last executing test programs:

1m23.19663216s ago: executing program 4 (id=847):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080)=0x61f, 0x4)

1m7.275844292s ago: executing program 4 (id=847):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080)=0x61f, 0x4)

50.875795675s ago: executing program 4 (id=847):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080)=0x61f, 0x4)

36.019331058s ago: executing program 4 (id=847):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080)=0x61f, 0x4)

21.653811837s ago: executing program 4 (id=847):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080)=0x61f, 0x4)

8.680073254s ago: executing program 4 (id=847):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000080)=0x61f, 0x4)

2.992626735s ago: executing program 3 (id=1948):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfff00002}, {0x16}]}, 0x10)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000380)={r4, 0x5}, 0x8)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xe, 0x16, &(0x7f0000001100)=ANY=[@ANYBLOB="61159f00000000006113500000000000bf5000000000000004000000080000003d03010000000000250500000000000069163e0000000000bf07000000000000450607000fff0720670600003f000000160300000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e273827017826251ed834f2af97787f696649a462e7ee4bcf800000000000000000000004000bc00f679629709e75b99f9632b6ce78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1fff5f1be1969a1ba791ad46d800000000c7f26a0337302f3341eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf48903d3fc78700d429a2d4c8b6d803eb83eecfe4c700000000a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d4a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453b65586f65c7943d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798a9c2dca871073f6bd61940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d1542c882e672fea96aedf346279ec000000000000000000000000c6427829b65ee55eef70520871b2a26df69559b5a06ad06d3d0183ae3b317478fff42cc48b461c56baea65a667000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c0000003d0007010000000000000000017c0000040008800c00018006000600800a00000800028004000c"], 0x76}}, 0xc000)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="34000000425a60074cf31ec63d9aa68d9e972533d4d659442248b183ce99e3d61cd5d7684b6a9954259ea8f57160ebf3c353d5fcf69b016a74ab6ce13bfd95d9941b9c8f362a86d38e8e82a14069874cc3ad0545f793436505bc3f1586ce2386a26fd249", @ANYRES16=r1, @ANYBLOB="010000000000000000000700000020000180060001000a00000014000400fc020000000000000000000000000005"], 0x34}}, 0x0)

2.81404662s ago: executing program 3 (id=1950):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x4000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4090)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x50, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x50}}, 0x0)

2.775892463s ago: executing program 0 (id=1951):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000280)={0x0, 0x11, 0x6, @link_local}, 0x10)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa8100340086dd6012100800183a00fe800000000000d40000000000000900000000000000010000000000000000aa3a00c820660000008900061067000000800090780000925244cb87a5a979b2e98f85b601d449595ba06fdb89c9eff95d7d00000000000000305d48ab05d5d7d074cab3ed3a4b55fefdd1b4d8d10511b4e3a67ee9a1d7e4e719e5d9a969d02e24def1dbf80188304d25834ea9eef4676b456ee0caa1a45c0bc863674e9affe8785085a0d30d68c1f2e4c44309e7d7d296b1d779b0343c62c47ce6164f523cd60102962d878f470efcdf7a18531cccf5dee13b8a41d40bcc3e0773ad"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
ioctl(r1, 0x8b1a, &(0x7f0000000040))
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'team_slave_0\x00', <r5=>0x0})
r6 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r7=>0x0})
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', r7, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000010000100"/20, @ANYRES32=r5, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r8], 0x2c}}, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10)

2.593993419s ago: executing program 3 (id=1953):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124e00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000140600000fff07006706000020000000350200000ee60000bf25000000000000bd350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad53010000000000840400000000000014000000000000009500000000000000db13d5d8b740f2cdaabc8383c8f56b8c2b84a800ea6553f3ef4392b3815dcf00c3eebc52267b042d19d6e31e25e589d5f2692c75a547d6f186641ae8c557ccff3878a93b51a0389749df734f49ed5078b10f1e7f2b37626a3ace1ea89f7d2c570720a86853e26168761f0a53358f7ee2baa0e6a67a98a0d57ac09f36cfefbbc7492bbe7cdf64971a57fd64efd46c26"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
ppoll(0x0, 0x0, &(0x7f0000000180), &(0x7f00000001c0)={[0xffffffffffffffff]}, 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x76, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x54}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

2.384695477s ago: executing program 0 (id=1956):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x3c, 0x2c, 0x1, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, 0x0, {0xd, 0x7}, {}, {0x1, 0x8}}, [@filter_kind_options=@f_route={{0xa}, {0xfed3, 0x2, [@TCA_ROUTE4_IIF={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48801}, 0x20000000)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), r1)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000680)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32=r2, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040)

2.384476972s ago: executing program 3 (id=1957):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x74bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x6db6ec49e3ab5510}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x1cc05}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x44}}, 0x400c084)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xf, 0xfff3}, {0x0, 0xfff1}, {0xffe0, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000094}, 0x4041080) (fail_nth: 8)

2.258784936s ago: executing program 0 (id=1958):
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xe0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000005200)=@delchain={0xfc, 0x65, 0x2, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0x1}}, [@TCA_CHAIN={0x8, 0xb, 0x8}, @filter_kind_options=@f_matchall={{0xd}, {0x4}}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0xa8, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0x8, 0x5}}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x8c, 0x6, [@m_nat={0x54, 0x1c, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x80000}, @empty, @private=0xa010100}}]}, {0x4}, {0xc}, {0xc}}}, @m_connmark={0x34, 0x0, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x41000000, &(0x7f0000003700)={0x77359400})

2.139123171s ago: executing program 1 (id=1959):
r0 = socket$packet(0x11, 0x2, 0x300) (async, rerun: 32)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}) (rerun: 32)
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) (async, rerun: 32)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r3, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x1c, r4, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x2400c885}, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0xbb8, &(0x7f0000000440)={0xa, 0x4e21, 0x0, @local}, 0x1c)

1.934621833s ago: executing program 0 (id=1960):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="680000001000010400000000010000000000bcae", @ANYRES32=0x0, @ANYBLOB="030100000000000034001280110001006272696467655f736c617665000000001c00058006001f005846000005001c00010000000500200000000000140003006272696467655f736c6176655f300000"], 0x68}}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$can_raw(0x1d, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000000380)=[{{&(0x7f0000000180)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f00000002c0)=[{&(0x7f00000001c0)="c9af2d02d8b94f265d699a0124cefbb67f31adf17ba4998f32d68f0c48210ce092e42dc08d3aafa5acd40ccb8588e8eb6aa991bfcc18aad87445d43e2401b066b5f40a71e4237b2fbed63f35815937fdd7337b0778ee23c07aa3db90c261153f33", 0x61}], 0x1, &(0x7f0000000300)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xfe}}], 0x48}}], 0x1, 0x8000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r3, 0x8927, &(0x7f0000000040)={0x6, 'wlan0\x00'})
ioctl$sock_inet_SIOCSIFPFLAGS(r3, 0x8934, 0x0)
setsockopt(r2, 0x65, 0x5, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, 0x0, 0x1a)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000003896000700000020000180060001000a00000014000400fc020000000000000000000000000005ee8db8885af6ac902bda1437a7cf94f5e02b16d4eb998603c7c296c03d0343de48204690a88c95241d789980864a9b89184105b7ca26bcff9a074faabf7c87c022634ba8e096286a7b284df55c9e7de25e0f145c16766a06075508ad4bbfbc66217d61535a40ee4516954583b5157db2caec2a9da083b125fb63245f2e07947f70047b21d60b715c3d8b5db1ee06ad90e7e0f8fd30d9a9cca8f1655709f85545a4ec67e454c3f963ea7c84c4a13e5d36372af3ae8a47aabba5bd9a9944d47e30228b8da0331783dfd735997bd811956ab0a18d8be7d711e46f28317cf787be0f2e3024e02518a95a90959bf6fb023f4e58065202874cf94946d0360147fac49c8c9de944d8ad23b2500ed7ef711f638cbf7aaf4f1f3b79b21456d47038ce0c435b7d8e152ef505d5b8123d08b72999f02618dade70e8103b3b37686fbf4edb4e"], 0x34}}, 0x0)

1.652822515s ago: executing program 3 (id=1961):
socket$inet6(0xa, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="0209000002"], 0x10}}, 0x0)

1.599656228s ago: executing program 2 (id=1962):
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000180)={0x0, @null, @bpq0, 0x4, 'syz1\x00', @null, 0xfffffffd, 0x5, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]})
r0 = socket(0x2, 0x800, 0xc)
listen(0xffffffffffffffff, 0x8)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x2, 0x20}, &(0x7f00000001c0)=0xc)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000)=0xfffffff7, 0x4)
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={0x1, @null, @bpq0, 0xb49, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xfff, 0x3, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default]})

1.444595306s ago: executing program 0 (id=1963):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x59)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000880)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0xffffff1f, 0xfffffffc, 0xffffffef, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @multicast1}, @IFLA_GRE_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.278550441s ago: executing program 2 (id=1964):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000013c0), r0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000500)={'team0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x6c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2000]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x9}]}]}]}}]}, 0x9c}}, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000000)={0x40, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}]}, 0x40}}, 0x0)

983.534455ms ago: executing program 0 (id=1965):
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000001680)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_EXPECTED_FD={0x8, 0x8, r4}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x19}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000000)={0xa0000001})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r4, <r6=>0xffffffffffffffff}, 0x4)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000580)=0x10)
poll(&(0x7f00000000c0)=[{r5, 0x1009}], 0x1, 0x8000007)
r7 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071114200000000008510000002000000858000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r8 = socket$inet(0x2, 0x6, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)="5a6beb51af9c9e1dd837fd42e21073f7204757fe5f6a50a16d140419c697fe3977284cc6923c0434b9a7af480a0598217834", 0x32}, {&(0x7f0000000200)="288a509c40461330fa015fc38a09678a17a4", 0x12}, {&(0x7f0000000340)="c7c0a072a51147653bc706d6b0186a98cb29d8306b97dd97412a7a9373899a2092c3c966e307dd337d5a8639c90c86c4d4b1ac3681390bdd95d0e62e8d4fe39a1297723d24e094b968b5bc396fe11e9a097f6ea112d98600380489b82b54ef0f86832b618936768ca9057f58b53567ec73aee17ebd4fe15c54bb2a67603f94430ae326849e674866d0d989df60c28d4f92f01d128955e578c1b0406e9dae3993ec74906ac75c0a908ff7bf5709bd30a36146e6849a0cc730b87daff60398cce8761302ff2b", 0xc5}, {&(0x7f0000000240)="15190815d28dcbdece489f315b97643d98f2af50a51502e4b3814cef177a", 0x1e}], 0x4}, 0x4000000)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x3, 0x4}]}}}]}, 0x3c}}, 0x0)

928.51965ms ago: executing program 1 (id=1966):
socket$key(0xf, 0x3, 0x2)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004804)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r2, 0x111, 0x2, 0x1, 0x4)
sendmsg$nl_generic(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600010a"], 0x78}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2800000012960800020000000000000008004b001300000008000100000000000800150002000000"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
pipe(0x0)
pipe(0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffff8000, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292", 0xc)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, 0x0, 0x0, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
recvmmsg(r2, 0x0, 0x0, 0x20, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x48}}, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000340))
ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000000)='bridge0\x00')

920.263129ms ago: executing program 2 (id=1967):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e24, @remote}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), r2) (async, rerun: 32)
setsockopt$inet_tcp_int(r1, 0x6, 0x1, &(0x7f0000000100)=0x5, 0x4)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c9, &(0x7f0000000100)) (async, rerun: 32)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000002b40), 0xffffffffffffffff) (rerun: 32)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x54, r3, 0x1, 0x0, 0x0, {0x6}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0x91}, {0x6}, {0x5}}]}, 0x54}}, 0x0)

723.537422ms ago: executing program 1 (id=1968):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x3c, 0x2c, 0x1, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, 0x0, {0xd, 0x7}, {}, {0x1, 0x8}}, [@filter_kind_options=@f_route={{0xa}, {0xfed3, 0x2, [@TCA_ROUTE4_IIF={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48801}, 0x20000000)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), r1)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000680)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32=r2, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040)

620.51618ms ago: executing program 2 (id=1969):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000001400010000000000000000000a000000", @ANYRES32, @ANYBLOB="14000100ff010000000000400000000000000001140006000000000065000000000000000000000008000b"], 0x48}}, 0x0)
socket$inet6(0xa, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
socket$packet(0x11, 0x3, 0x300)
ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000240)={0x0, 0x8, '\x00', 0x9, 0x7})

601.387523ms ago: executing program 3 (id=1970):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0xff01, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

517.955713ms ago: executing program 1 (id=1971):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000000f40)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@fadd={0x58, 0x114, 0x6, {{}, 0xfffffffffffffffe, 0x0}}], 0x58}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x2d}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
epoll_pwait(r2, &(0x7f0000000040)=[{}, {}, {}, {}], 0x4, 0x1003, &(0x7f0000000080), 0x8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000a40)={'tunl0\x00', &(0x7f0000000940)={'syztnl0\x00', <r4=>0x0, 0x8, 0x19, 0x4, 0x4, {{0x13, 0x4, 0x1, 0x15, 0x4c, 0x67, 0x0, 0x7, 0x4, 0x0, @multicast2, @remote, {[@ssrr={0x89, 0x1f, 0x2e, [@loopback, @multicast1, @multicast2, @dev={0xac, 0x14, 0x14, 0x21}, @private=0xa010101, @local, @private=0xa010102]}, @noop, @lsrr={0x83, 0x17, 0x3c, [@remote, @broadcast, @rand_addr=0x64010100, @multicast2, @rand_addr=0x64010101]}]}}}}})
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000680)=0x14)
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b00)={0xc8, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7c058104b939a3ea}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}]}, @HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x8004}, 0x840)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x12, r6, 0x4}, 0x38)
splice(r1, 0x0, r3, 0x0, 0xffffffff, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='wbt_timer\x00', r7, 0x0, 0xfffffffffffffff5}, 0x18)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8)
close(r9)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r9, 0x8982, &(0x7f00000000c0)={0x3, 'gretap0\x00', {0xfffffffe}, 0x9})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x4c, r12, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}]}, 0x4c}}, 0x0)
close(r10)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r3)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000300)={'tunl0\x00', &(0x7f0000000440)={'syztnl1\x00', <r15=>0x0, 0x8000, 0x7800, 0x1000000, 0x41919a36, {{0x9, 0x4, 0x0, 0x8, 0x24, 0x65, 0x0, 0xca, 0x29, 0x0, @local, @multicast2, {[@timestamp={0x44, 0x10, 0x3a, 0x0, 0x6, [0xe, 0x0, 0x8]}]}}}}})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r13, &(0x7f0000000580)={&(0x7f0000000180), 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x54, r14, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r15}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xe4}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4b98d024}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x44800}, 0x4000000)
r16 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r16, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x80}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x4}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x5}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xdc}}, 0x0)

441.481729ms ago: executing program 2 (id=1972):
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000035c0), r0)
sendmsg$alg(r0, &(0x7f0000003540)={0x0, 0x0, &(0x7f0000003440)=[{&(0x7f00000008c0)}, {&(0x7f0000002240)="fbd89b3e8977042b8d34702d075a011fd70630380f4fb526e7863d4634cbfa0bc71f5511e940db08172fad84fa1395f7449057c8f0e95db43f347b2a40fd82721bc99b86c962b00f3e6573f4d5247daf73f01784f9b4d6c19fa29d5ad992ef173628c59a07d2ffd58eba93894202efc56fb075a1d2218eb002ee4ab2156c8dbde97eb8a4d4b034dac4b6ddb98c24394eb3c784026a30db06be950079ce89d7b0284df8045bd8502880d184b35fd0c1a19fae14501dd748052bf5fa1fea731015978fd34f7c47e7f36ac585e9b93bffba06bf92adb3c680fcd6fe9813f60178c3a885f03e38f0719fc60dc15985a49b9883cb16abcd85c1a909b6b5ef1f5f68a3a36b33706f8935d48314a0e979254c00153e5d6fca1660bb76e246687144639b3257f73b8b1ee737567bf28c635d3e5f5683888c8e6b639291483c728208e540ad0ff83dba7d2ffa08b28f7224b35e2a1736c40992636147a58613b27b54fdd4703f4ae1f2693c20e8baf2ffdd750c89df77b96badd533d7081abfbf4598a172ad816d8f22ec1f1f8750f3a88bbfa3f6cd97b1c02cb52c6ee5ef375d177413c4fd02d17e1a3c5ca08ee5894c710f1d9278c4a3124fee043815a69c2fb2fbaf796768d3b859ae36046e2f4d336048a54d355dac14f8f99a1a70d81bdb1fecc47f158f24c0b01b2cbf16b5e4009f518fa10171943158fb53ea67b13d34eb79bd91fa415af2a6a9a8a3747ee0993f3e91b0cf09c008bf23302ee0c4374d0b83aa2ecb1a87f07bd4d1752e07e0b50eb29f9096354eb9c8e6aa88ea541d642e115743ca5c14d53bd59a6ae4e1fb6ba1520cb411ced080a7caa3e3139ffb978b71b25a03b3754e80978eee7c15b41b0c7d73d4dba0785a31a78f24a7250026cad781d3a83589a3ab88de4b06b69ebad2db8fe60304495e7980a15f54027b33a50e32bec0681d7b23ddc46ad358e30d82942487b51586cb33f0fdfb422b3f62df612653ba3e5fabe44fc392f2a82fdf32a2c01e2adc0aa5dae85e38f2b9e2639fed058fcbee0281c42cd45ed04d91a7ff583a784699928ef08b21eb54162eb28a7702b8eff975f00aa924d4bceb659d04ad1a5d400e9178caeeaed3986e9ecb0d4f542940a3583c4fa6169af465adf0890a3eb0ed5dc83bb7fbd0a774c61ad6b787764815877487aa3a857195acada309caa9db0fe107e15afc7fa4209ad11bcb0af6af1f443e3f09dc9e27f7b38975bdd771c89960223f65e05204d0c37e255f7019a52bd2dc037819dfe6a099b264840937d85631c2180e0f1b6f94422821c2b81c3df5fb4204dba87aaa12e4749fe603394af58571b0de84256af1e70b5f617f6894c7fff778346f10e5b6352a1dd8ebea06cb74a90c801826ccadb2687577d4146e9f986c2c92fa08e589e5616e2243e4d3267caf2e36f19bba4d07aba81c131d387a1818accb4d2bb0d0dd63a0c1a7097a7d930cc5de0ee1397a581a1899b42781c513c7eb2600f31d03e6a1fe13b39d8a87ecb75136e9c186720f40cddc4e895340121d7856e4bbe75d58c7ba28462977b9aab8cd83fe25ed22d3e0991cc75ba41c69d3ad8a029ff323013310595dbac5b8e04cfd623a0b7eec2f0194f968063de220519e133756800cb1788cd8fe00afdb7a8ca5ea22a1c93abdfde076db4c01356b06fdeea979ff518faeca74ce6d2d0bc57ceace7f8c8d490d7cff10995d3cfd6ad3f2476c73a17fa60217dcd45444343f592820c493b70bb75bf4f55abf923c551855955e632d824c6c3a5107ba1773e9f6e5ac33595de80419067c5401a43b43f7d20bfb5c6f123114", 0x50b}], 0x2, &(0x7f0000003500)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x34000041)

292.663661ms ago: executing program 1 (id=1973):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0xffffffe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

244.454477ms ago: executing program 2 (id=1974):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, 0x0)
r1 = socket(0x2, 0x800, 0xc)
listen(0xffffffffffffffff, 0x8)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x2, 0x20}, &(0x7f00000001c0)=0xc)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000)=0xfffffff7, 0x4)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000100)={0x1, @null, @bpq0, 0xb49, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xfff, 0x3, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default]})

0s ago: executing program 1 (id=1975):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x28002, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
sendto$inet6(r0, 0x0, 0x0, 0x240540c3, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)

kernel console output (not intermixed with test programs):

870 Comm: syz.2.1420 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  226.253957][T10870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.253975][T10870] Call Trace:
[  226.253982][T10870]  <TASK>
[  226.253992][T10870]  dump_stack_lvl+0x241/0x360
[  226.254025][T10870]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.254050][T10870]  ? __pfx__printk+0x10/0x10
[  226.254077][T10870]  ? snprintf+0xda/0x120
[  226.254105][T10870]  should_fail_ex+0x40a/0x550
[  226.254144][T10870]  _copy_to_user+0x31/0xb0
[  226.254176][T10870]  simple_read_from_buffer+0xca/0x150
[  226.254209][T10870]  proc_fail_nth_read+0x1e9/0x250
[  226.254245][T10870]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  226.254279][T10870]  ? rw_verify_area+0x243/0x630
[  226.254301][T10870]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  226.254333][T10870]  vfs_read+0x1f8/0xb40
[  226.254357][T10870]  ? fdget_pos+0x254/0x320
[  226.254389][T10870]  ? __pfx___mutex_lock+0x10/0x10
[  226.254422][T10870]  ? __pfx_vfs_read+0x10/0x10
[  226.254448][T10870]  ? __fget_files+0x2a/0x410
[  226.254489][T10870]  ? __fget_files+0x395/0x410
[  226.254517][T10870]  ? __fget_files+0x2a/0x410
[  226.254566][T10870]  ksys_read+0x18f/0x2b0
[  226.254597][T10870]  ? __pfx_ksys_read+0x10/0x10
[  226.254628][T10870]  ? do_syscall_64+0x100/0x230
[  226.254663][T10870]  ? do_syscall_64+0xb6/0x230
[  226.254698][T10870]  do_syscall_64+0xf3/0x230
[  226.254729][T10870]  ? clear_bhb_loop+0x35/0x90
[  226.254763][T10870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.254792][T10870] RIP: 0033:0x7f6425b8bb7c
[  226.254810][T10870] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  226.254843][T10870] RSP: 002b:00007f6426a69030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  226.254865][T10870] RAX: ffffffffffffffda RBX: 00007f6425da5fa0 RCX: 00007f6425b8bb7c
[  226.254881][T10870] RDX: 000000000000000f RSI: 00007f6426a690a0 RDI: 0000000000000003
[  226.254895][T10870] RBP: 00007f6426a69090 R08: 0000000000000000 R09: 0000000000000000
[  226.254908][T10870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.254920][T10870] R13: 0000000000000001 R14: 00007f6425da5fa0 R15: 00007ffda3da2a38
[  226.254952][T10870]  </TASK>
[  226.490138][T10867] gre0: entered allmulticast mode
[  226.501696][T10867] gretap0: entered allmulticast mode
[  226.511056][T10867] erspan0: entered allmulticast mode
[  226.520482][T10867] ip_vti0: entered allmulticast mode
[  226.529196][T10867] ip6_vti0: entered allmulticast mode
[  226.550738][T10867] sit0: entered allmulticast mode
[  226.565455][T10867] ip6tnl0: entered allmulticast mode
[  226.573185][T10867] ip6gre0: entered allmulticast mode
[  226.582644][T10867] syz_tun: entered allmulticast mode
[  226.602320][T10867] ip6gretap0: entered allmulticast mode
[  226.612298][T10867] bridge0: port 2(batadv2) entered disabled state
[  226.618957][T10867] bridge0: port 1(batadv1) entered disabled state
[  226.627700][T10867] bridge0: entered allmulticast mode
[  226.635917][T10867] bond0: entered allmulticast mode
[  226.641753][T10867] dummy0: entered allmulticast mode
[  226.650705][T10867] nlmon0: entered allmulticast mode
[  226.658567][T10867] caif0: entered allmulticast mode
[  226.664980][T10867] batadv0: entered allmulticast mode
[  226.673478][T10867] vxcan0: entered allmulticast mode
[  226.681254][T10867] vxcan1: entered allmulticast mode
[  226.688993][T10867] veth0: entered allmulticast mode
[  226.699535][T10867] veth1: entered allmulticast mode
[  226.709296][T10867] wg0: entered allmulticast mode
[  226.718462][T10867] wg1: entered allmulticast mode
[  226.727015][T10867] wg2: entered allmulticast mode
[  226.735126][T10867] veth0_to_bridge: entered allmulticast mode
[  226.745130][T10867] bridge_slave_0: entered allmulticast mode
[  226.753390][T10867] veth1_to_bridge: entered allmulticast mode
[  226.772862][T10867] bridge_slave_1: entered allmulticast mode
[  226.785118][T10867] veth0_to_bond: entered allmulticast mode
[  226.792963][T10867] 
@ÿ: entered allmulticast mode
[  226.801225][T10867] veth1_to_bond: entered allmulticast mode
[  226.809939][T10867] bond_slave_1: entered allmulticast mode
[  226.816684][T10867] veth0_to_team: left promiscuous mode
[  226.822384][T10867] team_slave_0: entered allmulticast mode
[  226.833109][T10867] veth1_to_team: entered allmulticast mode
[  226.856384][T10867] team_slave_1: entered allmulticast mode
[  226.863242][T10867] veth0_to_batadv: entered allmulticast mode
[  226.890441][T10867] batadv_slave_0: entered allmulticast mode
[  226.900583][T10867] veth1_to_batadv: entered allmulticast mode
[  226.911602][T10867] batadv_slave_1: entered allmulticast mode
[  226.921834][T10867] xfrm0: entered allmulticast mode
[  226.931454][T10867] veth0_to_hsr: entered allmulticast mode
[  226.943908][T10867] hsr_slave_0: entered allmulticast mode
[  226.971302][T10867] veth1_to_hsr: entered allmulticast mode
[  227.006214][T10867] hsr_slave_1: entered allmulticast mode
[  227.038632][T10867] hsr0: entered allmulticast mode
[  227.074619][T10867] veth1_virt_wifi: entered allmulticast mode
[  227.109424][T10867] veth0_virt_wifi: entered allmulticast mode
[  227.128657][T10867] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  227.148955][T10867] veth1_vlan: entered allmulticast mode
[  227.158587][T10867] veth0_vlan: entered allmulticast mode
[  227.174118][T10867] vlan0: entered allmulticast mode
[  227.179625][T10867] vlan1: entered allmulticast mode
[  227.200475][T10867] macvlan0: entered allmulticast mode
[  227.215990][T10867] macvlan1: entered allmulticast mode
[  227.228457][T10867] ipvlan0: entered allmulticast mode
[  227.246476][T10867] ipvlan1: entered allmulticast mode
[  227.257595][T10867] veth1_macvtap: entered allmulticast mode
[  227.266874][T10867] veth0_macvtap: entered allmulticast mode
[  227.277903][T10867] macvtap0: entered allmulticast mode
[  227.295660][T10867] macsec0: entered allmulticast mode
[  227.312727][T10867] geneve0: entered allmulticast mode
[  227.331800][T10867] netdevsim netdevsim3 : unset [1, 0] type 2 family 0 port 6081 - 0
[  227.344032][T10867] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.355580][T10867] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.364990][T10867] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.375850][T10867] geneve1: entered allmulticast mode
[  227.395347][T10867] netdevsim netdevsim3 : entered allmulticast mode
[  227.403232][T10867] netdevsim netdevsim3 netdevsim1: entered allmulticast mode
[  227.427976][T10867] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  227.441604][T10867] netdevsim netdevsim3 netdevsim3: entered allmulticast mode
[  227.458693][T10867] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  227.469975][T10867] syztnl1: entered allmulticast mode
[  227.475912][T10867] bond1: entered allmulticast mode
[  227.481326][T10867] bond2: entered allmulticast mode
[  227.487271][T10867] veth2: entered allmulticast mode
[  227.492739][T10867] veth3: entered allmulticast mode
[  227.504398][T10867] sit1: entered allmulticast mode
[  227.509597][T10867] ip6erspan0: entered allmulticast mode
[  227.516478][T10867] gre1: entered allmulticast mode
[  227.523413][T10654] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  227.578485][T10654] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  227.600394][T10654] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  227.636773][T10654] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  227.968655][T10654] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.027244][T10905] netlink: 'syz.1.1433': attribute type 1 has an invalid length.
[  228.048786][T10905] netlink: 'syz.1.1433': attribute type 2 has an invalid length.
[  228.063108][T10654] 8021q: adding VLAN 0 to HW filter on device team0
[  228.115025][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.122238][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.162293][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.169643][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.695617][T10937] __nla_validate_parse: 182 callbacks suppressed
[  228.695639][T10937] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1444'.
[  228.848313][T10654] 8021q: adding VLAN 0 to HW filter on device batadv0
[  229.057039][T10952] netdevsim netdevsim3 : set [0, 0] type 1 family 0 port 8472 - 0
[  229.065169][T10952] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  229.074188][T10952] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  229.082923][T10952] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  229.118344][T10952] vxlan0: entered promiscuous mode
[  229.133254][T10952] vxlan0: entered allmulticast mode
[  229.249585][T10966] smc: net device bond0 erased user defined pnetid SYZ0
[  229.379786][T10973] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1452'.
[  229.448866][T10972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1453'.
[  229.724979][T10987] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1457'.
[  229.824432][T10654] veth0_vlan: entered promiscuous mode
[  229.885911][T10654] veth1_vlan: entered promiscuous mode
[  229.929868][T10994] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1458'.
[  230.000156][T10654] veth0_macvtap: entered promiscuous mode
[  230.030837][T10654] veth1_macvtap: entered promiscuous mode
[  230.083441][T10654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  230.123667][T10654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.160888][T10654] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.199039][T10654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.227135][T10654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.244673][T10654] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.283773][T10654] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.313409][T10654] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.338431][T10654] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.357224][T10654] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.380181][T11018] bond0: option mode: unable to set because the bond device has slaves
[  230.545312][ T3560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.584320][ T3560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.684260][ T1162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.708691][ T1162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.757023][T11028] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1467'.
[  230.777586][T11028] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1467'.
[  230.826814][T11028] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1467'.
[  230.878263][T11028] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1467'.
[  231.469564][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.676667][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.860850][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.996153][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.274916][   T12] bridge_slave_1: left allmulticast mode
[  232.280633][   T12] bridge_slave_1: left promiscuous mode
[  232.317230][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.335965][   T12] bridge_slave_0: left allmulticast mode
[  232.341696][   T12] bridge_slave_0: left promiscuous mode
[  232.347903][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.042843][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  233.051376][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.062612][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  233.071993][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.081757][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  233.090627][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  233.098790][ T5837] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  233.107708][   T12] bond0 (unregistering): Released all slaves
[  233.114264][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  233.156268][T11092] workqueue: name exceeds WQ_NAME_LEN. Truncating to: ¯HcUØîÑË•‚Ž¹+ÕuµJÙÊVú?zlIèƒ
[  233.190875][T11096] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1472'.
[  233.816684][T11129] __nla_validate_parse: 3 callbacks suppressed
[  233.816706][T11129] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1482'.
[  233.859954][   T12] hsr_slave_0: left promiscuous mode
[  233.885556][   T12] hsr_slave_1: left promiscuous mode
[  233.914953][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.929583][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.948395][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.977492][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.059160][   T12] veth1_macvtap: left promiscuous mode
[  234.080290][   T12] veth0_macvtap: left promiscuous mode
[  234.096705][   T12] veth1_vlan: left promiscuous mode
[  234.113343][   T12] veth0_vlan: left promiscuous mode
[  234.989625][   T12] team0 (unregistering): Port device team_slave_1 removed
[  235.038575][   T12] team0 (unregistering): Port device team_slave_0 removed
[  235.156833][ T5854] Bluetooth: hci2: command tx timeout
[  235.746661][T11162] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1490'.
[  235.784804][T11165] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1488'.
[  235.994218][T11100] chnl_net:caif_netlink_parms(): no params data found
[  236.050104][T11176] netlink: 'syz.1.1493': attribute type 11 has an invalid length.
[  236.204830][T11187] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  236.312295][T11100] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.342057][T11194] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  236.354341][T11100] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.367407][T11100] bridge_slave_0: entered allmulticast mode
[  236.385282][T11100] bridge_slave_0: entered promiscuous mode
[  236.411267][T11100] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.423264][T11100] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.437043][T11100] bridge_slave_1: entered allmulticast mode
[  236.446049][T11100] bridge_slave_1: entered promiscuous mode
[  236.911407][T11100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.966450][T11100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.013164][T11213] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  237.064148][T11221] FAULT_INJECTION: forcing a failure.
[  237.064148][T11221] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.077790][T11221] CPU: 0 UID: 0 PID: 11221 Comm: syz.3.1505 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  237.077816][T11221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  237.077828][T11221] Call Trace:
[  237.077835][T11221]  <TASK>
[  237.077842][T11221]  dump_stack_lvl+0x241/0x360
[  237.077870][T11221]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.077889][T11221]  ? __pfx__printk+0x10/0x10
[  237.077911][T11221]  ? __pfx_lock_release+0x10/0x10
[  237.077940][T11221]  ? do_vfs_ioctl+0xf18/0x2770
[  237.077970][T11221]  should_fail_ex+0x40a/0x550
[  237.078005][T11221]  _copy_from_user+0x2d/0xb0
[  237.078033][T11221]  nr_rt_ioctl+0x78c/0xff0
[  237.078065][T11221]  ? aa_get_newest_label+0xff/0x6f0
[  237.078096][T11221]  ? tomoyo_path_number_perm+0x209/0x770
[  237.078126][T11221]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  237.078182][T11221]  ? request_trusted_key+0xf0/0x100
[  237.078217][T11221]  sock_do_ioctl+0x158/0x460
[  237.078249][T11221]  ? __pfx_sock_do_ioctl+0x10/0x10
[  237.078294][T11221]  sock_ioctl+0x626/0x8e0
[  237.078322][T11221]  ? __pfx_sock_ioctl+0x10/0x10
[  237.078348][T11221]  ? __fget_files+0x2a/0x410
[  237.078381][T11221]  ? __fget_files+0x2a/0x410
[  237.078415][T11221]  ? __pfx_sock_ioctl+0x10/0x10
[  237.078442][T11221]  __se_sys_ioctl+0xf5/0x170
[  237.078465][T11221]  do_syscall_64+0xf3/0x230
[  237.078512][T11221]  ? clear_bhb_loop+0x35/0x90
[  237.078542][T11221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.078569][T11221] RIP: 0033:0x7ff4c498d169
[  237.078587][T11221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.078604][T11221] RSP: 002b:00007ff4c5837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  237.078625][T11221] RAX: ffffffffffffffda RBX: 00007ff4c4ba5fa0 RCX: 00007ff4c498d169
[  237.078640][T11221] RDX: 0000400000000100 RSI: 000000000000890b RDI: 0000000000000004
[  237.078652][T11221] RBP: 00007ff4c5837090 R08: 0000000000000000 R09: 0000000000000000
[  237.078665][T11221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.078677][T11221] R13: 0000000000000000 R14: 00007ff4c4ba5fa0 R15: 00007ffed185f218
[  237.078717][T11221]  </TASK>
[  237.303163][T11223] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1504'.
[  237.327194][ T5854] Bluetooth: hci2: command tx timeout
[  237.362852][T11100] team0: Port device team_slave_0 added
[  237.369696][T11222] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1503'.
[  237.433011][T11100] team0: Port device team_slave_1 added
[  237.532519][T11100] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.548149][T11100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.574986][T11100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.596540][T11236] Cannot find add_set index 65534 as target
[  237.610924][T11236] FAULT_INJECTION: forcing a failure.
[  237.610924][T11236] name failslab, interval 1, probability 0, space 0, times 0
[  237.661995][T11100] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.673738][T11236] CPU: 0 UID: 0 PID: 11236 Comm: syz.1.1508 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  237.673768][T11236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  237.673780][T11236] Call Trace:
[  237.673787][T11236]  <TASK>
[  237.673796][T11236]  dump_stack_lvl+0x241/0x360
[  237.673827][T11236]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.673850][T11236]  ? __pfx__printk+0x10/0x10
[  237.673872][T11236]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  237.673903][T11236]  ? __pfx___might_resched+0x10/0x10
[  237.673938][T11236]  should_fail_ex+0x40a/0x550
[  237.673976][T11236]  should_failslab+0xac/0x100
[  237.674005][T11236]  __kmalloc_node_noprof+0xe1/0x4d0
[  237.674034][T11236]  ? __kvmalloc_node_noprof+0x72/0x190
[  237.674074][T11236]  __kvmalloc_node_noprof+0x72/0x190
[  237.674109][T11236]  __nf_hook_entries_try_shrink+0x330/0x730
[  237.674147][T11236]  __nf_unregister_net_hook+0x5cf/0x800
[  237.674179][T11236]  nf_unregister_net_hooks+0xd0/0x140
[  237.674206][T11236]  nf_ct_netns_put+0x370/0x510
[  237.674228][T11236]  ? __pfx_synproxy_tg6_destroy+0x10/0x10
[  237.674263][T11236]  cleanup_entry+0x3d4/0x4c0
[  237.674295][T11236]  ? __pfx_cleanup_entry+0x10/0x10
[  237.674325][T11236]  ? xt_find_target+0x1db/0x230
[  237.674359][T11236]  translate_table+0x2284/0x2490
[  237.674419][T11236]  ? __pfx_translate_table+0x10/0x10
[  237.674444][T11236]  ? __pfx_lock_release+0x10/0x10
[  237.674482][T11236]  ? __virt_addr_valid+0x183/0x530
[  237.674507][T11236]  ? __might_fault+0xc6/0x120
[  237.674535][T11236]  ? copy_from_sockptr_offset+0x6b/0xb0
[  237.674560][T11236]  do_ip6t_set_ctl+0xe4c/0x1270
[  237.674589][T11236]  ? nf_setsockopt+0x240/0x2c0
[  237.674614][T11236]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  237.674638][T11236]  ? rcu_is_watching+0x15/0xb0
[  237.674661][T11236]  ? trace_contention_end+0x3c/0x120
[  237.674696][T11236]  ? __mutex_unlock_slowpath+0x227/0x800
[  237.674738][T11236]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  237.674773][T11236]  ? aa_sk_perm+0x96d/0xab0
[  237.674812][T11236]  ? __pfx_aa_sk_perm+0x10/0x10
[  237.674846][T11236]  nf_setsockopt+0x295/0x2c0
[  237.674878][T11236]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  237.674908][T11236]  do_sock_setsockopt+0x3af/0x720
[  237.674937][T11236]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  237.674964][T11236]  ? __fget_files+0x395/0x410
[  237.674994][T11236]  ? __fget_files+0x2a/0x410
[  237.675033][T11236]  __x64_sys_setsockopt+0x1ee/0x280
[  237.675062][T11236]  do_syscall_64+0xf3/0x230
[  237.675094][T11236]  ? clear_bhb_loop+0x35/0x90
[  237.675127][T11236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.675155][T11236] RIP: 0033:0x7fa9bdf8d169
[  237.675172][T11236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.675189][T11236] RSP: 002b:00007fa9bee25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  237.675211][T11236] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8d169
[  237.675227][T11236] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  237.675239][T11236] RBP: 00007fa9bee25090 R08: 00000000000004b0 R09: 0000000000000000
[  237.675252][T11236] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.675265][T11236] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  237.675297][T11236]  </TASK>
[  238.005700][T11100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.040397][T11100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.178810][T11246] FAULT_INJECTION: forcing a failure.
[  238.178810][T11246] name failslab, interval 1, probability 0, space 0, times 0
[  238.193449][T11246] CPU: 0 UID: 0 PID: 11246 Comm: syz.1.1513 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  238.193480][T11246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  238.193493][T11246] Call Trace:
[  238.193500][T11246]  <TASK>
[  238.193509][T11246]  dump_stack_lvl+0x241/0x360
[  238.193541][T11246]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.193569][T11246]  ? __pfx__printk+0x10/0x10
[  238.193591][T11246]  ? __kmalloc_noprof+0xb5/0x4c0
[  238.193630][T11246]  ? __pfx___might_resched+0x10/0x10
[  238.193662][T11246]  should_fail_ex+0x40a/0x550
[  238.193699][T11246]  should_failslab+0xac/0x100
[  238.193728][T11246]  __kmalloc_noprof+0xdd/0x4c0
[  238.193755][T11246]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  238.193787][T11246]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  238.193818][T11246]  genl_rcv_msg+0x80b/0xec0
[  238.193849][T11246]  ? __pfx_genl_rcv_msg+0x10/0x10
[  238.193896][T11246]  ? __pfx_lock_acquire+0x10/0x10
[  238.193920][T11246]  ? __pfx_thermal_genl_cmd_doit+0x10/0x10
[  238.193946][T11246]  ? __pfx___might_resched+0x10/0x10
[  238.193976][T11246]  netlink_rcv_skb+0x206/0x480
[  238.193995][T11246]  ? __pfx_genl_rcv_msg+0x10/0x10
[  238.194020][T11246]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  238.194066][T11246]  genl_rcv+0x28/0x40
[  238.194087][T11246]  netlink_unicast+0x7f6/0x990
[  238.194112][T11246]  ? __pfx_netlink_unicast+0x10/0x10
[  238.194128][T11246]  ? __virt_addr_valid+0x45f/0x530
[  238.194145][T11246]  ? __phys_addr_symbol+0x2f/0x70
[  238.194160][T11246]  ? __check_object_size+0x47a/0x730
[  238.194186][T11246]  netlink_sendmsg+0x8de/0xcb0
[  238.194216][T11246]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.194240][T11246]  ? aa_sock_msg_perm+0x91/0x160
[  238.194272][T11246]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.194291][T11246]  __sock_sendmsg+0x221/0x270
[  238.194317][T11246]  ____sys_sendmsg+0x53a/0x860
[  238.194343][T11246]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.194367][T11246]  ? __fget_files+0x2a/0x410
[  238.194396][T11246]  ? __fget_files+0x2a/0x410
[  238.194430][T11246]  __sys_sendmsg+0x269/0x350
[  238.194454][T11246]  ? __pfx___sys_sendmsg+0x10/0x10
[  238.194485][T11246]  ? do_sys_openat2+0x17a/0x1d0
[  238.194535][T11246]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  238.194564][T11246]  ? do_syscall_64+0x100/0x230
[  238.194594][T11246]  ? do_syscall_64+0xb6/0x230
[  238.194632][T11246]  do_syscall_64+0xf3/0x230
[  238.194656][T11246]  ? clear_bhb_loop+0x35/0x90
[  238.194683][T11246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.194706][T11246] RIP: 0033:0x7fa9bdf8d169
[  238.194723][T11246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.194738][T11246] RSP: 002b:00007fa9bee25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  238.194757][T11246] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8d169
[  238.194769][T11246] RDX: 0000000000000000 RSI: 00004000000001c0 RDI: 0000000000000004
[  238.194779][T11246] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  238.194790][T11246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.194800][T11246] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  238.194831][T11246]  </TASK>
[  238.274066][ T5854] Bluetooth: hci0: command tx timeout
[  238.785123][T11267] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1518'.
[  238.842192][T11100] hsr_slave_0: entered promiscuous mode
[  238.859770][T11100] hsr_slave_1: entered promiscuous mode
[  238.878697][T11100] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.904917][T11100] Cannot create hsr debugfs directory
[  239.055793][T11273] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1520'.
[  239.269202][T11283] FAULT_INJECTION: forcing a failure.
[  239.269202][T11283] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.300464][T11283] CPU: 1 UID: 0 PID: 11283 Comm: syz.1.1525 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  239.300492][T11283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  239.300506][T11283] Call Trace:
[  239.300514][T11283]  <TASK>
[  239.300522][T11283]  dump_stack_lvl+0x241/0x360
[  239.300553][T11283]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.300585][T11283]  ? __pfx__printk+0x10/0x10
[  239.300608][T11283]  ? __pfx_lock_release+0x10/0x10
[  239.300637][T11283]  ? do_vfs_ioctl+0xf18/0x2770
[  239.300667][T11283]  should_fail_ex+0x40a/0x550
[  239.300704][T11283]  _copy_from_user+0x2d/0xb0
[  239.300733][T11283]  nr_rt_ioctl+0x78c/0xff0
[  239.300767][T11283]  ? aa_get_newest_label+0xff/0x6f0
[  239.300798][T11283]  ? tomoyo_path_number_perm+0x209/0x770
[  239.300830][T11283]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  239.300875][T11283]  ? request_trusted_key+0xf0/0x100
[  239.300913][T11283]  sock_do_ioctl+0x158/0x460
[  239.300946][T11283]  ? __pfx_sock_do_ioctl+0x10/0x10
[  239.300993][T11283]  sock_ioctl+0x626/0x8e0
[  239.301022][T11283]  ? __pfx_sock_ioctl+0x10/0x10
[  239.301047][T11283]  ? __fget_files+0x2a/0x410
[  239.301079][T11283]  ? __fget_files+0x2a/0x410
[  239.301112][T11283]  ? __pfx_sock_ioctl+0x10/0x10
[  239.301138][T11283]  __se_sys_ioctl+0xf5/0x170
[  239.301162][T11283]  do_syscall_64+0xf3/0x230
[  239.301192][T11283]  ? clear_bhb_loop+0x35/0x90
[  239.301225][T11283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.301252][T11283] RIP: 0033:0x7fa9bdf8d169
[  239.301270][T11283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.301288][T11283] RSP: 002b:00007fa9bee25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  239.301311][T11283] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8d169
[  239.301326][T11283] RDX: 0000400000000100 RSI: 000000000000890b RDI: 0000000000000004
[  239.301340][T11283] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  239.301353][T11283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.301365][T11283] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  239.301395][T11283]  </TASK>
[  239.542318][ T5854] Bluetooth: hci2: command tx timeout
[  239.802243][T11295] bpq0: entered promiscuous mode
[  239.807598][T11295] bpq0: entered allmulticast mode
[  240.070908][T11315] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1532'.
[  240.211541][T11321] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1533'.
[  240.408861][T11327] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1534'.
[  240.444896][T11327] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1534'.
[  240.488276][T11329] Cannot find add_set index 65534 as target
[  240.549258][T11329] FAULT_INJECTION: forcing a failure.
[  240.549258][T11329] name failslab, interval 1, probability 0, space 0, times 0
[  240.579519][T11329] CPU: 0 UID: 0 PID: 11329 Comm: syz.3.1536 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  240.579551][T11329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.579563][T11329] Call Trace:
[  240.579570][T11329]  <TASK>
[  240.579578][T11329]  dump_stack_lvl+0x241/0x360
[  240.579607][T11329]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.579632][T11329]  ? __pfx__printk+0x10/0x10
[  240.579653][T11329]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  240.579680][T11329]  ? __pfx___might_resched+0x10/0x10
[  240.579708][T11329]  should_fail_ex+0x40a/0x550
[  240.579740][T11329]  should_failslab+0xac/0x100
[  240.579767][T11329]  __kmalloc_node_noprof+0xe1/0x4d0
[  240.579792][T11329]  ? __kvmalloc_node_noprof+0x72/0x190
[  240.579826][T11329]  __kvmalloc_node_noprof+0x72/0x190
[  240.579856][T11329]  __nf_hook_entries_try_shrink+0x330/0x730
[  240.579890][T11329]  __nf_unregister_net_hook+0x5cf/0x800
[  240.579919][T11329]  nf_unregister_net_hooks+0xd0/0x140
[  240.579941][T11329]  synproxy_tg6_destroy+0x58/0xb0
[  240.579970][T11329]  ? __pfx_synproxy_tg6_destroy+0x10/0x10
[  240.579998][T11329]  cleanup_entry+0x3d4/0x4c0
[  240.580026][T11329]  ? __pfx_cleanup_entry+0x10/0x10
[  240.580052][T11329]  ? xt_find_target+0x1db/0x230
[  240.580083][T11329]  translate_table+0x2284/0x2490
[  240.580129][T11329]  ? __pfx_translate_table+0x10/0x10
[  240.580151][T11329]  ? __pfx_lock_release+0x10/0x10
[  240.580184][T11329]  ? __virt_addr_valid+0x183/0x530
[  240.580208][T11329]  ? __might_fault+0xc6/0x120
[  240.580233][T11329]  ? copy_from_sockptr_offset+0x6b/0xb0
[  240.580255][T11329]  do_ip6t_set_ctl+0xe4c/0x1270
[  240.580280][T11329]  ? nf_setsockopt+0x240/0x2c0
[  240.580303][T11329]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  240.580323][T11329]  ? rcu_is_watching+0x15/0xb0
[  240.580345][T11329]  ? trace_contention_end+0x3c/0x120
[  240.580376][T11329]  ? __mutex_unlock_slowpath+0x227/0x800
[  240.580412][T11329]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  240.580447][T11329]  ? aa_sk_perm+0x96d/0xab0
[  240.580482][T11329]  ? __pfx_aa_sk_perm+0x10/0x10
[  240.580512][T11329]  nf_setsockopt+0x295/0x2c0
[  240.580539][T11329]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  240.580566][T11329]  do_sock_setsockopt+0x3af/0x720
[  240.580591][T11329]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  240.580615][T11329]  ? __fget_files+0x395/0x410
[  240.580641][T11329]  ? __fget_files+0x2a/0x410
[  240.580677][T11329]  __x64_sys_setsockopt+0x1ee/0x280
[  240.580703][T11329]  do_syscall_64+0xf3/0x230
[  240.580732][T11329]  ? clear_bhb_loop+0x35/0x90
[  240.580762][T11329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.580787][T11329] RIP: 0033:0x7ff4c498d169
[  240.580805][T11329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.580821][T11329] RSP: 002b:00007ff4c5837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  240.580841][T11329] RAX: ffffffffffffffda RBX: 00007ff4c4ba5fa0 RCX: 00007ff4c498d169
[  240.580855][T11329] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  240.580866][T11329] RBP: 00007ff4c5837090 R08: 00000000000004b0 R09: 0000000000000000
[  240.580878][T11329] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000002
[  240.580890][T11329] R13: 0000000000000000 R14: 00007ff4c4ba5fa0 R15: 00007ffed185f218
[  240.580919][T11329]  </TASK>
[  240.995238][T11324] netlink: 'syz.1.1535': attribute type 1 has an invalid length.
[  241.441084][T11100] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  241.485154][T11100] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  241.510457][T11100] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  241.543996][T11356] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1545'.
[  241.548800][T11100] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  241.583303][T11361] rdma_rxe: rxe_newlink: failed to add bridge_slave_0
[  241.633797][ T5854] Bluetooth: hci2: command tx timeout
[  241.738499][T11100] 8021q: adding VLAN 0 to HW filter on device bond0
[  241.793443][T11100] 8021q: adding VLAN 0 to HW filter on device team0
[  241.818472][ T3450] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.825736][ T3450] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.864932][T11366] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1547'.
[  241.879525][ T3450] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.886878][ T3450] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.944176][T11372] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1548'.
[  242.056517][T11100] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  242.316716][T11389] FAULT_INJECTION: forcing a failure.
[  242.316716][T11389] name failslab, interval 1, probability 0, space 0, times 0
[  242.434040][T11389] CPU: 0 UID: 0 PID: 11389 Comm: syz.1.1552 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  242.434086][T11389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  242.434099][T11389] Call Trace:
[  242.434107][T11389]  <TASK>
[  242.434115][T11389]  dump_stack_lvl+0x241/0x360
[  242.434147][T11389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  242.434171][T11389]  ? __pfx__printk+0x10/0x10
[  242.434207][T11389]  should_fail_ex+0x40a/0x550
[  242.434243][T11389]  should_failslab+0xac/0x100
[  242.434273][T11389]  __kmalloc_cache_noprof+0x70/0x390
[  242.434303][T11389]  ? sctp_add_bind_addr+0x89/0x3a0
[  242.434339][T11389]  sctp_add_bind_addr+0x89/0x3a0
[  242.434375][T11389]  sctp_copy_local_addr_list+0x311/0x500
[  242.434408][T11389]  ? sctp_copy_local_addr_list+0xab/0x500
[  242.434439][T11389]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  242.434473][T11389]  ? sctp_v6_is_any+0x60/0x70
[  242.434492][T11389]  ? sctp_copy_one_addr+0x94/0x360
[  242.434521][T11389]  sctp_bind_addr_copy+0xad/0x3b0
[  242.434552][T11389]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  242.434585][T11389]  sctp_connect_new_asoc+0x2f3/0x6c0
[  242.434613][T11389]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  242.434634][T11389]  ? sctp_sendmsg+0xf1a/0x35d0
[  242.434661][T11389]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  242.434682][T11389]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  242.434713][T11389]  sctp_sendmsg+0x1f64/0x35d0
[  242.434752][T11389]  ? __pfx_sctp_sendmsg+0x10/0x10
[  242.434777][T11389]  ? aa_sk_perm+0x96d/0xab0
[  242.434824][T11389]  ? inet_sendmsg+0x330/0x390
[  242.434858][T11389]  __sock_sendmsg+0x1a6/0x270
[  242.434889][T11389]  __sys_sendto+0x363/0x4c0
[  242.434926][T11389]  ? __pfx___sys_sendto+0x10/0x10
[  242.434972][T11389]  ? __fget_files+0x2a/0x410
[  242.435012][T11389]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  242.435046][T11389]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  242.435094][T11389]  __x64_sys_sendto+0xde/0x100
[  242.435131][T11389]  do_syscall_64+0xf3/0x230
[  242.435162][T11389]  ? clear_bhb_loop+0x35/0x90
[  242.435194][T11389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.435221][T11389] RIP: 0033:0x7fa9bdf8d169
[  242.435238][T11389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.435254][T11389] RSP: 002b:00007fa9bee25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  242.435276][T11389] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8d169
[  242.435290][T11389] RDX: 0000000000000001 RSI: 0000400000000100 RDI: 0000000000000003
[  242.435303][T11389] RBP: 00007fa9bee25090 R08: 00004000000000c0 R09: 000000000000001c
[  242.435318][T11389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  242.435329][T11389] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  242.435358][T11389]  </TASK>
[  242.783908][T11400] bpq0: left promiscuous mode
[  242.788801][T11400] bpq0: left allmulticast mode
[  242.824470][T11100] 8021q: adding VLAN 0 to HW filter on device batadv0
[  242.848117][T11402] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1558'.
[  243.145583][T11420] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1560'.
[  243.470070][T11100] veth0_vlan: entered promiscuous mode
[  243.507296][T11100] veth1_vlan: entered promiscuous mode
[  243.640767][T11100] veth0_macvtap: entered promiscuous mode
[  243.691396][T11100] veth1_macvtap: entered promiscuous mode
[  243.727044][T11444] FAULT_INJECTION: forcing a failure.
[  243.727044][T11444] name failslab, interval 1, probability 0, space 0, times 0
[  243.740271][T11444] CPU: 1 UID: 0 PID: 11444 Comm: syz.3.1570 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  243.740298][T11444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  243.740312][T11444] Call Trace:
[  243.740320][T11444]  <TASK>
[  243.740330][T11444]  dump_stack_lvl+0x241/0x360
[  243.740362][T11444]  ? __pfx_dump_stack_lvl+0x10/0x10
[  243.740386][T11444]  ? __pfx__printk+0x10/0x10
[  243.740415][T11444]  ? __pfx_lock_acquire+0x10/0x10
[  243.740451][T11444]  should_fail_ex+0x40a/0x550
[  243.740488][T11444]  should_failslab+0xac/0x100
[  243.740519][T11444]  __kmalloc_cache_noprof+0x70/0x390
[  243.740548][T11444]  ? tipc_nametbl_lookup_group+0x7a9/0xc20
[  243.740588][T11444]  tipc_nametbl_lookup_group+0x7a9/0xc20
[  243.740622][T11444]  ? tipc_nametbl_lookup_group+0xb4/0xc20
[  243.740670][T11444]  __tipc_sendmsg+0x1a1d/0x35d0
[  243.740719][T11444]  ? __pfx___tipc_sendmsg+0x10/0x10
[  243.740751][T11444]  ? validate_chain+0x11e/0x5920
[  243.740777][T11444]  ? __pfx_validate_chain+0x10/0x10
[  243.740801][T11444]  ? __pfx_validate_chain+0x10/0x10
[  243.740826][T11444]  ? mark_lock+0x9a/0x360
[  243.740851][T11444]  ? __lock_acquire+0x1397/0x2100
[  243.740905][T11444]  ? mark_lock+0x9a/0x360
[  243.740930][T11444]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  243.740965][T11444]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  243.741009][T11444]  ? __local_bh_enable_ip+0x168/0x200
[  243.741035][T11444]  ? tipc_sendmsg+0x47/0x70
[  243.741062][T11444]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  243.741084][T11444]  ? do_raw_spin_unlock+0x13c/0x8b0
[  243.741120][T11444]  ? __pfx_tipc_sendmsg+0x10/0x10
[  243.741145][T11444]  tipc_sendmsg+0x55/0x70
[  243.741181][T11444]  __sock_sendmsg+0x221/0x270
[  243.741214][T11444]  ____sys_sendmsg+0x53a/0x860
[  243.741248][T11444]  ? __pfx_____sys_sendmsg+0x10/0x10
[  243.741268][T11444]  ? __fget_files+0x2a/0x410
[  243.741303][T11444]  ? __fget_files+0x2a/0x410
[  243.741344][T11444]  __sys_sendmsg+0x269/0x350
[  243.741373][T11444]  ? __pfx___sys_sendmsg+0x10/0x10
[  243.741411][T11444]  ? do_sys_openat2+0x17a/0x1d0
[  243.741473][T11444]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  243.741507][T11444]  ? do_syscall_64+0x100/0x230
[  243.741542][T11444]  ? do_syscall_64+0xb6/0x230
[  243.741576][T11444]  do_syscall_64+0xf3/0x230
[  243.741607][T11444]  ? clear_bhb_loop+0x35/0x90
[  243.741640][T11444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.741668][T11444] RIP: 0033:0x7ff4c498d169
[  243.741688][T11444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.741706][T11444] RSP: 002b:00007ff4c5837038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  243.741730][T11444] RAX: ffffffffffffffda RBX: 00007ff4c4ba5fa0 RCX: 00007ff4c498d169
[  243.741745][T11444] RDX: 0000000000000000 RSI: 0000400000000240 RDI: 0000000000000004
[  243.741759][T11444] RBP: 00007ff4c5837090 R08: 0000000000000000 R09: 0000000000000000
[  243.741773][T11444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.741786][T11444] R13: 0000000000000000 R14: 00007ff4c4ba5fa0 R15: 00007ffed185f218
[  243.741820][T11444]  </TASK>
[  243.746499][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  244.177007][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.195045][T11100] batman_adv: batadv0: Interface activated: batadv_slave_0
[  244.282788][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  244.304636][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  244.348888][T11100] batman_adv: batadv0: Interface activated: batadv_slave_1
[  244.427841][T11472] __nla_validate_parse: 1 callbacks suppressed
[  244.427863][T11472] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1575'.
[  244.471400][T11100] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  244.516942][T11100] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  244.554178][T11100] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  244.562956][T11100] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  244.656171][T11476] lo: entered allmulticast mode
[  244.705190][T11476] tunl0: entered allmulticast mode
[  244.716223][T11476] gre0: entered allmulticast mode
[  244.774774][T11476] gretap0: entered allmulticast mode
[  244.865142][T11476] erspan0: entered allmulticast mode
[  244.886514][T11476] ip_vti0: entered allmulticast mode
[  244.915100][T11476] ip6_vti0: entered allmulticast mode
[  244.934060][T11476] sit0: entered allmulticast mode
[  244.958477][T11476] ip6tnl0: entered allmulticast mode
[  244.985570][T11476] ip6gre0: entered allmulticast mode
[  245.009578][T11476] syz_tun: entered allmulticast mode
[  245.035166][T11476] ip6gretap0: entered allmulticast mode
[  245.059624][T11476] bridge0: port 3(macsec0) entered disabled state
[  245.066378][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.073931][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.101212][T11476] bridge0: entered allmulticast mode
[  245.142920][T11476] bond0: entered allmulticast mode
[  245.154018][T11476] bond_slave_0: entered allmulticast mode
[  245.171288][T11476] bond_slave_1: entered allmulticast mode
[  245.190935][T11476] tipc: Resetting bearer <eth:team0>
[  245.238259][T11476] team0: entered allmulticast mode
[  245.243464][T11476] team_slave_0: entered allmulticast mode
[  245.269452][T11476] team_slave_1: entered allmulticast mode
[  245.290255][T11476] dummy0: entered allmulticast mode
[  245.311230][T11476] nlmon0: entered allmulticast mode
[  245.319535][T11476] caif0: entered allmulticast mode
[  245.335890][T11476] batadv0: entered allmulticast mode
[  245.352992][T11476] vxcan0: entered allmulticast mode
[  245.362057][T11476] vxcan1: entered allmulticast mode
[  245.370401][T11476] veth0: entered allmulticast mode
[  245.380555][T11476] veth1: entered allmulticast mode
[  245.401431][T11476] wg0: entered allmulticast mode
[  245.416063][T11476] wg1: entered allmulticast mode
[  245.429710][T11476] wg2: entered allmulticast mode
[  245.447805][T11476] veth0_to_bridge: entered allmulticast mode
[  245.481775][T11476] veth1_to_bridge: entered allmulticast mode
[  245.515365][T11476] veth0_to_bond: entered allmulticast mode
[  245.540374][T11476] veth1_to_bond: entered allmulticast mode
[  245.567089][T11476] veth0_to_team: entered allmulticast mode
[  245.580243][T11476] veth1_to_team: entered allmulticast mode
[  245.594377][T11476] veth0_to_batadv: entered allmulticast mode
[  245.604736][T11476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.615572][T11476] batadv_slave_0: entered allmulticast mode
[  245.626795][T11476] veth1_to_batadv: entered allmulticast mode
[  245.640506][T11476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.649596][T11476] batadv_slave_1: entered allmulticast mode
[  245.659986][T11476] xfrm0: entered allmulticast mode
[  245.669645][T11476] veth0_to_hsr: entered allmulticast mode
[  245.701595][T11476] hsr_slave_0: entered allmulticast mode
[  245.723027][T11476] veth1_to_hsr: entered allmulticast mode
[  245.745308][T11476] hsr_slave_1: entered allmulticast mode
[  245.761683][T11476] hsr0: entered allmulticast mode
[  245.786142][T11476] veth1_virt_wifi: entered allmulticast mode
[  245.812266][T11476] veth0_virt_wifi: entered allmulticast mode
[  245.832457][T11476] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  245.851973][T11476] veth1_vlan: entered allmulticast mode
[  245.875634][T11476] veth0_vlan: entered allmulticast mode
[  245.912574][T11476] vlan0: entered allmulticast mode
[  245.923954][T11476] vlan1: entered allmulticast mode
[  245.942321][T11476] macvlan0: entered allmulticast mode
[  245.965071][T11476] macvlan1: entered allmulticast mode
[  245.978822][T11476] ipvlan0: entered allmulticast mode
[  245.994594][T11476] ipvlan1: entered allmulticast mode
[  246.013024][T11476] veth0_macvtap: entered allmulticast mode
[  246.035799][T11476] macvtap0: entered allmulticast mode
[  246.058674][T11476] geneve0: entered allmulticast mode
[  246.080404][T11476] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.100647][T11476] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.119927][T11476] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.141416][T11476] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.158282][T11476] geneve1: entered allmulticast mode
[  246.182628][T11476] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  246.191100][T11476] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  246.200713][T11476] netdevsim netdevsim2 netdevsim1: entered allmulticast mode
[  246.216204][T11476] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[  246.227532][T11476] netdevsim netdevsim2 netdevsim3: entered allmulticast mode
[  246.247079][T11476] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode
[  246.257902][T11476] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  246.267285][T11476] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  246.276448][T11476] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  246.285705][T11476] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  246.296247][T11476] vxlan0: left promiscuous mode
[  246.421688][T11476] ipvlan2: entered allmulticast mode
[  246.435609][T11476] bond1: entered allmulticast mode
[  246.449444][T11476] sit1: entered allmulticast mode
[  246.482540][T11476] veth2: entered allmulticast mode
[  246.488379][T11476] veth3: entered allmulticast mode
[  246.494250][T11476] gre1: entered allmulticast mode
[  246.499487][T11476] ip6gre1: entered allmulticast mode
[  246.505275][T11476] sit2: entered allmulticast mode
[  246.517952][T11476] bond2: entered allmulticast mode
[  246.523136][T11476] gretap1: entered allmulticast mode
[  246.532682][T11476] ip6erspan0: entered allmulticast mode
[  246.544263][T11476] macsec1: entered allmulticast mode
[  246.579181][T11491] ip6erspan0: entered allmulticast mode
[  246.602794][T11491] sit1: entered allmulticast mode
[  246.629526][T11491] bond5: entered allmulticast mode
[  246.648790][T11491] gretap3: entered allmulticast mode
[  246.666943][T11491] mac80211_hwsim hwsim31 wlan3: entered allmulticast mode
[  246.688052][T11504] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  246.722668][T11544] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1583'.
[  246.892006][ T1162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.918006][ T1162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.016389][ T1162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.049930][ T1162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.189376][T11571] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1588'.
[  247.776526][T11595] netlink: 'syz.3.1597': attribute type 21 has an invalid length.
[  247.800761][T11595] IPv6: NLM_F_CREATE should be specified when creating new route
[  247.831415][T11595] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  247.838805][T11595] IPv6: NLM_F_CREATE should be set when creating new route
[  247.846192][T11595] IPv6: NLM_F_CREATE should be set when creating new route
[  247.853442][T11595] IPv6: NLM_F_CREATE should be set when creating new route
[  248.049360][ T3450] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.176635][ T3450] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.237101][T11584] Bluetooth: hci4: Opcode 0x0401 failed: -4
[  248.317070][ T3450] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.415185][ T3450] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.543306][ T3450] bridge_slave_1: left allmulticast mode
[  248.554222][ T3450] bridge_slave_1: left promiscuous mode
[  248.565130][ T3450] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.575681][ T3450] bridge_slave_0: left allmulticast mode
[  248.581369][ T3450] bridge_slave_0: left promiscuous mode
[  248.589559][ T3450] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.045216][ T3450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.098462][ T3450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.116516][T11624] netlink: 'syz.2.1601': attribute type 1 has an invalid length.
[  249.139164][ T3450] bond0 (unregistering): Released all slaves
[  249.219600][T11624] 8021q: adding VLAN 0 to HW filter on device bond3
[  249.289617][T11631] 8021q: adding VLAN 0 to HW filter on device bond4
[  249.308321][T11631] bond0: (slave bond4): Enslaving as an active interface with an up link
[  249.349964][T11633] bond3: (slave gretap2): making interface the new active one
[  249.365262][T11633] bond3: (slave gretap2): Enslaving as an active interface with an up link
[  249.509208][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  249.520165][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  249.536840][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  249.554028][ T5837] Bluetooth: hci4: command 0x0405 tx timeout
[  249.562720][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  249.584317][ T5837] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  249.592391][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  249.764815][T11656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1607'.
[  250.204342][T11672] Cannot find add_set index 65534 as target
[  250.298221][T11677] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1611'.
[  250.328949][T11677] openvswitch: netlink: Missing key (keys=40, expected=80)
[  250.352110][T11681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1611'.
[  250.395432][ T3450] hsr_slave_0: left promiscuous mode
[  250.416660][T11677] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1611'.
[  250.425887][ T3450] hsr_slave_1: left promiscuous mode
[  250.441635][ T3450] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.469125][T11677] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1611'.
[  250.473715][ T3450] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.502305][ T3450] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  250.510880][ T3450] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.586228][ T3450] veth1_macvtap: left promiscuous mode
[  250.602129][ T3450] veth0_macvtap: left promiscuous mode
[  250.612330][ T3450] veth1_vlan: left promiscuous mode
[  250.623864][ T3450] veth0_vlan: left promiscuous mode
[  251.185480][ T3450] team0 (unregistering): Port device team_slave_1 removed
[  251.232581][ T3450] team0 (unregistering): Port device team_slave_0 removed
[  251.634116][ T5854] Bluetooth: hci2: command tx timeout
[  252.087362][T11700] bpq0: entered promiscuous mode
[  252.097341][T11700] bpq0: entered allmulticast mode
[  252.300250][T11643] chnl_net:caif_netlink_parms(): no params data found
[  252.724854][T11643] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.742002][T11643] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.774688][T11643] bridge_slave_0: entered allmulticast mode
[  252.792191][T11643] bridge_slave_0: entered promiscuous mode
[  252.895532][T11743] bpq0: left promiscuous mode
[  252.900508][T11743] bpq0: left allmulticast mode
[  252.924878][T11643] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.954588][T11643] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.972042][T11643] bridge_slave_1: entered allmulticast mode
[  252.998994][T11643] bridge_slave_1: entered promiscuous mode
[  253.074383][ T5854] Bluetooth: hci4: command 0x0405 tx timeout
[  253.178232][T11643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.271541][T11758] FAULT_INJECTION: forcing a failure.
[  253.271541][T11758] name failslab, interval 1, probability 0, space 0, times 0
[  253.298438][T11758] CPU: 0 UID: 0 PID: 11758 Comm: syz.1.1628 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  253.298469][T11758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  253.298483][T11758] Call Trace:
[  253.298491][T11758]  <TASK>
[  253.298500][T11758]  dump_stack_lvl+0x241/0x360
[  253.298532][T11758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.298556][T11758]  ? __pfx__printk+0x10/0x10
[  253.298580][T11758]  ? __kmalloc_cache_noprof+0x48/0x390
[  253.298611][T11758]  ? __pfx___might_resched+0x10/0x10
[  253.298645][T11758]  should_fail_ex+0x40a/0x550
[  253.298683][T11758]  should_failslab+0xac/0x100
[  253.298714][T11758]  __kmalloc_cache_noprof+0x70/0x390
[  253.298754][T11758]  ? call_usermodehelper_setup+0x8e/0x270
[  253.298779][T11758]  ? __kmalloc_node_track_caller_noprof+0x2a8/0x4c0
[  253.298816][T11758]  call_usermodehelper_setup+0x8e/0x270
[  253.298841][T11758]  ? __pfx_free_modprobe_argv+0x10/0x10
[  253.298866][T11758]  __request_module+0x3cd/0x640
[  253.298888][T11758]  ? crypto_alg_lookup+0x2dc/0x360
[  253.298915][T11758]  ? crypto_alg_mod_lookup+0xb4/0x590
[  253.298941][T11758]  ? __pfx___request_module+0x10/0x10
[  253.298959][T11758]  ? __up_read+0x2c2/0x6b0
[  253.298986][T11758]  ? __pfx___up_read+0x10/0x10
[  253.299023][T11758]  ? crypto_alg_lookup+0x2dc/0x360
[  253.299052][T11758]  crypto_alg_mod_lookup+0xe6/0x590
[  253.299081][T11758]  crypto_has_alg+0x26/0x120
[  253.299109][T11758]  tipc_aead_key_validate+0x1f/0x210
[  253.299133][T11758]  tipc_nl_node_set_key+0x5c9/0xac0
[  253.299172][T11758]  ? __pfx_tipc_nl_node_set_key+0x10/0x10
[  253.299213][T11758]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  253.299256][T11758]  genl_rcv_msg+0xb1f/0xec0
[  253.299305][T11758]  ? __pfx_genl_rcv_msg+0x10/0x10
[  253.299369][T11758]  ? __pfx_lock_acquire+0x10/0x10
[  253.299403][T11758]  ? __pfx_tipc_nl_node_set_key+0x10/0x10
[  253.299437][T11758]  ? __pfx___might_resched+0x10/0x10
[  253.299477][T11758]  netlink_rcv_skb+0x206/0x480
[  253.299503][T11758]  ? __pfx_genl_rcv_msg+0x10/0x10
[  253.299536][T11758]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.299597][T11758]  genl_rcv+0x28/0x40
[  253.299625][T11758]  netlink_unicast+0x7f6/0x990
[  253.299658][T11758]  ? __pfx_netlink_unicast+0x10/0x10
[  253.299678][T11758]  ? __virt_addr_valid+0x45f/0x530
[  253.299699][T11758]  ? __phys_addr_symbol+0x2f/0x70
[  253.299718][T11758]  ? __check_object_size+0x47a/0x730
[  253.299753][T11758]  netlink_sendmsg+0x8de/0xcb0
[  253.299792][T11758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.299823][T11758]  ? aa_sock_msg_perm+0x91/0x160
[  253.299862][T11758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.299886][T11758]  __sock_sendmsg+0x221/0x270
[  253.299918][T11758]  ____sys_sendmsg+0x53a/0x860
[  253.299951][T11758]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.299971][T11758]  ? __fget_files+0x2a/0x410
[  253.300005][T11758]  ? __fget_files+0x2a/0x410
[  253.300046][T11758]  __sys_sendmsg+0x269/0x350
[  253.300076][T11758]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.300114][T11758]  ? do_sys_openat2+0x17a/0x1d0
[  253.300175][T11758]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.300209][T11758]  ? do_syscall_64+0x100/0x230
[  253.300243][T11758]  ? do_syscall_64+0xb6/0x230
[  253.300282][T11758]  do_syscall_64+0xf3/0x230
[  253.300327][T11758]  ? clear_bhb_loop+0x35/0x90
[  253.300361][T11758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.300389][T11758] RIP: 0033:0x7fa9bdf8d169
[  253.300407][T11758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.300424][T11758] RSP: 002b:00007fa9bee25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.300446][T11758] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8d169
[  253.300461][T11758] RDX: 0000000004000004 RSI: 0000400000000100 RDI: 0000000000000003
[  253.300475][T11758] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  253.300487][T11758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  253.300500][T11758] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  253.300534][T11758]  </TASK>
[  253.714218][ T5837] Bluetooth: hci2: command tx timeout
[  253.786183][T11769] bpq0: entered promiscuous mode
[  253.791287][T11769] bpq0: entered allmulticast mode
[  253.806367][T11643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.832972][T11772] IPVS: Error connecting to the multicast addr
[  253.940217][T11643] team0: Port device team_slave_0 added
[  253.949956][T11775] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1631'.
[  254.095984][T11643] team0: Port device team_slave_1 added
[  254.120650][T11786] FAULT_INJECTION: forcing a failure.
[  254.120650][T11786] name failslab, interval 1, probability 0, space 0, times 0
[  254.144122][T11786] CPU: 0 UID: 0 PID: 11786 Comm: syz.1.1634 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  254.144156][T11786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.144168][T11786] Call Trace:
[  254.144176][T11786]  <TASK>
[  254.144186][T11786]  dump_stack_lvl+0x241/0x360
[  254.144218][T11786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.144241][T11786]  ? __pfx__printk+0x10/0x10
[  254.144264][T11786]  ? fs_reclaim_acquire+0x93/0x130
[  254.144285][T11786]  ? __pfx___might_resched+0x10/0x10
[  254.144309][T11786]  ? dynamic_dname+0x144/0x1b0
[  254.144333][T11786]  should_fail_ex+0x40a/0x550
[  254.144368][T11786]  should_failslab+0xac/0x100
[  254.144396][T11786]  __kmalloc_noprof+0xdd/0x4c0
[  254.144423][T11786]  ? tomoyo_encode+0x26f/0x540
[  254.144448][T11786]  tomoyo_encode+0x26f/0x540
[  254.144470][T11786]  ? __pfx_sockfs_dname+0x10/0x10
[  254.144500][T11786]  tomoyo_realpath_from_path+0x59e/0x5e0
[  254.144541][T11786]  tomoyo_path_number_perm+0x239/0x770
[  254.144570][T11786]  ? __lock_acquire+0x1397/0x2100
[  254.144603][T11786]  ? tomoyo_path_number_perm+0x209/0x770
[  254.144634][T11786]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  254.144705][T11786]  ? __fget_files+0x2a/0x410
[  254.144737][T11786]  ? __fget_files+0x2a/0x410
[  254.144771][T11786]  security_file_ioctl+0xc6/0x2a0
[  254.144801][T11786]  __se_sys_ioctl+0x46/0x170
[  254.144826][T11786]  do_syscall_64+0xf3/0x230
[  254.144857][T11786]  ? clear_bhb_loop+0x35/0x90
[  254.144889][T11786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.144916][T11786] RIP: 0033:0x7fa9bdf8d169
[  254.144934][T11786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.144951][T11786] RSP: 002b:00007fa9bee25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.144972][T11786] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8d169
[  254.144986][T11786] RDX: 0000400000000000 RSI: 0000000000008936 RDI: 0000000000000005
[  254.144996][T11786] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  254.145008][T11786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.145020][T11786] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  254.145050][T11786]  </TASK>
[  254.145071][T11786] ERROR: Out of memory at tomoyo_realpath_from_path.
[  254.564447][T11643] batman_adv: batadv0: Adding interface: batadv_slave_0
[  254.571475][T11643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  254.631747][T11643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  254.670981][T11643] batman_adv: batadv0: Adding interface: batadv_slave_1
[  254.685951][T11643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  254.744237][T11643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  255.034710][T11643] hsr_slave_0: entered promiscuous mode
[  255.076695][T11643] hsr_slave_1: entered promiscuous mode
[  255.082967][T11643] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  255.104619][T11643] Cannot create hsr debugfs directory
[  255.760554][T11842] FAULT_INJECTION: forcing a failure.
[  255.760554][T11842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.802345][ T5837] Bluetooth: hci2: command tx timeout
[  255.816432][T11842] CPU: 0 UID: 0 PID: 11842 Comm: syz.3.1648 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  255.816459][T11842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  255.816471][T11842] Call Trace:
[  255.816479][T11842]  <TASK>
[  255.816487][T11842]  dump_stack_lvl+0x241/0x360
[  255.816516][T11842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.816540][T11842]  ? __pfx__printk+0x10/0x10
[  255.816563][T11842]  ? __pfx_lock_release+0x10/0x10
[  255.816601][T11842]  should_fail_ex+0x40a/0x550
[  255.816637][T11842]  _copy_from_iter+0x1df/0x1c40
[  255.816663][T11842]  ? __virt_addr_valid+0x183/0x530
[  255.816685][T11842]  ? __pfx_lock_release+0x10/0x10
[  255.816724][T11842]  ? __alloc_skb+0x28f/0x440
[  255.816755][T11842]  ? __pfx__copy_from_iter+0x10/0x10
[  255.816782][T11842]  ? __virt_addr_valid+0x183/0x530
[  255.816802][T11842]  ? __virt_addr_valid+0x183/0x530
[  255.816820][T11842]  ? __virt_addr_valid+0x45f/0x530
[  255.816841][T11842]  ? __phys_addr_symbol+0x2f/0x70
[  255.816860][T11842]  ? __check_object_size+0x47a/0x730
[  255.816893][T11842]  netlink_sendmsg+0x742/0xcb0
[  255.816933][T11842]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.816962][T11842]  ? aa_sock_msg_perm+0x91/0x160
[  255.817000][T11842]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.817023][T11842]  __sock_sendmsg+0x221/0x270
[  255.817055][T11842]  ____sys_sendmsg+0x53a/0x860
[  255.817086][T11842]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.817107][T11842]  ? __fget_files+0x2a/0x410
[  255.817152][T11842]  ? __fget_files+0x2a/0x410
[  255.817197][T11842]  __sys_sendmsg+0x269/0x350
[  255.817224][T11842]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.817260][T11842]  ? do_sys_openat2+0x17a/0x1d0
[  255.817318][T11842]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  255.817352][T11842]  ? do_syscall_64+0x100/0x230
[  255.817388][T11842]  ? do_syscall_64+0xb6/0x230
[  255.817422][T11842]  do_syscall_64+0xf3/0x230
[  255.817453][T11842]  ? clear_bhb_loop+0x35/0x90
[  255.817486][T11842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.817514][T11842] RIP: 0033:0x7ff4c498d169
[  255.817533][T11842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.817551][T11842] RSP: 002b:00007ff4c5816038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.817573][T11842] RAX: ffffffffffffffda RBX: 00007ff4c4ba6080 RCX: 00007ff4c498d169
[  255.817589][T11842] RDX: 0000000000040044 RSI: 0000400000000180 RDI: 0000000000000007
[  255.817602][T11842] RBP: 00007ff4c5816090 R08: 0000000000000000 R09: 0000000000000000
[  255.817615][T11842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.817627][T11842] R13: 0000000000000000 R14: 00007ff4c4ba6080 R15: 00007ffed185f218
[  255.817657][T11842]  </TASK>
[  256.118989][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  256.561713][T11861] FAULT_INJECTION: forcing a failure.
[  256.561713][T11861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.578778][T11861] CPU: 0 UID: 0 PID: 11861 Comm: syz.1.1651 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  256.578810][T11861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  256.578822][T11861] Call Trace:
[  256.578829][T11861]  <TASK>
[  256.578838][T11861]  dump_stack_lvl+0x241/0x360
[  256.578869][T11861]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.578893][T11861]  ? __pfx__printk+0x10/0x10
[  256.578916][T11861]  ? __pfx_lock_release+0x10/0x10
[  256.578948][T11861]  ? __lock_acquire+0x1397/0x2100
[  256.578986][T11861]  should_fail_ex+0x40a/0x550
[  256.579023][T11861]  _copy_from_user+0x2d/0xb0
[  256.579052][T11861]  kstrtouint_from_user+0xc6/0x190
[  256.579079][T11861]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  256.579106][T11861]  ? __pfx_lock_acquire+0x10/0x10
[  256.579149][T11861]  proc_fail_nth_write+0xaa/0x2d0
[  256.579179][T11861]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  256.579205][T11861]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  256.579242][T11861]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  256.579273][T11861]  vfs_write+0x29f/0xd10
[  256.579298][T11861]  ? fdget_pos+0x254/0x320
[  256.579337][T11861]  ? __mutex_unlock_slowpath+0x227/0x800
[  256.579373][T11861]  ? __pfx_vfs_write+0x10/0x10
[  256.579392][T11861]  ? do_sys_openat2+0x17a/0x1d0
[  256.579426][T11861]  ? __fget_files+0x2a/0x410
[  256.579458][T11861]  ? __fget_files+0x395/0x410
[  256.579486][T11861]  ? __fget_files+0x2a/0x410
[  256.579527][T11861]  ksys_write+0x18f/0x2b0
[  256.579552][T11861]  ? __pfx_ksys_write+0x10/0x10
[  256.579576][T11861]  ? do_syscall_64+0x100/0x230
[  256.579610][T11861]  ? do_syscall_64+0xb6/0x230
[  256.579644][T11861]  do_syscall_64+0xf3/0x230
[  256.579674][T11861]  ? clear_bhb_loop+0x35/0x90
[  256.579708][T11861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.579736][T11861] RIP: 0033:0x7fa9bdf8bc1f
[  256.579755][T11861] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  256.579772][T11861] RSP: 002b:00007fa9bee25030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  256.579794][T11861] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa9bdf8bc1f
[  256.579812][T11861] RDX: 0000000000000001 RSI: 00007fa9bee250a0 RDI: 0000000000000005
[  256.579825][T11861] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  256.579837][T11861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  256.579849][T11861] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  256.579881][T11861]  </TASK>
[  257.136218][T11882] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1655'.
[  257.319754][T11885] netlink: 'syz.1.1657': attribute type 1 has an invalid length.
[  257.778848][T11885] 8021q: adding VLAN 0 to HW filter on device bond6
[  257.830306][T11891] bond6: (slave gretap4): making interface the new active one
[  257.866887][T11891] bond6: (slave gretap4): Enslaving as an active interface with an up link
[  257.876299][ T5837] Bluetooth: hci2: command tx timeout
[  258.210159][T11900] IPVS: Error connecting to the multicast addr
[  258.317695][T11643] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  258.347559][T11643] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  258.406241][T11911] Cannot find add_set index 65534 as target
[  258.415098][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.437235][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.474073][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.483767][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.492685][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.522434][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.531855][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.542019][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.551945][T11908] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1664'.
[  258.564062][T11643] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  258.587583][T11643] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  258.831092][T11933] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  259.056072][T11643] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.136422][T11643] 8021q: adding VLAN 0 to HW filter on device team0
[  259.156998][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.164286][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.202760][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.210041][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.909287][T11643] 8021q: adding VLAN 0 to HW filter on device batadv0
[  259.980896][T11982] x_tables: ip6_tables: rpfilter.0 match: invalid size 8 (kernel) != (user) 48
[  260.203684][T11997] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  260.713218][T11643] veth0_vlan: entered promiscuous mode
[  260.760780][T11643] veth1_vlan: entered promiscuous mode
[  260.852924][T12022] openvswitch: netlink: Multiple metadata blocks provided
[  260.875200][T11643] veth0_macvtap: entered promiscuous mode
[  260.902350][T11643] veth1_macvtap: entered promiscuous mode
[  261.006903][T11643] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.049530][T11643] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.092986][T11643] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.129999][T11643] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.143831][T11643] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.161006][T11643] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.444687][T12044] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  261.471426][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  261.495618][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.610864][ T3560] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  261.621173][ T3560] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.104699][T12072] netlink: 'syz.1.1708': attribute type 1 has an invalid length.
[  262.135896][T12072] netlink: 'syz.1.1708': attribute type 4 has an invalid length.
[  262.180885][T12072] __nla_validate_parse: 161 callbacks suppressed
[  262.180913][T12072] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1708'.
[  262.274931][ T5837] Bluetooth: hci0: command tx timeout
[  262.618229][T12102] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1714'.
[  262.761349][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.785927][T12109] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1714'.
[  262.844412][T12107] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1716'.
[  262.877665][T12107] FAULT_INJECTION: forcing a failure.
[  262.877665][T12107] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.901969][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.914915][T12107] CPU: 0 UID: 0 PID: 12107 Comm: syz.1.1716 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  262.914947][T12107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  262.914959][T12107] Call Trace:
[  262.914967][T12107]  <TASK>
[  262.914976][T12107]  dump_stack_lvl+0x241/0x360
[  262.915008][T12107]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.915031][T12107]  ? __pfx__printk+0x10/0x10
[  262.915059][T12107]  ? snprintf+0xda/0x120
[  262.915086][T12107]  should_fail_ex+0x40a/0x550
[  262.915123][T12107]  _copy_to_user+0x31/0xb0
[  262.915154][T12107]  simple_read_from_buffer+0xca/0x150
[  262.915186][T12107]  proc_fail_nth_read+0x1e9/0x250
[  262.915219][T12107]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  262.915253][T12107]  ? rw_verify_area+0x243/0x630
[  262.915275][T12107]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  262.915307][T12107]  vfs_read+0x1f8/0xb40
[  262.915330][T12107]  ? fdget_pos+0x254/0x320
[  262.915362][T12107]  ? __pfx___mutex_lock+0x10/0x10
[  262.915394][T12107]  ? __pfx_vfs_read+0x10/0x10
[  262.915412][T12107]  ? do_sys_openat2+0x17a/0x1d0
[  262.915446][T12107]  ? __fget_files+0x2a/0x410
[  262.915478][T12107]  ? __fget_files+0x395/0x410
[  262.915507][T12107]  ? __fget_files+0x2a/0x410
[  262.915547][T12107]  ksys_read+0x18f/0x2b0
[  262.915572][T12107]  ? __pfx_ksys_read+0x10/0x10
[  262.915595][T12107]  ? do_syscall_64+0x100/0x230
[  262.915639][T12107]  ? do_syscall_64+0xb6/0x230
[  262.915674][T12107]  do_syscall_64+0xf3/0x230
[  262.915704][T12107]  ? clear_bhb_loop+0x35/0x90
[  262.915738][T12107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.915765][T12107] RIP: 0033:0x7fa9bdf8bb7c
[  262.915784][T12107] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  262.915802][T12107] RSP: 002b:00007fa9bee25030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  262.915824][T12107] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8bb7c
[  262.915839][T12107] RDX: 000000000000000f RSI: 00007fa9bee250a0 RDI: 0000000000000005
[  262.915852][T12107] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  262.915865][T12107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.915877][T12107] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  262.915909][T12107]  </TASK>
[  263.148927][T12109] batadv2: left promiscuous mode
[  263.155043][T12109] bridge0: port 2(batadv2) entered disabled state
[  263.163758][T12109] batadv1: left promiscuous mode
[  263.169742][T12109] bridge0: port 1(batadv1) entered disabled state
[  263.416518][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.585798][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.785327][   T12] bridge_slave_1: left allmulticast mode
[  263.791054][   T12] bridge_slave_1: left promiscuous mode
[  263.798574][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.809042][   T12] bridge_slave_0: left allmulticast mode
[  263.815216][   T12] bridge_slave_0: left promiscuous mode
[  263.821050][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.138244][T12142] FAULT_INJECTION: forcing a failure.
[  264.138244][T12142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.182583][T12142] CPU: 0 UID: 0 PID: 12142 Comm: syz.2.1719 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  264.182614][T12142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.182626][T12142] Call Trace:
[  264.182633][T12142]  <TASK>
[  264.182642][T12142]  dump_stack_lvl+0x241/0x360
[  264.182673][T12142]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.182696][T12142]  ? __pfx__printk+0x10/0x10
[  264.182723][T12142]  ? snprintf+0xda/0x120
[  264.182750][T12142]  should_fail_ex+0x40a/0x550
[  264.182794][T12142]  _copy_to_user+0x31/0xb0
[  264.182826][T12142]  simple_read_from_buffer+0xca/0x150
[  264.182858][T12142]  proc_fail_nth_read+0x1e9/0x250
[  264.182891][T12142]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.182924][T12142]  ? rw_verify_area+0x243/0x630
[  264.182946][T12142]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.182978][T12142]  vfs_read+0x1f8/0xb40
[  264.183001][T12142]  ? fdget_pos+0x254/0x320
[  264.183033][T12142]  ? __pfx___mutex_lock+0x10/0x10
[  264.183065][T12142]  ? __pfx_vfs_read+0x10/0x10
[  264.183084][T12142]  ? do_sys_openat2+0x17a/0x1d0
[  264.183118][T12142]  ? __fget_files+0x2a/0x410
[  264.183150][T12142]  ? __fget_files+0x395/0x410
[  264.183179][T12142]  ? __fget_files+0x2a/0x410
[  264.183220][T12142]  ksys_read+0x18f/0x2b0
[  264.183245][T12142]  ? __pfx_ksys_read+0x10/0x10
[  264.183269][T12142]  ? do_syscall_64+0x100/0x230
[  264.183302][T12142]  ? do_syscall_64+0xb6/0x230
[  264.183336][T12142]  do_syscall_64+0xf3/0x230
[  264.183367][T12142]  ? clear_bhb_loop+0x35/0x90
[  264.183399][T12142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.183427][T12142] RIP: 0033:0x7f6425b8bb7c
[  264.183446][T12142] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  264.183463][T12142] RSP: 002b:00007f6426a69030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  264.183486][T12142] RAX: ffffffffffffffda RBX: 00007f6425da5fa0 RCX: 00007f6425b8bb7c
[  264.183501][T12142] RDX: 000000000000000f RSI: 00007f6426a690a0 RDI: 0000000000000004
[  264.183514][T12142] RBP: 00007f6426a69090 R08: 0000000000000000 R09: 0000000000000000
[  264.183526][T12142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.183540][T12142] R13: 0000000000000000 R14: 00007f6425da5fa0 R15: 00007ffda3da2a38
[  264.183574][T12142]  </TASK>
[  264.662315][ T5854] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  264.683485][ T5854] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  264.694107][ T5854] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  264.728831][ T5854] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  264.741418][ T5854] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  264.756801][ T5854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  264.771893][T12166] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.1717'.
[  265.462387][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.507375][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.566151][   T12] bond0 (unregistering): Released all slaves
[  266.126314][T12224] IPVS: Error connecting to the multicast addr
[  266.253391][T12230] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1729'.
[  266.637995][T12252] sctp: [Deprecated]: syz.0.1732 (pid 12252) Use of struct sctp_assoc_value in delayed_ack socket option.
[  266.637995][T12252] Use struct sctp_sack_info instead
[  266.683483][T12253] netlink: 'syz.0.1732': attribute type 10 has an invalid length.
[  266.835236][ T5854] Bluetooth: hci2: command tx timeout
[  266.899680][   T12] hsr_slave_0: left promiscuous mode
[  266.933930][   T12] hsr_slave_1: left promiscuous mode
[  266.941391][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.954098][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.975207][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.982689][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  267.105502][   T12] veth1_macvtap: left promiscuous mode
[  267.123714][   T12] veth0_macvtap: left promiscuous mode
[  267.129394][   T12] veth1_vlan: left promiscuous mode
[  267.149900][   T12] veth0_vlan: left promiscuous mode
[  267.909693][   T12] team0 (unregistering): Port device team_slave_1 removed
[  267.972959][   T12] team0 (unregistering): Port device team_slave_0 removed
[  268.464909][T12253] team0: Device ipvlan1 failed to register rx_handler
[  268.617579][T12160] chnl_net:caif_netlink_parms(): no params data found
[  268.920436][ T5854] Bluetooth: hci2: command tx timeout
[  269.056110][T12160] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.063272][T12160] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.105027][T12160] bridge_slave_0: entered allmulticast mode
[  269.129002][T12160] bridge_slave_0: entered promiscuous mode
[  269.159207][T12160] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.179471][T12160] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.205706][T12160] bridge_slave_1: entered allmulticast mode
[  269.235081][T12160] bridge_slave_1: entered promiscuous mode
[  269.256117][T12307] vlan3: entered allmulticast mode
[  269.359913][T12160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  269.389644][T12160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.572132][T12160] team0: Port device team_slave_0 added
[  269.648609][T12160] team0: Port device team_slave_1 added
[  269.877095][T12160] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.917631][T12160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.959674][T12160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  270.045195][T12160] batman_adv: batadv0: Adding interface: batadv_slave_1
[  270.052296][T12160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.118602][T12160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  270.242049][T12347] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1760'.
[  270.312074][T12160] hsr_slave_0: entered promiscuous mode
[  270.325289][T12160] hsr_slave_1: entered promiscuous mode
[  270.345837][T12160] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  270.353472][T12160] Cannot create hsr debugfs directory
[  270.451800][T12357] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1763'.
[  270.757264][T12374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1767'.
[  270.817859][T12377] ip6tnl1: entered allmulticast mode
[  270.831485][T12374] netlink: 'syz.0.1767': attribute type 20 has an invalid length.
[  270.875830][T12377] bond6: entered allmulticast mode
[  270.881248][T12377] gretap4: entered allmulticast mode
[  271.003708][ T5854] Bluetooth: hci2: command tx timeout
[  271.060835][T12393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1770'.
[  271.226884][T12402] FAULT_INJECTION: forcing a failure.
[  271.226884][T12402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.321848][T12402] CPU: 1 UID: 0 PID: 12402 Comm: syz.0.1772 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  271.321880][T12402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  271.321893][T12402] Call Trace:
[  271.321901][T12402]  <TASK>
[  271.321910][T12402]  dump_stack_lvl+0x241/0x360
[  271.321940][T12402]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.321964][T12402]  ? __pfx__printk+0x10/0x10
[  271.321988][T12402]  ? __pfx_lock_release+0x10/0x10
[  271.322056][T12402]  should_fail_ex+0x40a/0x550
[  271.322090][T12402]  _copy_from_user+0x2d/0xb0
[  271.322119][T12402]  __sys_bpf+0x1be/0x820
[  271.322150][T12402]  ? __pfx___sys_bpf+0x10/0x10
[  271.322193][T12402]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  271.322228][T12402]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  271.322261][T12402]  ? do_syscall_64+0x100/0x230
[  271.322309][T12402]  __x64_sys_bpf+0x7c/0x90
[  271.322336][T12402]  do_syscall_64+0xf3/0x230
[  271.322366][T12402]  ? clear_bhb_loop+0x35/0x90
[  271.322400][T12402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.322427][T12402] RIP: 0033:0x7f895498d169
[  271.322445][T12402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.322462][T12402] RSP: 002b:00007f895587e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  271.322485][T12402] RAX: ffffffffffffffda RBX: 00007f8954ba5fa0 RCX: 00007f895498d169
[  271.322500][T12402] RDX: 0000000000000048 RSI: 0000400000000600 RDI: 000000000000000a
[  271.322512][T12402] RBP: 00007f895587e090 R08: 0000000000000000 R09: 0000000000000000
[  271.322525][T12402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.322537][T12402] R13: 0000000000000000 R14: 00007f8954ba5fa0 R15: 00007ffd3d5e7c78
[  271.322568][T12402]  </TASK>
[  271.831590][T12415] netlink: 'syz.0.1775': attribute type 1 has an invalid length.
[  271.883165][T12418] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap4
[  271.984569][T12415] 8021q: adding VLAN 0 to HW filter on device bond5
[  272.332682][T12160] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  272.397040][T12160] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  272.440958][T12160] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  272.538079][T12160] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  272.876456][T12160] 8021q: adding VLAN 0 to HW filter on device bond0
[  272.985269][T12160] 8021q: adding VLAN 0 to HW filter on device team0
[  273.025499][   T82] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.032667][   T82] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.083948][ T5854] Bluetooth: hci2: command tx timeout
[  273.134796][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.141981][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.444443][T12472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1790'.
[  273.489330][T12475] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1791'.
[  273.574015][T12475] 0·: renamed from hsr0
[  273.607267][T12475] 0·: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  273.637418][T12475] 0·: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  273.688888][T12475] 0·: entered promiscuous mode
[  273.719904][T12475] 0·: left allmulticast mode
[  273.763269][T12475] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  273.881915][T12160] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.169744][T12505] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1795'.
[  274.249035][T12514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1793'.
[  274.715007][T12160] veth0_vlan: entered promiscuous mode
[  274.787021][T12160] veth1_vlan: entered promiscuous mode
[  274.890619][T12160] veth0_macvtap: entered promiscuous mode
[  274.920522][T12160] veth1_macvtap: entered promiscuous mode
[  274.989847][T12160] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.027934][T12160] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.068178][T12160] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.116480][T12160] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.167641][T12160] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.190199][T12560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1804'.
[  275.213392][T12160] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.417061][T12572] FAULT_INJECTION: forcing a failure.
[  275.417061][T12572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.480729][T12570] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1806'.
[  275.491015][T12572] CPU: 0 UID: 0 PID: 12572 Comm: syz.1.1807 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  275.491045][T12572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  275.491058][T12572] Call Trace:
[  275.491065][T12572]  <TASK>
[  275.491073][T12572]  dump_stack_lvl+0x241/0x360
[  275.491103][T12572]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.491126][T12572]  ? __pfx__printk+0x10/0x10
[  275.491147][T12572]  ? __pfx_lock_release+0x10/0x10
[  275.491186][T12572]  should_fail_ex+0x40a/0x550
[  275.491220][T12572]  _copy_from_user+0x2d/0xb0
[  275.491247][T12572]  bpf_test_init+0xfc/0x160
[  275.491274][T12572]  bpf_prog_test_run_xdp+0x48e/0x11e0
[  275.491303][T12572]  ? __pfx_lock_release+0x10/0x10
[  275.491342][T12572]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  275.491366][T12572]  ? __fget_files+0x2a/0x410
[  275.491400][T12572]  ? __fget_files+0x2a/0x410
[  275.491432][T12572]  ? fput+0x21b/0x290
[  275.491460][T12572]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  275.491486][T12572]  bpf_prog_test_run+0x2e4/0x360
[  275.491520][T12572]  __sys_bpf+0x487/0x820
[  275.491551][T12572]  ? __pfx___sys_bpf+0x10/0x10
[  275.491591][T12572]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  275.491623][T12572]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  275.491654][T12572]  ? do_syscall_64+0x100/0x230
[  275.491688][T12572]  __x64_sys_bpf+0x7c/0x90
[  275.491714][T12572]  do_syscall_64+0xf3/0x230
[  275.491753][T12572]  ? clear_bhb_loop+0x35/0x90
[  275.491786][T12572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.491814][T12572] RIP: 0033:0x7fa9bdf8d169
[  275.491830][T12572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.491845][T12572] RSP: 002b:00007fa9bee25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  275.491865][T12572] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8d169
[  275.491878][T12572] RDX: 0000000000000048 RSI: 0000400000000600 RDI: 000000000000000a
[  275.491890][T12572] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  275.491902][T12572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.491913][T12572] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  275.491942][T12572]  </TASK>
[  275.726846][   T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.739992][   T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.824245][T12582] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1810'.
[  275.849424][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.917279][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.045153][T12591] FAULT_INJECTION: forcing a failure.
[  276.045153][T12591] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.071601][T12591] CPU: 0 UID: 0 PID: 12591 Comm: syz.0.1811 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  276.071632][T12591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  276.071645][T12591] Call Trace:
[  276.071652][T12591]  <TASK>
[  276.071661][T12591]  dump_stack_lvl+0x241/0x360
[  276.071693][T12591]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.071715][T12591]  ? __pfx__printk+0x10/0x10
[  276.071736][T12591]  ? trace_contention_end+0x3c/0x120
[  276.071761][T12591]  ? __pfx_lock_release+0x10/0x10
[  276.071804][T12591]  ? aa_get_newest_label+0xff/0x6f0
[  276.071841][T12591]  should_fail_ex+0x40a/0x550
[  276.071881][T12591]  _copy_from_user+0x2d/0xb0
[  276.071908][T12591]  ethtool_set_one_feature+0xaa/0x340
[  276.071944][T12591]  ? __pfx_ethtool_set_one_feature+0x10/0x10
[  276.071977][T12591]  ? bpf_lsm_capable+0x9/0x10
[  276.072007][T12591]  ? security_capable+0x7e/0x2d0
[  276.072045][T12591]  dev_ethtool+0x1605/0x1bc0
[  276.072087][T12591]  ? __pfx_dev_ethtool+0x10/0x10
[  276.072119][T12591]  ? __local_bh_enable_ip+0x168/0x200
[  276.072145][T12591]  ? vsock_ioctl+0x168/0x240
[  276.072179][T12591]  ? dev_load+0x21/0x1f0
[  276.072206][T12591]  dev_ioctl+0x785/0x1340
[  276.072234][T12591]  sock_do_ioctl+0x240/0x460
[  276.072269][T12591]  ? __pfx_sock_do_ioctl+0x10/0x10
[  276.072316][T12591]  sock_ioctl+0x626/0x8e0
[  276.072343][T12591]  ? __pfx_sock_ioctl+0x10/0x10
[  276.072368][T12591]  ? __fget_files+0x2a/0x410
[  276.072401][T12591]  ? __fget_files+0x2a/0x410
[  276.072435][T12591]  ? __pfx_sock_ioctl+0x10/0x10
[  276.072462][T12591]  __se_sys_ioctl+0xf5/0x170
[  276.072489][T12591]  do_syscall_64+0xf3/0x230
[  276.072520][T12591]  ? clear_bhb_loop+0x35/0x90
[  276.072554][T12591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.072582][T12591] RIP: 0033:0x7f895498d169
[  276.072600][T12591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.072616][T12591] RSP: 002b:00007f895587e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.072637][T12591] RAX: ffffffffffffffda RBX: 00007f8954ba5fa0 RCX: 00007f895498d169
[  276.072653][T12591] RDX: 0000400000000100 RSI: 0000000000008946 RDI: 0000000000000003
[  276.072665][T12591] RBP: 00007f895587e090 R08: 0000000000000000 R09: 0000000000000000
[  276.072677][T12591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.072689][T12591] R13: 0000000000000000 R14: 00007f8954ba5fa0 R15: 00007ffd3d5e7c78
[  276.072718][T12591]  </TASK>
[  276.377649][T12596] IPVS: set_ctl: invalid protocol: 42 224.0.0.2:0
[  276.387253][T12596] IPVS: set_ctl: invalid protocol: 29 172.20.20.187:20001
[  276.944557][T12614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1818'.
[  277.011506][T12616] FAULT_INJECTION: forcing a failure.
[  277.011506][T12616] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.011559][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.089219][T12616] CPU: 0 UID: 0 PID: 12616 Comm: syz.3.1819 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  277.089253][T12616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  277.089264][T12616] Call Trace:
[  277.089270][T12616]  <TASK>
[  277.089277][T12616]  dump_stack_lvl+0x241/0x360
[  277.089303][T12616]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.089322][T12616]  ? __pfx__printk+0x10/0x10
[  277.089340][T12616]  ? __pfx_lock_release+0x10/0x10
[  277.089373][T12616]  should_fail_ex+0x40a/0x550
[  277.089403][T12616]  _copy_from_iter+0x1df/0x1c40
[  277.089425][T12616]  ? __virt_addr_valid+0x183/0x530
[  277.089444][T12616]  ? __pfx_lock_release+0x10/0x10
[  277.089478][T12616]  ? __alloc_skb+0x28f/0x440
[  277.089507][T12616]  ? __pfx__copy_from_iter+0x10/0x10
[  277.089530][T12616]  ? __virt_addr_valid+0x183/0x530
[  277.089545][T12616]  ? __virt_addr_valid+0x183/0x530
[  277.089561][T12616]  ? __virt_addr_valid+0x45f/0x530
[  277.089577][T12616]  ? __phys_addr_symbol+0x2f/0x70
[  277.089593][T12616]  ? __check_object_size+0x47a/0x730
[  277.089620][T12616]  netlink_sendmsg+0x742/0xcb0
[  277.089654][T12616]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.089679][T12616]  ? aa_sock_msg_perm+0x91/0x160
[  277.089715][T12616]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.089738][T12616]  __sock_sendmsg+0x221/0x270
[  277.089770][T12616]  ____sys_sendmsg+0x53a/0x860
[  277.089801][T12616]  ? __pfx_____sys_sendmsg+0x10/0x10
[  277.089821][T12616]  ? __fget_files+0x2a/0x410
[  277.089854][T12616]  ? __fget_files+0x2a/0x410
[  277.089891][T12616]  __sys_sendmsg+0x269/0x350
[  277.089919][T12616]  ? __pfx___sys_sendmsg+0x10/0x10
[  277.089954][T12616]  ? do_sys_openat2+0x17a/0x1d0
[  277.090019][T12616]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  277.090053][T12616]  ? do_syscall_64+0x100/0x230
[  277.090088][T12616]  ? do_syscall_64+0xb6/0x230
[  277.090121][T12616]  do_syscall_64+0xf3/0x230
[  277.090152][T12616]  ? clear_bhb_loop+0x35/0x90
[  277.090185][T12616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.090213][T12616] RIP: 0033:0x7ff4c498d169
[  277.090232][T12616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.090249][T12616] RSP: 002b:00007ff4c5837038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  277.090271][T12616] RAX: ffffffffffffffda RBX: 00007ff4c4ba5fa0 RCX: 00007ff4c498d169
[  277.090286][T12616] RDX: 0000000000000000 RSI: 0000400000000480 RDI: 0000000000000003
[  277.090299][T12616] RBP: 00007ff4c5837090 R08: 0000000000000000 R09: 0000000000000000
[  277.090312][T12616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.090324][T12616] R13: 0000000000000000 R14: 00007ff4c4ba5fa0 R15: 00007ffed185f218
[  277.090355][T12616]  </TASK>
[  277.633987][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.852370][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.920247][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.052582][   T13] bridge_slave_1: left allmulticast mode
[  278.060086][   T13] bridge_slave_1: left promiscuous mode
[  278.070700][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.095604][   T13] bridge_slave_0: left allmulticast mode
[  278.101449][   T13] bridge_slave_0: left promiscuous mode
[  278.122563][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.665694][T12640] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1821'.
[  278.687901][T12645] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.1823'.
[  279.095026][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.124310][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.146349][   T13] bond0 (unregistering): Released all slaves
[  279.185636][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  279.207060][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  279.234355][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  279.252129][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  279.267395][ T5837] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  279.276892][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  280.055381][   T13] hsr_slave_0: left promiscuous mode
[  280.061733][   T13] hsr_slave_1: left promiscuous mode
[  280.068862][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.078338][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.087476][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.095835][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.135770][   T13] veth1_macvtap: left promiscuous mode
[  280.141684][   T13] veth0_macvtap: left promiscuous mode
[  280.148240][   T13] veth1_vlan: left promiscuous mode
[  280.154008][   T13] veth0_vlan: left promiscuous mode
[  280.787558][   T13] team0 (unregistering): Port device team_slave_1 removed
[  280.844046][   T13] team0 (unregistering): Port device team_slave_0 removed
[  281.322748][ T5854] Bluetooth: hci2: command tx timeout
[  281.327429][T12706] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1835'.
[  281.497981][T12688] netlink: 'syz.2.1830': attribute type 12 has an invalid length.
[  281.518256][T12688] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1830'.
[  281.589827][T12653] chnl_net:caif_netlink_parms(): no params data found
[  281.791895][T12711] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input5
[  281.941977][T12653] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.958846][T12653] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.989485][T12653] bridge_slave_0: entered allmulticast mode
[  282.034965][T12653] bridge_slave_0: entered promiscuous mode
[  282.117699][T12653] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.144121][T12653] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.151519][T12653] bridge_slave_1: entered allmulticast mode
[  282.205195][T12653] bridge_slave_1: entered promiscuous mode
[  282.403375][T12653] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.467189][T12653] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.688791][T12653] team0: Port device team_slave_0 added
[  282.712343][T12653] team0: Port device team_slave_1 added
[  282.774976][T12761] veth0: left allmulticast mode
[  282.825984][T12653] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.833008][T12653] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.914039][T12653] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.941309][T12653] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.977014][T12653] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.192869][T12771] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1848'.
[  283.268120][T12653] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  283.393739][ T5854] Bluetooth: hci2: command tx timeout
[  283.544967][T12653] hsr_slave_0: entered promiscuous mode
[  283.594137][T12653] hsr_slave_1: entered promiscuous mode
[  283.600503][T12653] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  283.623732][T12653] Cannot create hsr debugfs directory
[  284.222665][T12807] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1858'.
[  284.473104][T12810] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1859'.
[  284.873370][T12826] x_tables: duplicate underflow at hook 2
[  285.040570][T12836] bond3: entered allmulticast mode
[  285.054341][T12836] gretap2: entered allmulticast mode
[  285.105660][T12838] FAULT_INJECTION: forcing a failure.
[  285.105660][T12838] name failslab, interval 1, probability 0, space 0, times 0
[  285.121154][T12838] CPU: 0 UID: 0 PID: 12838 Comm: syz.0.1865 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  285.121187][T12838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.121200][T12838] Call Trace:
[  285.121208][T12838]  <TASK>
[  285.121217][T12838]  dump_stack_lvl+0x241/0x360
[  285.121247][T12838]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.121269][T12838]  ? __pfx__printk+0x10/0x10
[  285.121291][T12838]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  285.121322][T12838]  ? __pfx___might_resched+0x10/0x10
[  285.121347][T12838]  ? aa_label_sk_perm+0x4f3/0x6c0
[  285.121381][T12838]  should_fail_ex+0x40a/0x550
[  285.121417][T12838]  should_failslab+0xac/0x100
[  285.121448][T12838]  kmem_cache_alloc_node_noprof+0x77/0x380
[  285.121477][T12838]  ? __alloc_skb+0x1c3/0x440
[  285.121512][T12838]  __alloc_skb+0x1c3/0x440
[  285.121547][T12838]  ? __pfx___alloc_skb+0x10/0x10
[  285.121587][T12838]  netlink_sendmsg+0x634/0xcb0
[  285.121626][T12838]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.121655][T12838]  ? aa_sock_msg_perm+0x91/0x160
[  285.121693][T12838]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.121722][T12838]  __sock_sendmsg+0x221/0x270
[  285.121751][T12838]  ____sys_sendmsg+0x53a/0x860
[  285.121782][T12838]  ? __pfx_____sys_sendmsg+0x10/0x10
[  285.121801][T12838]  ? __fget_files+0x2a/0x410
[  285.121835][T12838]  ? __fget_files+0x2a/0x410
[  285.121875][T12838]  __sys_sendmsg+0x269/0x350
[  285.121903][T12838]  ? __pfx___sys_sendmsg+0x10/0x10
[  285.121938][T12838]  ? do_sys_openat2+0x17a/0x1d0
[  285.121995][T12838]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  285.122030][T12838]  ? do_syscall_64+0x100/0x230
[  285.122064][T12838]  ? do_syscall_64+0xb6/0x230
[  285.122098][T12838]  do_syscall_64+0xf3/0x230
[  285.122128][T12838]  ? clear_bhb_loop+0x35/0x90
[  285.122171][T12838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.122198][T12838] RIP: 0033:0x7f895498d169
[  285.122217][T12838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.122234][T12838] RSP: 002b:00007f895583c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.122256][T12838] RAX: ffffffffffffffda RBX: 00007f8954ba6160 RCX: 00007f895498d169
[  285.122271][T12838] RDX: 0000000004041080 RSI: 0000400000006040 RDI: 0000000000000004
[  285.122283][T12838] RBP: 00007f895583c090 R08: 0000000000000000 R09: 0000000000000000
[  285.122296][T12838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.122308][T12838] R13: 0000000000000000 R14: 00007f8954ba6160 R15: 00007ffd3d5e7c78
[  285.122338][T12838]  </TASK>
[  285.424583][T12836] vlan3: entered allmulticast mode
[  285.438873][T12836] macsec2: entered allmulticast mode
[  285.449638][T12841] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1867'.
[  285.473828][ T5854] Bluetooth: hci2: command tx timeout
[  285.666983][T12847] FAULT_INJECTION: forcing a failure.
[  285.666983][T12847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.680480][T12847] CPU: 0 UID: 0 PID: 12847 Comm: syz.1.1869 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  285.680509][T12847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.680521][T12847] Call Trace:
[  285.680528][T12847]  <TASK>
[  285.680537][T12847]  dump_stack_lvl+0x241/0x360
[  285.680568][T12847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.680592][T12847]  ? __pfx__printk+0x10/0x10
[  285.680620][T12847]  ? snprintf+0xda/0x120
[  285.680648][T12847]  should_fail_ex+0x40a/0x550
[  285.680685][T12847]  _copy_to_user+0x31/0xb0
[  285.680715][T12847]  simple_read_from_buffer+0xca/0x150
[  285.680748][T12847]  proc_fail_nth_read+0x1e9/0x250
[  285.680782][T12847]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  285.680815][T12847]  ? rw_verify_area+0x243/0x630
[  285.680837][T12847]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  285.680868][T12847]  vfs_read+0x1f8/0xb40
[  285.680891][T12847]  ? fdget_pos+0x254/0x320
[  285.680923][T12847]  ? __pfx___mutex_lock+0x10/0x10
[  285.680955][T12847]  ? __pfx_vfs_read+0x10/0x10
[  285.680973][T12847]  ? do_sys_openat2+0x17a/0x1d0
[  285.681006][T12847]  ? __fget_files+0x2a/0x410
[  285.681062][T12847]  ? __fget_files+0x395/0x410
[  285.681092][T12847]  ? __fget_files+0x2a/0x410
[  285.681131][T12847]  ksys_read+0x18f/0x2b0
[  285.681156][T12847]  ? __pfx_ksys_read+0x10/0x10
[  285.681180][T12847]  ? do_syscall_64+0x100/0x230
[  285.681214][T12847]  ? do_syscall_64+0xb6/0x230
[  285.681248][T12847]  do_syscall_64+0xf3/0x230
[  285.681279][T12847]  ? clear_bhb_loop+0x35/0x90
[  285.681311][T12847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.681339][T12847] RIP: 0033:0x7fa9bdf8bb7c
[  285.681366][T12847] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  285.681385][T12847] RSP: 002b:00007fa9bee25030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  285.681407][T12847] RAX: ffffffffffffffda RBX: 00007fa9be1a5fa0 RCX: 00007fa9bdf8bb7c
[  285.681422][T12847] RDX: 000000000000000f RSI: 00007fa9bee250a0 RDI: 0000000000000004
[  285.681435][T12847] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  285.681447][T12847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.681459][T12847] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  285.681491][T12847]  </TASK>
[  285.962042][T12653] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  286.088434][T12850] netlink: 'syz.3.1873': attribute type 8 has an invalid length.
[  286.097047][T12850] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1873'.
[  286.190092][T12653] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  286.226294][T12653] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  286.247203][T12653] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  286.461301][T12862] netlink: 'syz.3.1875': attribute type 21 has an invalid length.
[  286.481470][T12862] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1875'.
[  286.506101][T12860] netlink: 'syz.0.1876': attribute type 4 has an invalid length.
[  286.515831][T12860] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1876'.
[  286.590740][T12653] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.669416][T12653] 8021q: adding VLAN 0 to HW filter on device team0
[  286.696359][ T3450] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.703533][ T3450] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.755137][ T1162] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.762362][ T1162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.840376][T12880] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1880'.
[  287.215102][T12910] netlink: 'syz.1.1885': attribute type 8 has an invalid length.
[  287.273756][T12910] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1885'.
[  287.342167][T12653] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.555375][ T5854] Bluetooth: hci2: command tx timeout
[  287.782329][T12942] FAULT_INJECTION: forcing a failure.
[  287.782329][T12942] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.827653][T12942] CPU: 1 UID: 0 PID: 12942 Comm: syz.1.1893 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  287.827685][T12942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  287.827698][T12942] Call Trace:
[  287.827705][T12942]  <TASK>
[  287.827714][T12942]  dump_stack_lvl+0x241/0x360
[  287.827747][T12942]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.827770][T12942]  ? __pfx__printk+0x10/0x10
[  287.827795][T12942]  ? __pfx_lock_release+0x10/0x10
[  287.827827][T12942]  ? __lock_acquire+0x1397/0x2100
[  287.827865][T12942]  should_fail_ex+0x40a/0x550
[  287.827903][T12942]  _copy_from_user+0x2d/0xb0
[  287.827940][T12942]  kstrtouint_from_user+0xc6/0x190
[  287.827968][T12942]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  287.827996][T12942]  ? __pfx_lock_acquire+0x10/0x10
[  287.828039][T12942]  proc_fail_nth_write+0xaa/0x2d0
[  287.828068][T12942]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  287.828096][T12942]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  287.828132][T12942]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  287.828165][T12942]  vfs_write+0x29f/0xd10
[  287.828189][T12942]  ? fdget_pos+0x254/0x320
[  287.828218][T12942]  ? __mutex_unlock_slowpath+0x227/0x800
[  287.828254][T12942]  ? __pfx_vfs_write+0x10/0x10
[  287.828273][T12942]  ? do_sys_openat2+0x17a/0x1d0
[  287.828307][T12942]  ? __fget_files+0x2a/0x410
[  287.828340][T12942]  ? __fget_files+0x395/0x410
[  287.828368][T12942]  ? __fget_files+0x2a/0x410
[  287.828409][T12942]  ksys_write+0x18f/0x2b0
[  287.828434][T12942]  ? __pfx_ksys_write+0x10/0x10
[  287.828458][T12942]  ? do_syscall_64+0x100/0x230
[  287.828493][T12942]  ? do_syscall_64+0xb6/0x230
[  287.828527][T12942]  do_syscall_64+0xf3/0x230
[  287.828558][T12942]  ? clear_bhb_loop+0x35/0x90
[  287.828591][T12942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.828619][T12942] RIP: 0033:0x7fa9bdf8bc1f
[  287.828637][T12942] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  287.828655][T12942] RSP: 002b:00007fa9bee25030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  287.828676][T12942] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa9bdf8bc1f
[  287.828691][T12942] RDX: 0000000000000001 RSI: 00007fa9bee250a0 RDI: 0000000000000006
[  287.828703][T12942] RBP: 00007fa9bee25090 R08: 0000000000000000 R09: 0000000000000000
[  287.828715][T12942] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  287.828726][T12942] R13: 0000000000000000 R14: 00007fa9be1a5fa0 R15: 00007ffff3a62a88
[  287.828759][T12942]  </TASK>
[  288.228220][T12954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1896'.
[  288.303624][T12956] Cannot find add_set index 65534 as target
[  288.396826][T12653] veth0_vlan: entered promiscuous mode
[  288.425668][T12961] netlink: 'syz.1.1899': attribute type 8 has an invalid length.
[  288.444296][T12653] veth1_vlan: entered promiscuous mode
[  288.484005][T12961] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1899'.
[  288.536969][T12653] veth0_macvtap: entered promiscuous mode
[  288.584903][T12653] veth1_macvtap: entered promiscuous mode
[  288.632924][T12653] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.679990][T12653] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.726135][T12653] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.756000][T12653] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.793765][T12653] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.802548][T12653] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  288.869322][T12979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1905'.
[  288.897759][T12979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1905'.
[  289.110639][ T3560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.129843][ T3560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.228067][ T3450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.251563][ T3450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.552447][T13011] veth0: entered allmulticast mode
[  289.580821][T13011] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  289.601859][T13011] netdevsim netdevsim3 : unset [0, 0] type 1 family 0 port 8472 - 0
[  289.610435][T13011] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  289.619597][T13011] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  289.628594][T13011] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  289.663203][T13011] vxlan0: left promiscuous mode
[  289.859254][T13022] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1914'.
[  290.048503][   T82] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.235702][   T82] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.416076][   T82] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.565661][   T82] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.728704][   T82] bridge_slave_1: left allmulticast mode
[  290.736705][   T82] bridge_slave_1: left promiscuous mode
[  290.743924][   T82] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.765342][   T82] bridge_slave_0: left allmulticast mode
[  290.771054][   T82] bridge_slave_0: left promiscuous mode
[  290.792962][   T82] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.566360][T13079] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1917'.
[  291.619231][   T82] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.664622][   T82] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.707102][   T82] bond0 (unregistering): Released all slaves
[  291.775132][T13083] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1921'.
[  292.135025][T13096] x_tables: duplicate underflow at hook 2
[  292.219411][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  292.229716][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  292.238829][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  292.262551][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  292.277122][ T5837] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  292.284663][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  292.382650][T13109] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1929'.
[  292.455913][T13111] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1930'.
[  292.665469][   T82] hsr_slave_0: left promiscuous mode
[  292.679231][   T82] hsr_slave_1: left promiscuous mode
[  292.691124][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  292.724537][   T82] batman_adv: batadv0: Removing interface: batadv_slave_0
[  292.756545][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  292.773666][   T82] batman_adv: batadv0: Removing interface: batadv_slave_1
[  292.866968][   T82] veth1_macvtap: left promiscuous mode
[  292.883089][   T82] veth0_macvtap: left promiscuous mode
[  292.924167][   T82] veth1_vlan: left promiscuous mode
[  292.934829][   T82] veth0_vlan: left promiscuous mode
[  293.820217][   T82] team0 (unregistering): Port device team_slave_1 removed
[  293.907289][   T82] team0 (unregistering): Port device team_slave_0 removed
[  294.354437][ T5854] Bluetooth: hci2: command tx timeout
[  294.524730][T13160] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1938'.
[  294.994459][T13173] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1942'.
[  295.144825][T13100] chnl_net:caif_netlink_parms(): no params data found
[  295.227349][T13185] netlink: 'syz.3.1944': attribute type 4 has an invalid length.
[  295.502287][T13100] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.532004][T13100] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.574246][T13100] bridge_slave_0: entered allmulticast mode
[  295.588851][T13100] bridge_slave_0: entered promiscuous mode
[  295.619749][T13204] netlink: ct family unspecified
[  295.626650][T13100] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.633675][T13204] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  295.662996][T13100] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.685669][T13100] bridge_slave_1: entered allmulticast mode
[  295.714283][T13100] bridge_slave_1: entered promiscuous mode
[  295.885610][T13100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.926353][T13100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.097128][T13100] team0: Port device team_slave_0 added
[  296.131957][T13100] team0: Port device team_slave_1 added
[  296.198108][T13224] netlink: 'syz.1.1954': attribute type 11 has an invalid length.
[  296.238454][T13229] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  296.253923][T13100] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.261037][T13100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.287851][T13100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.382555][T13100] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.399193][T13100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.436209][ T5854] Bluetooth: hci2: command tx timeout
[  296.442909][T13100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.471237][T13237] FAULT_INJECTION: forcing a failure.
[  296.471237][T13237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.519176][T13231] batman_adv: batadv0: Adding interface: dummy0
[  296.525327][T13237] CPU: 1 UID: 0 PID: 13237 Comm: syz.3.1957 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  296.525370][T13237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  296.525385][T13237] Call Trace:
[  296.525392][T13237]  <TASK>
[  296.525401][T13237]  dump_stack_lvl+0x241/0x360
[  296.525437][T13237]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.525462][T13237]  ? __pfx__printk+0x10/0x10
[  296.525487][T13237]  ? __pfx_lock_release+0x10/0x10
[  296.525519][T13237]  ? __lock_acquire+0x1397/0x2100
[  296.525559][T13237]  should_fail_ex+0x40a/0x550
[  296.525598][T13237]  _copy_from_user+0x2d/0xb0
[  296.525630][T13237]  kstrtouint_from_user+0xc6/0x190
[  296.525659][T13237]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  296.525688][T13237]  ? __pfx_lock_acquire+0x10/0x10
[  296.525737][T13237]  proc_fail_nth_write+0xaa/0x2d0
[  296.525770][T13237]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  296.525797][T13237]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  296.525831][T13237]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  296.525863][T13237]  vfs_write+0x29f/0xd10
[  296.525886][T13237]  ? fdget_pos+0x254/0x320
[  296.525915][T13237]  ? __mutex_unlock_slowpath+0x227/0x800
[  296.525951][T13237]  ? __pfx_vfs_write+0x10/0x10
[  296.525969][T13237]  ? do_sys_openat2+0x17a/0x1d0
[  296.526003][T13237]  ? __fget_files+0x2a/0x410
[  296.526035][T13237]  ? __fget_files+0x395/0x410
[  296.526063][T13237]  ? __fget_files+0x2a/0x410
[  296.526102][T13237]  ksys_write+0x18f/0x2b0
[  296.526128][T13237]  ? __pfx_ksys_write+0x10/0x10
[  296.526151][T13237]  ? do_syscall_64+0x100/0x230
[  296.526184][T13237]  ? do_syscall_64+0xb6/0x230
[  296.526218][T13237]  do_syscall_64+0xf3/0x230
[  296.526249][T13237]  ? clear_bhb_loop+0x35/0x90
[  296.526280][T13237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.526313][T13237] RIP: 0033:0x7ff4c498bc1f
[  296.526334][T13237] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  296.526361][T13237] RSP: 002b:00007ff4c57f5030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  296.526387][T13237] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff4c498bc1f
[  296.526404][T13237] RDX: 0000000000000001 RSI: 00007ff4c57f50a0 RDI: 0000000000000008
[  296.526418][T13237] RBP: 00007ff4c57f5090 R08: 0000000000000000 R09: 0000000000000000
[  296.526431][T13237] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  296.526444][T13237] R13: 0000000000000000 R14: 00007ff4c4ba6160 R15: 00007ffed185f218
[  296.526478][T13237]  </TASK>
[  296.804123][T13231] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.834781][T13231] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  296.858150][T13100] hsr_slave_0: entered promiscuous mode
[  296.867198][T13100] hsr_slave_1: entered promiscuous mode
[  296.886304][T13100] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.916089][T13100] Cannot create hsr debugfs directory
[  297.191575][T13265] netlink: 'syz.0.1963': attribute type 1 has an invalid length.
[  297.305456][T13265] 8021q: adding VLAN 0 to HW filter on device bond6
[  297.416725][T13271] bond6: (slave gretap4): making interface the new active one
[  297.445760][T13271] bond6: (slave gretap4): Enslaving as an active interface with an up link
[  298.014798][T13302] netlink: 'syz.2.1969': attribute type 11 has an invalid length.
[  298.037266][T13302] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  298.284117][ T5854] Bluetooth: hci0: command tx timeout
[  298.467114][T13100] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  298.524687][ T5854] Bluetooth: hci2: command tx timeout
[  298.570838][T13100] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  298.639224][T13100] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  298.655163][T13320] 
[  298.657550][T13320] ======================================================
[  298.664586][T13320] WARNING: possible circular locking dependency detected
[  298.671611][T13320] 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0 Not tainted
[  298.678719][T13320] ------------------------------------------------------
[  298.685826][T13320] syz.2.1974/13320 is trying to acquire lock:
[  298.691896][T13320] ffffffff9002c098 (nr_neigh_list_lock){+...}-{3:3}, at: nr_remove_neigh+0x25/0xe0
[  298.701237][T13320] 
[  298.701237][T13320] but task is already holding lock:
[  298.708601][T13320] ffff888033e8a270 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0x1021/0x2360
[  298.718027][T13320] 
[  298.718027][T13320] which lock already depends on the new lock.
[  298.718027][T13320] 
[  298.728434][T13320] 
[  298.728434][T13320] the existing dependency chain (in reverse order) is:
[  298.737471][T13320] 
[  298.737471][T13320] -> #2 (&nr_node->node_lock){+...}-{3:3}:
[  298.745485][T13320]        lock_acquire+0x1ed/0x550
[  298.750527][T13320]        _raw_spin_lock_bh+0x35/0x50
[  298.755833][T13320]        nr_rt_device_down+0x159/0x7b0
[  298.761309][T13320]        nr_device_event+0x134/0x150
[  298.766603][T13320]        notifier_call_chain+0x1a5/0x3f0
[  298.772249][T13320]        __dev_notify_flags+0x207/0x400
[  298.777805][T13320]        dev_change_flags+0xf0/0x1a0
[  298.783112][T13320]        dev_ifsioc+0x7c2/0xe70
[  298.787980][T13320]        dev_ioctl+0x719/0x1340
[  298.792846][T13320]        sock_do_ioctl+0x240/0x460
[  298.797967][T13320]        sock_ioctl+0x626/0x8e0
[  298.802823][T13320]        __se_sys_ioctl+0xf5/0x170
[  298.807939][T13320]        do_syscall_64+0xf3/0x230
[  298.812974][T13320]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.819425][T13320] 
[  298.819425][T13320] -> #1 (nr_node_list_lock){+...}-{3:3}:
[  298.827270][T13320]        lock_acquire+0x1ed/0x550
[  298.832403][T13320]        _raw_spin_lock_bh+0x35/0x50
[  298.837702][T13320]        nr_rt_device_down+0xb5/0x7b0
[  298.843090][T13320]        nr_device_event+0x134/0x150
[  298.848382][T13320]        notifier_call_chain+0x1a5/0x3f0
[  298.854026][T13320]        __dev_notify_flags+0x207/0x400
[  298.859594][T13320]        dev_change_flags+0xf0/0x1a0
[  298.864898][T13320]        dev_ifsioc+0x7c2/0xe70
[  298.869753][T13320]        dev_ioctl+0x719/0x1340
[  298.874612][T13320]        sock_do_ioctl+0x240/0x460
[  298.879822][T13320]        sock_ioctl+0x626/0x8e0
[  298.884688][T13320]        __se_sys_ioctl+0xf5/0x170
[  298.889809][T13320]        do_syscall_64+0xf3/0x230
[  298.894846][T13320]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.901274][T13320] 
[  298.901274][T13320] -> #0 (nr_neigh_list_lock){+...}-{3:3}:
[  298.909201][T13320]        validate_chain+0x18ef/0x5920
[  298.914674][T13320]        __lock_acquire+0x1397/0x2100
[  298.920067][T13320]        lock_acquire+0x1ed/0x550
[  298.925111][T13320]        _raw_spin_lock_bh+0x35/0x50
[  298.930408][T13320]        nr_remove_neigh+0x25/0xe0
[  298.935533][T13320]        nr_add_node+0x1be2/0x2360
[  298.940662][T13320]        nr_rt_ioctl+0xd5c/0xff0
[  298.945614][T13320]        sock_do_ioctl+0x158/0x460
[  298.950766][T13320]        sock_ioctl+0x626/0x8e0
[  298.955624][T13320]        __se_sys_ioctl+0xf5/0x170
[  298.960737][T13320]        do_syscall_64+0xf3/0x230
[  298.965785][T13320]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.972216][T13320] 
[  298.972216][T13320] other info that might help us debug this:
[  298.972216][T13320] 
[  298.982450][T13320] Chain exists of:
[  298.982450][T13320]   nr_neigh_list_lock --> nr_node_list_lock --> &nr_node->node_lock
[  298.982450][T13320] 
[  298.996382][T13320]  Possible unsafe locking scenario:
[  298.996382][T13320] 
[  299.003838][T13320]        CPU0                    CPU1
[  299.009316][T13320]        ----                    ----
[  299.014683][T13320]   lock(&nr_node->node_lock);
[  299.019537][T13320]                                lock(nr_node_list_lock);
[  299.026742][T13320]                                lock(&nr_node->node_lock);
[  299.034035][T13320]   lock(nr_neigh_list_lock);
[  299.038726][T13320] 
[  299.038726][T13320]  *** DEADLOCK ***
[  299.038726][T13320] 
[  299.046869][T13320] 1 lock held by syz.2.1974/13320:
[  299.051976][T13320]  #0: ffff888033e8a270 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0x1021/0x2360
[  299.061833][T13320] 
[  299.061833][T13320] stack backtrace:
[  299.067723][T13320] CPU: 1 UID: 0 PID: 13320 Comm: syz.2.1974 Not tainted 6.14.0-rc6-syzkaller-00126-ga0aff75e1553 #0
[  299.067744][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  299.067754][T13320] Call Trace:
[  299.067762][T13320]  <TASK>
[  299.067770][T13320]  dump_stack_lvl+0x241/0x360
[  299.067793][T13320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.067811][T13320]  ? __pfx__printk+0x10/0x10
[  299.067831][T13320]  print_circular_bug+0x13a/0x1b0
[  299.067852][T13320]  check_noncircular+0x36a/0x4a0
[  299.067873][T13320]  ? __pfx_check_noncircular+0x10/0x10
[  299.067892][T13320]  ? lockdep_lock+0x123/0x2b0
[  299.067917][T13320]  ? is_bpf_text_address+0x26/0x2a0
[  299.067944][T13320]  ? __pfx_lock_release+0x10/0x10
[  299.067971][T13320]  validate_chain+0x18ef/0x5920
[  299.067996][T13320]  ? kernel_text_address+0xa7/0xe0
[  299.068017][T13320]  ? __pfx_validate_chain+0x10/0x10
[  299.068034][T13320]  ? arch_stack_walk+0xfd/0x150
[  299.068049][T13320]  ? __pfx_validate_chain+0x10/0x10
[  299.068071][T13320]  ? stack_trace_save+0x118/0x1d0
[  299.068093][T13320]  ? __pfx_stack_trace_save+0x10/0x10
[  299.068114][T13320]  ? stack_trace_save+0x118/0x1d0
[  299.068136][T13320]  ? stack_depot_save_flags+0x37/0x940
[  299.068163][T13320]  ? mark_lock+0x9a/0x360
[  299.068182][T13320]  ? mark_lock+0x9a/0x360
[  299.068200][T13320]  __lock_acquire+0x1397/0x2100
[  299.068231][T13320]  lock_acquire+0x1ed/0x550
[  299.068255][T13320]  ? nr_remove_neigh+0x25/0xe0
[  299.068281][T13320]  ? __pfx_lock_acquire+0x10/0x10
[  299.068305][T13320]  ? __pfx_lock_acquire+0x10/0x10
[  299.068330][T13320]  ? nr_remove_neigh+0x25/0xe0
[  299.068352][T13320]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  299.068371][T13320]  ? do_raw_spin_lock+0x14f/0x370
[  299.068392][T13320]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  299.068413][T13320]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  299.068439][T13320]  ? nr_remove_neigh+0x25/0xe0
[  299.068462][T13320]  _raw_spin_lock_bh+0x35/0x50
[  299.068483][T13320]  ? nr_remove_neigh+0x25/0xe0
[  299.068505][T13320]  nr_remove_neigh+0x25/0xe0
[  299.068528][T13320]  nr_add_node+0x1be2/0x2360
[  299.068553][T13320]  ? __pfx_nr_add_node+0x10/0x10
[  299.068574][T13320]  ? nr_call_to_digi+0x7a/0x1b0
[  299.068594][T13320]  ? __asan_memcpy+0x40/0x70
[  299.068611][T13320]  ? nr_call_to_digi+0x121/0x1b0
[  299.068632][T13320]  nr_rt_ioctl+0xd5c/0xff0
[  299.068655][T13320]  ? aa_get_newest_label+0xff/0x6f0
[  299.068681][T13320]  ? tomoyo_path_number_perm+0x209/0x770
[  299.068706][T13320]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  299.068733][T13320]  ? security_path_unlink+0xd3/0x360
[  299.068756][T13320]  sock_do_ioctl+0x158/0x460
[  299.068780][T13320]  ? __pfx_sock_do_ioctl+0x10/0x10
[  299.068809][T13320]  sock_ioctl+0x626/0x8e0
[  299.068830][T13320]  ? __pfx_sock_ioctl+0x10/0x10
[  299.068850][T13320]  ? __fget_files+0x2a/0x410
[  299.068876][T13320]  ? __fget_files+0x2a/0x410
[  299.068901][T13320]  ? __pfx_sock_ioctl+0x10/0x10
[  299.068922][T13320]  __se_sys_ioctl+0xf5/0x170
[  299.068941][T13320]  do_syscall_64+0xf3/0x230
[  299.068966][T13320]  ? clear_bhb_loop+0x35/0x90
[  299.068992][T13320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.069016][T13320] RIP: 0033:0x7f6425b8d169
[  299.069031][T13320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.069046][T13320] RSP: 002b:00007f6426a48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  299.069064][T13320] RAX: ffffffffffffffda RBX: 00007f6425da6080 RCX: 00007f6425b8d169
[  299.069076][T13320] RDX: 0000400000000100 RSI: 000000000000890b RDI: 0000000000000004
[  299.069087][T13320] RBP: 00007f6425c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  299.069098][T13320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  299.069108][T13320] R13: 0000000000000000 R14: 00007f6425da6080 R15: 00007ffda3da2a38
[  299.069126][T13320]  </TASK>
[  299.501674][T13100] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  299.710207][T13100] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.744180][T13100] 8021q: adding VLAN 0 to HW filter on device team0
[  299.761341][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.768550][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.793283][   T82] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.800442][   T82] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.960596][T13100] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.149752][T13100] veth0_vlan: entered promiscuous mode
[  300.165438][T13100] veth1_vlan: entered promiscuous mode
[  300.189373][T13100] veth0_macvtap: entered promiscuous mode
[  300.200249][T13100] veth1_macvtap: entered promiscuous mode
[  300.220673][T13100] batman_adv: batadv0: Interface activated: batadv_slave_0
[  300.241944][T13100] batman_adv: batadv0: Interface activated: batadv_slave_1
[  300.260537][T13100] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.271444][T13100] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.283620][T13100] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.292364][T13100] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.333296][T13100] ieee80211 phy41: Selected rate control algorithm 'minstrel_ht'
[  300.369259][   T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  300.370931][T13100] ieee80211 phy42: Selected rate control algorithm 'minstrel_ht'
[  300.389440][   T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  300.419714][   T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  300.430056][   T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.787984][ T1162] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.057544][ T1162] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.508343][ T1162] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.591254][ T1162] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.695836][ T1162] bridge_slave_1: left allmulticast mode
[  303.701553][ T1162] bridge_slave_1: left promiscuous mode
[  303.708340][ T1162] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.721112][ T1162] bridge_slave_0: left allmulticast mode
[  303.731408][ T1162] bridge_slave_0: left promiscuous mode
[  303.740902][ T1162] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.908356][ T1162] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  303.924264][ T1162] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  303.939308][ T1162] bond0 (unregistering): Released all slaves
[  304.132904][ T1162] hsr_slave_0: left promiscuous mode
[  304.145395][ T1162] hsr_slave_1: left promiscuous mode
[  304.151240][ T1162] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  304.173774][ T1162] batman_adv: batadv0: Removing interface: batadv_slave_0
[  304.194371][ T1162] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  304.201849][ T1162] batman_adv: batadv0: Removing interface: batadv_slave_1
[  304.226929][ T1162] veth1_macvtap: left promiscuous mode
[  304.232505][ T1162] veth0_macvtap: left promiscuous mode
[  304.253728][ T1162] veth1_vlan: left promiscuous mode
[  304.259158][ T1162] veth0_vlan: left promiscuous mode
[  304.471657][ T1162] team0 (unregistering): Port device team_slave_1 removed
[  304.509388][ T1162] team0 (unregistering): Port device team_slave_0 removed