d0
[  241.410995][T11715]  __alloc_skb+0x112/0x2d0
[  241.411015][T11715]  netlink_ack+0x146/0xa50
[  241.411040][T11715]  ? __pfx_genl_rcv_msg+0x10/0x10
[  241.411058][T11715]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  241.411076][T11715]  ? __pfx_nl802154_post_doit+0x10/0x10
[  241.411110][T11715]  netlink_rcv_skb+0x2a0/0x490
[  241.411135][T11715]  ? __pfx_genl_rcv_msg+0x10/0x10
[  241.411156][T11715]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  241.411205][T11715]  ? down_read+0x1ad/0x2e0
[  241.411230][T11715]  genl_rcv+0x28/0x40
[  241.411247][T11715]  netlink_unicast+0x758/0x8d0
[  241.411282][T11715]  netlink_sendmsg+0x805/0xb30
[  241.411309][T11715]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.411329][T11715]  ? aa_sock_msg_perm+0x94/0x160
[  241.411348][T11715]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  241.411366][T11715]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.411384][T11715]  __sock_sendmsg+0x219/0x270
[  241.411408][T11715]  ____sys_sendmsg+0x505/0x830
[  241.411433][T11715]  ? __pfx_____sys_sendmsg+0x10/0x10
[  241.411462][T11715]  ? import_iovec+0x74/0xa0
[  241.411486][T11715]  ___sys_sendmsg+0x21f/0x2a0
[  241.411513][T11715]  ? __pfx____sys_sendmsg+0x10/0x10
[  241.411571][T11715]  ? __fget_files+0x2a/0x420
[  241.411590][T11715]  ? __fget_files+0x3a0/0x420
[  241.411622][T11715]  __x64_sys_sendmsg+0x19b/0x260
[  241.411643][T11715]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  241.411680][T11715]  ? do_syscall_64+0xba/0x210
[  241.411706][T11715]  do_syscall_64+0xf6/0x210
[  241.411727][T11715]  ? clear_bhb_loop+0x45/0xa0
[  241.411748][T11715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.411764][T11715] RIP: 0033:0x7f1e58f8e969
[  241.411780][T11715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.411794][T11715] RSP: 002b:00007f1e56df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.411812][T11715] RAX: ffffffffffffffda RBX: 00007f1e591b5fa0 RCX: 00007f1e58f8e969
[  241.411824][T11715] RDX: 0000000000000044 RSI: 0000200000000400 RDI: 0000000000000004
[  241.411835][T11715] RBP: 00007f1e56df6090 R08: 0000000000000000 R09: 0000000000000000
[  241.411845][T11715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.411856][T11715] R13: 0000000000000000 R14: 00007f1e591b5fa0 R15: 00007ffea22b7c98
[  241.411885][T11715]  </TASK>
[  241.751465][  T143] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.767149][T11726] FAULT_INJECTION: forcing a failure.
[  241.767149][T11726] name failslab, interval 1, probability 0, space 0, times 0
[  241.780192][T11726] CPU: 0 UID: 0 PID: 11726 Comm: syz.2.1959 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  241.780215][T11726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  241.780225][T11726] Call Trace:
[  241.780232][T11726]  <TASK>
[  241.780239][T11726]  dump_stack_lvl+0x189/0x250
[  241.780269][T11726]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.780291][T11726]  ? __pfx__printk+0x10/0x10
[  241.780313][T11726]  ? __pfx___might_resched+0x10/0x10
[  241.780328][T11726]  ? fs_reclaim_acquire+0x7d/0x100
[  241.780356][T11726]  should_fail_ex+0x414/0x560
[  241.780386][T11726]  should_failslab+0xa8/0x100
[  241.780407][T11726]  kmem_cache_alloc_noprof+0x73/0x3c0
[  241.780426][T11726]  ? alloc_empty_file+0x55/0x1d0
[  241.780453][T11726]  alloc_empty_file+0x55/0x1d0
[  241.780484][T11726]  alloc_file_pseudo+0x13d/0x210
[  241.780509][T11726]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  241.780545][T11726]  anon_inode_getfd+0xca/0x1b0
[  241.780568][T11726]  map_create+0xdb6/0x1150
[  241.780592][T11726]  ? security_bpf+0x7e/0x300
[  241.780617][T11726]  __sys_bpf+0x67e/0x860
[  241.780639][T11726]  ? __pfx___sys_bpf+0x10/0x10
[  241.780672][T11726]  ? ksys_write+0x1f0/0x250
[  241.780703][T11726]  __x64_sys_bpf+0x7c/0x90
[  241.780721][T11726]  do_syscall_64+0xf6/0x210
[  241.780745][T11726]  ? clear_bhb_loop+0x45/0xa0
[  241.780763][T11726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.780777][T11726] RIP: 0033:0x7f14c658e969
[  241.780791][T11726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.780805][T11726] RSP: 002b:00007f14c734a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  241.780821][T11726] RAX: ffffffffffffffda RBX: 00007f14c67b5fa0 RCX: 00007f14c658e969
[  241.780832][T11726] RDX: 0000000000000048 RSI: 00002000000009c0 RDI: 0000000000000000
[  241.780843][T11726] RBP: 00007f14c734a090 R08: 0000000000000000 R09: 0000000000000000
[  241.780853][T11726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.780863][T11726] R13: 0000000000000001 R14: 00007f14c67b5fa0 R15: 00007ffe5625f188
[  241.780889][T11726]  </TASK>
[  242.010160][T11709] lo speed is unknown, defaulting to 1000
[  242.023856][T11709] lo speed is unknown, defaulting to 1000
[  242.188390][  T143] bridge_slave_1: left allmulticast mode
[  242.194964][  T143] bridge_slave_1: left promiscuous mode
[  242.201471][  T143] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.249810][  T143] bridge_slave_0: left allmulticast mode
[  242.258731][  T143] bridge_slave_0: left promiscuous mode
[  242.264592][  T143] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.352673][T11748] netlink: 'syz.2.1964': attribute type 10 has an invalid length.
[  242.662380][  T143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.676771][  T143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.687370][  T143] bond0 (unregistering): Released all slaves
[  242.708740][T11741] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1962'.
[  242.729918][T11741] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1962'.
[  242.742807][T11741] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1962'.
[  242.752280][T11741] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1962'.
[  242.761583][T11741] netlink: 21 bytes leftover after parsing attributes in process `syz.0.1962'.
[  242.771329][T11748] bridge_slave_1: left allmulticast mode
[  242.779383][T11748] bridge_slave_1: left promiscuous mode
[  242.785488][T11748] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.798074][T11748] bridge_slave_1: entered promiscuous mode
[  242.804423][T11748] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  243.022549][T11764] netlink: 'syz.3.1966': attribute type 12 has an invalid length.
[  243.141273][T11774] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  243.218696][  T143] hsr_slave_0: left promiscuous mode
[  243.230939][  T143] hsr_slave_1: left promiscuous mode
[  243.231069][T11779] netlink: 'syz.2.1972': attribute type 1 has an invalid length.
[  243.237982][  T143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.259952][  T143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.267969][  T143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.275514][  T143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.285381][ T5843] Bluetooth: hci3: command tx timeout
[  243.311149][  T143] veth1_macvtap: left promiscuous mode
[  243.317344][  T143] veth0_macvtap: left promiscuous mode
[  243.322936][  T143] veth1_vlan: left promiscuous mode
[  243.328232][  T143] veth0_vlan: left promiscuous mode
[  243.711433][  T143] team0 (unregistering): Port device team_slave_1 removed
[  243.746588][  T143] team0 (unregistering): Port device team_slave_0 removed
[  244.118661][T11778] 8021q: adding VLAN 0 to HW filter on device team2
[  244.157898][T11779] workqueue: Failed to create a rescuer kthread for wq "bond37": -EINTR
[  244.260049][T11709] chnl_net:caif_netlink_parms(): no params data found
[  244.262013][T11788] __nla_validate_parse: 2 callbacks suppressed
[  244.262029][T11788] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1977'.
[  244.301083][T11785] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1975'.
[  244.312277][T11785] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  244.348643][T11789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  244.367039][T11789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.401883][T11789] ipvlan2: entered allmulticast mode
[  244.420483][T11789] dummy0: entered allmulticast mode
[  244.504667][T11796] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1979'.
[  244.513841][T11796] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1979'.
[  244.615448][T11803] nbd: device at index 4 is going down
[  244.871042][T11709] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.885161][T11709] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.895244][T11709] bridge_slave_0: entered allmulticast mode
[  244.903255][T11709] bridge_slave_0: entered promiscuous mode
[  244.910867][T11793] lo speed is unknown, defaulting to 1000
[  244.936779][T11709] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.945839][T11709] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.953205][T11709] bridge_slave_1: entered allmulticast mode
[  244.961492][T11709] bridge_slave_1: entered promiscuous mode
[  244.970627][T11793] lo speed is unknown, defaulting to 1000
[  245.070496][T11709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.127203][T11709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.366541][ T5843] Bluetooth: hci3: command tx timeout
[  245.398430][T11825] netlink: 'syz.0.1988': attribute type 10 has an invalid length.
[  245.439547][T11709] team0: Port device team_slave_0 added
[  245.457793][T11709] team0: Port device team_slave_1 added
[  245.493322][T11824] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  245.656390][T11825] batadv0: left allmulticast mode
[  245.661613][T11825] batadv0: left promiscuous mode
[  245.667013][T11825] bridge0: port 3(batadv0) entered disabled state
[  245.687909][T11825] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  245.724886][T11825] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  245.748538][T11831] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  245.757689][T11825] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  245.785102][T11825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.796457][T11825] batadv0: entered allmulticast mode
[  245.802380][T11825] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  245.851751][T11709] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.854975][   T13] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  245.872986][T11709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.873013][T11709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.899376][   T13] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  245.930202][ T5881] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  246.073125][T11844] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1995'.
[  246.117993][T11709] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.128611][T11709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.167206][T11709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  246.341828][T11709] hsr_slave_0: entered promiscuous mode
[  246.348849][T11709] hsr_slave_1: entered promiscuous mode
[  246.355370][T11709] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  246.362999][T11709] Cannot create hsr debugfs directory
[  246.444889][T11307] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  246.459512][T11307] batman_adv: batadv0: Local translation table size (88) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  247.021080][T11863] 8021q: adding VLAN 0 to HW filter on device bond42
[  247.159542][T11871] ip6t_srh: unknown srh match flags  5294
[  247.439466][T11877] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  247.448012][ T5843] Bluetooth: hci3: command tx timeout
[  247.808952][T11890] vlan3: entered promiscuous mode
[  248.038513][T11709] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  248.174676][T11896] 8021q: adding VLAN 0 to HW filter on device bond36
[  248.183610][T11709] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  248.264068][T11709] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  248.349953][T11913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2018'.
[  248.402496][T11709] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  248.417175][T11913] xt_recent: Unsupported userspace flags (00000048)
[  248.476478][T11913] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2018'.
[  248.507892][T11709] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.567511][T11913] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2018'.
[  248.576725][T11913] nbd: device at index 64 is going down
[  248.593339][T11709] 8021q: adding VLAN 0 to HW filter on device team0
[  248.641215][T11307] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.648401][T11307] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.699695][T11924] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2021'.
[  248.720042][T11307] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.727210][T11307] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.791003][T11927] 8021q: VLANs not supported on vcan0
[  248.897230][T11932] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2023'.
[  249.369485][T11952] __nla_validate_parse: 1 callbacks suppressed
[  249.369503][T11952] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2029'.
[  249.434027][T11952] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2029'.
[  249.437882][T11709] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.525246][ T5843] Bluetooth: hci3: command tx timeout
[  249.656285][T11709] veth0_vlan: entered promiscuous mode
[  249.697001][T11709] veth1_vlan: entered promiscuous mode
[  249.815365][T11709] veth0_macvtap: entered promiscuous mode
[  249.847253][T11709] veth1_macvtap: entered promiscuous mode
[  249.934353][T11968] 8021q: adding VLAN 0 to HW filter on device bond37
[  249.961325][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.005417][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.015716][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.026522][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.037365][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.047821][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.059746][T11709] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.070259][T11973] 8021q: VLANs not supported on vcan0
[  250.182159][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.219168][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.229515][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.243305][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.266573][T11709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.278915][T11709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.293372][T11709] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.313491][T11980] netlink: 'syz.3.2038': attribute type 1 has an invalid length.
[  250.343058][T11709] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.376854][T11709] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.389842][T11709] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.399431][T11709] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.589549][T11307] net_ratelimit: 16 callbacks suppressed
[  250.589566][T11307] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  250.610608][T11307] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  250.672874][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.703265][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.770878][T12007] FAULT_INJECTION: forcing a failure.
[  250.770878][T12007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.776059][T12009] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2047'.
[  250.814357][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.848268][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.857382][T12007] CPU: 0 UID: 0 PID: 12007 Comm: syz.0.2046 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  250.857404][T12007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  250.857414][T12007] Call Trace:
[  250.857421][T12007]  <TASK>
[  250.857428][T12007]  dump_stack_lvl+0x189/0x250
[  250.857458][T12007]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.857480][T12007]  ? __pfx__printk+0x10/0x10
[  250.857498][T12007]  ? __pfx_migrate_enable+0x10/0x10
[  250.857522][T12007]  should_fail_ex+0x414/0x560
[  250.857551][T12007]  _copy_to_user+0x31/0xb0
[  250.857574][T12007]  generic_map_lookup_batch+0x896/0xcc0
[  250.857617][T12007]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  250.857634][T12007]  ? __fget_files+0x2a/0x420
[  250.857659][T12007]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  250.857677][T12007]  bpf_map_do_batch+0x25b/0x5f0
[  250.857698][T12007]  ? security_bpf+0x7e/0x300
[  250.857723][T12007]  __sys_bpf+0x70c/0x860
[  250.857742][T12007]  ? __pfx___sys_bpf+0x10/0x10
[  250.857770][T12007]  ? ksys_write+0x1f0/0x250
[  250.857786][T12007]  ? rcu_is_watching+0x15/0xb0
[  250.857816][T12007]  __x64_sys_bpf+0x7c/0x90
[  250.857831][T12007]  do_syscall_64+0xf6/0x210
[  250.857852][T12007]  ? clear_bhb_loop+0x45/0xa0
[  250.857871][T12007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.857885][T12007] RIP: 0033:0x7f9ca518e969
[  250.857899][T12007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.857913][T12007] RSP: 002b:00007f9ca5f4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  250.857930][T12007] RAX: ffffffffffffffda RBX: 00007f9ca53b5fa0 RCX: 00007f9ca518e969
[  250.857942][T12007] RDX: 0000000000000038 RSI: 0000200000000480 RDI: 0000000000000018
[  250.857951][T12007] RBP: 00007f9ca5f4c090 R08: 0000000000000000 R09: 0000000000000000
[  250.857960][T12007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.857969][T12007] R13: 0000000000000000 R14: 00007f9ca53b5fa0 R15: 00007ffd6aa16918
[  250.857993][T12007]  </TASK>
[  251.182892][   T13] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  251.197328][   T13] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  251.292002][T12013] 8021q: VLANs not supported on vcan0
[  251.717252][T11307] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  251.731707][T11307] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  251.783099][  T975] lo speed is unknown, defaulting to 1000
[  252.280091][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  252.294489][ T4514] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  252.377730][T12043] 8021q: adding VLAN 0 to HW filter on device bond37
[  252.594238][ T1316] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.857727][ T1316] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.909133][   T13] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:00:00:00:01
[  252.925084][   T13] batman_adv: batadv0: Local translation table size (56) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  252.953674][T12059] tipc: Started in network mode
[  252.958800][T12059] tipc: Node identity 00000000004000000000000000000001, cluster identity 4711
[  252.979659][T12059] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  253.134005][ T1316] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.206288][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  253.231751][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  253.235576][T12062] netlink: 'syz.2.2058': attribute type 8 has an invalid length.
[  253.250601][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  253.281300][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  253.301985][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  253.384417][ T1316] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.432349][T12083] dummy0: Device is already in use.
[  253.488662][T12072] lo speed is unknown, defaulting to 1000
[  253.516870][T12072] lo speed is unknown, defaulting to 1000
[  253.562315][T12087] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2064'.
[  253.595771][T12087] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2064'.
[  253.672474][T12087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  253.694879][T12087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.715635][T12087] dummy0: entered promiscuous mode
[  253.749630][T12087] dummy0: left promiscuous mode
[  253.768257][T12098] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2068'.
[  254.096369][ T1316] bridge_slave_1: left allmulticast mode
[  254.102728][ T1316] bridge_slave_1: left promiscuous mode
[  254.114578][ T1316] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.148588][ T1316] bridge_slave_0: left allmulticast mode
[  254.164446][ T1316] bridge_slave_0: left promiscuous mode
[  254.177245][ T1316] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.835301][ T1316] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  254.850015][ T1316] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  254.860682][ T1316] bond0 (unregistering): Released all slaves
[  254.882966][T12117] vlan2: entered promiscuous mode
[  255.263767][T12155] FAULT_INJECTION: forcing a failure.
[  255.263767][T12155] name failslab, interval 1, probability 0, space 0, times 0
[  255.316861][T12155] CPU: 1 UID: 0 PID: 12155 Comm: syz.3.2080 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  255.316885][T12155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  255.316895][T12155] Call Trace:
[  255.316901][T12155]  <TASK>
[  255.316908][T12155]  dump_stack_lvl+0x189/0x250
[  255.316939][T12155]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.316962][T12155]  ? __pfx__printk+0x10/0x10
[  255.316980][T12155]  ? __pfx___might_resched+0x10/0x10
[  255.316995][T12155]  ? fs_reclaim_acquire+0x7d/0x100
[  255.317025][T12155]  should_fail_ex+0x414/0x560
[  255.317054][T12155]  should_failslab+0xa8/0x100
[  255.317073][T12155]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  255.317092][T12155]  ? __alloc_skb+0x112/0x2d0
[  255.317112][T12155]  __alloc_skb+0x112/0x2d0
[  255.317129][T12155]  alloc_skb_with_frags+0xca/0x890
[  255.317148][T12155]  ? do_raw_spin_lock+0x121/0x290
[  255.317176][T12155]  sock_alloc_send_pskb+0x857/0x990
[  255.317213][T12155]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  255.317238][T12155]  ? ref_tracker_alloc+0x2ae/0x460
[  255.317257][T12155]  ? __lock_acquire+0xaac/0xd20
[  255.317286][T12155]  __ip_append_data+0x2cf6/0x40f0
[  255.317324][T12155]  ? __lock_acquire+0xaac/0xd20
[  255.317346][T12155]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  255.317377][T12155]  ? ipv4_mtu+0x23/0x5c0
[  255.317394][T12155]  ? __pfx___ip_append_data+0x10/0x10
[  255.317411][T12155]  ? ipv4_mtu+0x23/0x5c0
[  255.317428][T12155]  ? ip_setup_cork+0x579/0x9b0
[  255.317449][T12155]  ip_append_data+0x10e/0x190
[  255.317470][T12155]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  255.317489][T12155]  udp_sendmsg+0x3e7/0x22e0
[  255.317528][T12155]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  255.317545][T12155]  ? tomoyo_write_log2+0x250/0x910
[  255.317562][T12155]  ? __pfx_udp_sendmsg+0x10/0x10
[  255.317586][T12155]  ? __lock_acquire+0xaac/0xd20
[  255.317613][T12155]  ? register_lock_class+0x51/0x320
[  255.317644][T12155]  ? look_up_lock_class+0x74/0x170
[  255.317665][T12155]  ? register_lock_class+0x51/0x320
[  255.317681][T12155]  ? __local_bh_enable_ip+0x12d/0x1c0
[  255.317715][T12155]  udpv6_sendmsg+0xc52/0x2700
[  255.317731][T12155]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.317766][T12155]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  255.317808][T12155]  ? __local_bh_enable_ip+0x12d/0x1c0
[  255.317832][T12155]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  255.317862][T12155]  ? inet_send_prepare+0x1b9/0x270
[  255.317885][T12155]  ? inet_send_prepare+0x1b9/0x270
[  255.317908][T12155]  ? inet6_sendmsg+0xe4/0x120
[  255.317932][T12155]  __sock_sendmsg+0xe5/0x270
[  255.317957][T12155]  ____sys_sendmsg+0x52d/0x830
[  255.317981][T12155]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.318008][T12155]  ? import_iovec+0x74/0xa0
[  255.318035][T12155]  ___sys_sendmsg+0x21f/0x2a0
[  255.318080][T12155]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.318136][T12155]  ? __fget_files+0x2a/0x420
[  255.318155][T12155]  ? __fget_files+0x3a0/0x420
[  255.318185][T12155]  __sys_sendmmsg+0x227/0x430
[  255.318209][T12155]  ? __pfx___sys_sendmmsg+0x10/0x10
[  255.318243][T12155]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  255.318281][T12155]  ? ksys_write+0x1f0/0x250
[  255.318297][T12155]  ? rcu_is_watching+0x15/0xb0
[  255.318329][T12155]  __x64_sys_sendmmsg+0xa0/0xc0
[  255.318350][T12155]  do_syscall_64+0xf6/0x210
[  255.318371][T12155]  ? clear_bhb_loop+0x45/0xa0
[  255.318392][T12155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.318408][T12155] RIP: 0033:0x7f322c98e969
[  255.318423][T12155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.318437][T12155] RSP: 002b:00007f322d789038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  255.318455][T12155] RAX: ffffffffffffffda RBX: 00007f322cbb5fa0 RCX: 00007f322c98e969
[  255.318467][T12155] RDX: 0000000000000002 RSI: 0000200000004d40 RDI: 0000000000000003
[  255.318477][T12155] RBP: 00007f322d789090 R08: 0000000000000000 R09: 0000000000000000
[  255.318486][T12155] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  255.318496][T12155] R13: 0000000000000000 R14: 00007f322cbb5fa0 R15: 00007ffc7d6b8fb8
[  255.318525][T12155]  </TASK>
[  255.391196][T12163] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.397509][ T5843] Bluetooth: hci3: command tx timeout
[  255.484024][T12164] xt_cgroup: xt_cgroup: no path or classid specified
[  255.489123][T12167] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.498122][T12152] netlink: 'syz.0.2079': attribute type 29 has an invalid length.
[  255.689721][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  255.721414][T12072] chnl_net:caif_netlink_parms(): no params data found
[  255.727999][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  255.811880][T12161] macsec1: entered promiscuous mode
[  255.817187][T12161] syz_tun: entered promiscuous mode
[  255.822568][T12161] macsec1: entered allmulticast mode
[  255.828035][T12161] syz_tun: entered allmulticast mode
[  255.837817][T12161] syz_tun: left allmulticast mode
[  255.842874][T12161] syz_tun: left promiscuous mode
[  255.856692][T11307] wlan0: Trigger new scan to find an IBSS to join
[  255.883508][T11307] ------------[ cut here ]------------
[  255.890489][T11307] UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1208:5
[  255.890650][T12169] netlink: 'syz.3.2086': attribute type 10 has an invalid length.
[  255.901692][T11307] index 0 is out of range for type 'struct ieee80211_channel *[] __counted_by(n_channels)' (aka 'struct ieee80211_channel *[]')
[  255.932223][ T1316] hsr_slave_0: left promiscuous mode
[  255.940343][ T1316] hsr_slave_1: left promiscuous mode
[  255.944054][T11307] CPU: 1 UID: 0 PID: 11307 Comm: kworker/u8:9 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  255.944083][T11307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  255.944094][T11307] Workqueue: events_unbound cfg80211_wiphy_work
[  255.944122][T11307] Call Trace:
[  255.944128][T11307]  <TASK>
[  255.944136][T11307]  dump_stack_lvl+0x189/0x250
[  255.944163][T11307]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.944184][T11307]  ? __pfx__printk+0x10/0x10
[  255.944217][T11307]  ubsan_epilogue+0xa/0x40
[  255.944233][T11307]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  255.944259][T11307]  ieee80211_request_ibss_scan+0x600/0x8b0
[  255.944293][T11307]  ieee80211_ibss_work+0xde7/0x1060
[  255.944322][T11307]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  255.944352][T11307]  ? ieee80211_iface_work+0xf39/0xfe0
[  255.944373][T11307]  ? rcu_is_watching+0x15/0xb0
[  255.944401][T11307]  cfg80211_wiphy_work+0x2dc/0x460
[  255.944424][T11307]  ? process_scheduled_works+0x9ec/0x17a0
[  255.944450][T11307]  process_scheduled_works+0xadb/0x17a0
[  255.944502][T11307]  ? __pfx_process_scheduled_works+0x10/0x10
[  255.944543][T11307]  worker_thread+0x8a0/0xda0
[  255.944561][T11307]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  255.944588][T11307]  ? __kthread_parkme+0x7b/0x200
[  255.944614][T11307]  kthread+0x70e/0x8a0
[  255.944636][T11307]  ? __pfx_worker_thread+0x10/0x10
[  255.944650][T11307]  ? __pfx_kthread+0x10/0x10
[  255.944670][T11307]  ? __pfx_kthread+0x10/0x10
[  255.944686][T11307]  ? _raw_spin_unlock_irq+0x23/0x50
[  255.944703][T11307]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.944722][T11307]  ? __pfx_kthread+0x10/0x10
[  255.944738][T11307]  ret_from_fork+0x4b/0x80
[  255.944753][T11307]  ? __pfx_kthread+0x10/0x10
[  255.944771][T11307]  ret_from_fork_asm+0x1a/0x30
[  255.944802][T11307]  </TASK>
[  255.945055][T11307] ---[ end trace ]---
[  255.955168][ T1316] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.963900][T11307] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  255.963917][T11307] CPU: 1 UID: 0 PID: 11307 Comm: kworker/u8:9 Not tainted 6.15.0-rc3-syzkaller-00618-gff61a4a5dfc2 #0 PREEMPT(full) 
[  255.963938][T11307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  255.963950][T11307] Workqueue: events_unbound cfg80211_wiphy_work
[  255.963978][T11307] Call Trace:
[  255.963986][T11307]  <TASK>
[  255.963994][T11307]  dump_stack_lvl+0x99/0x250
[  255.964019][T11307]  ? __asan_memcpy+0x40/0x70
[  255.964037][T11307]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.964060][T11307]  ? __pfx__printk+0x10/0x10
[  255.964098][T11307]  panic+0x2db/0x790
[  255.964127][T11307]  ? __pfx_panic+0x10/0x10
[  255.964145][T11307]  ? _printk+0xcf/0x120
[  255.964167][T11307]  ? __pfx__printk+0x10/0x10
[  255.964192][T11307]  check_panic_on_warn+0x89/0xb0
[  255.964215][T11307]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  255.964242][T11307]  ieee80211_request_ibss_scan+0x600/0x8b0
[  255.964278][T11307]  ieee80211_ibss_work+0xde7/0x1060
[  255.964306][T11307]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  255.964337][T11307]  ? ieee80211_iface_work+0xf39/0xfe0
[  255.964359][T11307]  ? rcu_is_watching+0x15/0xb0
[  255.964388][T11307]  cfg80211_wiphy_work+0x2dc/0x460
[  255.964411][T11307]  ? process_scheduled_works+0x9ec/0x17a0
[  255.964437][T11307]  process_scheduled_works+0xadb/0x17a0
[  255.964490][T11307]  ? __pfx_process_scheduled_works+0x10/0x10
[  255.964530][T11307]  worker_thread+0x8a0/0xda0
[  255.964549][T11307]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  255.964577][T11307]  ? __kthread_parkme+0x7b/0x200
[  255.964603][T11307]  kthread+0x70e/0x8a0
[  255.964625][T11307]  ? __pfx_worker_thread+0x10/0x10
[  255.964641][T11307]  ? __pfx_kthread+0x10/0x10
[  255.964660][T11307]  ? __pfx_kthread+0x10/0x10
[  255.964678][T11307]  ? _raw_spin_unlock_irq+0x23/0x50
[  255.964696][T11307]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.964715][T11307]  ? __pfx_kthread+0x10/0x10
[  255.964736][T11307]  ret_from_fork+0x4b/0x80
[  255.964752][T11307]  ? __pfx_kthread+0x10/0x10
[  255.964770][T11307]  ret_from_fork_asm+0x1a/0x30
[  255.964802][T11307]  </TASK>
[  255.968145][T11307] Kernel Offset: disabled