last executing test programs:

4.550064057s ago: executing program 1 (id=2402):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="3ea673bd60298f3a10ad250e023548fec6a8f841616714cdd16359a97ee3dd826103fc06440af7e45c1f3b95390c81b228008ae1f8a719398ad879661b7d624b8e21fe528dd9e77d916fdddfceb00a490f1bf51607e80fb68cf10d78b8514870377fbcb4bffb7ef8bb11e6ac50b6445a7892882456de5ca8dabe85c4393a78a30525e0336502e3d69da0c267"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000000c0)={@private, @multicast2}, &(0x7f0000000100)=0xfffffffffffffc99)
socket(0x23, 0x2, 0xfff)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000200)={0x0, 0xcb}, &(0x7f0000000240)=0x8)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, 0x0)
socket$netlink(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x19)
write(0xffffffffffffffff, &(0x7f0000000140), 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000007c0040000000000000fd1f1801000020786c3500000000002020207b1af8ff00000000bfa10000000000000701000094ffffffb702000008000000b703000000000020850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x20, 0x70bd2d, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4084}, 0x44)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000000))
preadv(r3, &(0x7f0000002640)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0xffffffff, 0x0)
write$cgroup_type(r2, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2})
socket$kcm(0x11, 0x0, 0x300)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x3c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x1e, 0x33, @disassoc={{{}, {}, @device_b, @device_a, @from_mac=@broadcast}, 0x0, @void}}]}, 0x3c}}, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})

2.447863299s ago: executing program 1 (id=2411):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c00000002030102000000020000030800010004000018731941128b7d391c6e3917080005400000002608000440000000200000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40008091}, 0x0) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000380)=[@in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e24, 0x5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x35}}, 0x10001}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x34}}], 0x3c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x3, 0xc, &(0x7f0000000c80)=ANY=[@ANYBLOB="180200000000000100000000000000008500000020000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000d000000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x4a, 0x0, &(0x7f0000001480)="e0b9547ed387dbc391e4e4cd8b77585260683b812389adfb63f361521d68e2618f5a94ff8b9c64d631617a173bab63b44f8f44d4c3263ada455d4111ad219f2af11e3660ac70c1504300", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (async)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58) (async)
r5 = accept4(r4, 0x0, 0x0, 0x0) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000003c0)=""/39, 0x27}, {&(0x7f0000000400)=""/4096, 0x1000}], 0x2}}], 0x1, 0x1, 0x0) (async)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) (async)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r7=>0x0})
r8 = socket(0x1f, 0x2, 0xc7)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="44000000110029080d8ddd8dd8d6fa0007000000", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a800800068004000500080000003e"], 0x44}}, 0x0) (async)
recvmmsg(r5, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x34, 0x0, 0x0, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_TOKEN={0x8}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x34}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r3) (async)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
getsockopt$inet6_opts(r3, 0x29, 0x36, &(0x7f0000000500)=""/60, &(0x7f0000000540)=0x3c) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000007112450000000000950000074a7f934ae2e43f9ecb46dce4838bbc00000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22}, 0x80) (async)
r9 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_DEL_MIF(r9, 0x29, 0xcb, &(0x7f0000001400)={0xffffffffffffffff, 0x1, 0x80, r7, 0x3}, 0xc) (async)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r10, 0x0) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f0000001500), r10) (async)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r1, 0x0)

2.245421258s ago: executing program 1 (id=2416):
unshare(0x62040200)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f00000005c0)=ANY=[@ANYBLOB="6e6174000000000000000000a83c00000000000000009800000000000000000004"], 0x68)
unshare(0x18020480)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff)

2.045502588s ago: executing program 0 (id=2419):
syz_emit_ethernet(0x86, &(0x7f0000001f80)=ANY=[@ANYBLOB="aaaaaaaaaaaa1a18ccacd4b98100000086dd60b13967004c2f0012000000000002000000ffff7f000001ff020000000000000000000000000001"], 0x0)

1.919972723s ago: executing program 0 (id=2421):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="3ea673bd60298f3a10ad250e023548fec6a8f841616714cdd16359a97ee3dd826103fc06440af7e45c1f3b95390c81b228008ae1f8a719398ad879661b7d624b8e21fe528dd9e77d916fdddfceb00a490f1bf51607e80fb68cf10d78b8514870377fbcb4bffb7ef8bb11e6ac50b6445a7892882456de5ca8dabe85c4393a78a30525e0336502e3d69da0c267"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000000c0)={@private, @multicast2}, &(0x7f0000000100)=0xfffffffffffffc99)
socket(0x23, 0x2, 0xfff)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000200)={0x0, 0xcb}, &(0x7f0000000240)=0x8)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, 0x0)
socket$netlink(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x19)
write(0xffffffffffffffff, &(0x7f0000000140), 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000007c0040000000000000fd1f1801000020786c3500000000002020207b1af8ff00000000bfa10000000000000701000094ffffffb702000008000000b703000000000020850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x20, 0x70bd2d, 0x25dfdbfc, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4084}, 0x44)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000000))
preadv(r3, &(0x7f0000002640)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0xffffffff, 0x0)
write$cgroup_type(r2, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2})
socket$kcm(0x11, 0x0, 0x300)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x3c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x1e, 0x33, @disassoc={{{}, {}, @device_b, @device_a, @from_mac=@broadcast}, 0x0, @void}}]}, 0x3c}}, 0x0)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})

1.71264277s ago: executing program 2 (id=2423):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)="943e29ad997c3cb220b11d2d043c26cfe506bd0b43b511d07ce1ec34de63806c12cbe842275af26e5e9529f0ddbbbdfab139fa29b6332f2324fbff1b1d43", &(0x7f0000001600), 0x1, r0}, 0x38)

1.524226192s ago: executing program 2 (id=2424):
bind$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x1c)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f00000001c0)=""/197, 0x1a, 0xc5, 0x1}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x0)
r1 = socket$inet(0x2, 0x3, 0x4)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x50, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0x0, 0x0, 0x5000000}}, @TCA_HTB_DIRECT_QLEN={0xffffffffffffff2e}]}}]}, 0x50}}, 0x0)

1.523996537s ago: executing program 3 (id=2425):
bind$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x1c)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f00000001c0)=""/197, 0x1a, 0xc5, 0x1}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000140)=[@in6={0xa, 0x4e24, 0xd, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x5}, @in6={0xa, 0x4e22, 0x8, @private1, 0x294}, @in={0x2, 0x4e21, @empty}], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x0, 0x2, 0x0, 0x1}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="1c0000001a005f0414f9f407000904008100000000000001585b0000", 0x1c)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRES8=r2], 0x7c}, 0x1, 0x0, 0x0, 0x4008010}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="78feffff10000100000043e51308da9a39c7cfe9d20000000000000000000a140000001100010000"], 0x28}}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x0)
r3 = socket$inet(0x2, 0x3, 0x4)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x50, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x24, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0x0, 0x0, 0x5000000}}, @TCA_HTB_DIRECT_QLEN={0xffffffffffffff2e}]}}]}, 0x50}}, 0x0)

1.441741035s ago: executing program 3 (id=2426):
close(0xffffffffffffffff)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x3a, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0) (fail_nth: 2)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x32, 0x0, 0x0)

1.403054957s ago: executing program 0 (id=2427):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r1], 0x40}, 0x1, 0xe0ffff00000000}, 0x0)

1.384895394s ago: executing program 4 (id=2428):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x8, 0x3}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x14, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001000000000000000200000018150100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) (async)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) (async)
sendmmsg$inet(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000400)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1ac07f7cce47d5", 0xdd}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000001080)="63c3b174ab06077f6ee67ac1310d86586b13d2c9e203a9da866b81e20e9fe5c43219396d489c1459ce9cd14fa3b43a0b9b6004118a35444790d70af5c873561aad55af7f9f8551103f694e2a22346ca675898ce02a665ecc07e153e3949b954c1d74b105c14411925a8ae24778d4111d2d9743", 0x73}, {&(0x7f00000003c0)="03d54d843173f8be883a57d9e39cc6c79c415ac50f3e1e9c9373002a5b1918", 0x1f}], 0x2}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)="610cb4f6db2105b873df3f7652cc642b85afb69fc18178429903bb6e1ecd18186c48864c", 0x24}, {&(0x7f0000000180)="6fe279d51047ff146af40b78b8d7ae53db8648c2090d72bcfeaf6fabbbfbe8dbc8b8f4cb22ac43d5a0fa87533bb375454751b8dd8aae4808a37a7649b3", 0x3d}, {&(0x7f00000001c0)="6d5edb4b883e266ba8c38aa9d13a78431c9d2cb6d8f4e1e80bb8a936aa105f46c914c46487522bc58054c4b0a523eeda0c76b595b36a515b6d30e34705733bb34bda2f89e92b2a98d2edbcffad9c5ccde0d723423cf07e4ffdbd568d3e263fb3b4086af3f2db1933785e59538bfd61f138ffac9eef7c8b34e4ce506220f43af449d3a72f48d9febe830b04cb3c99425de34cac503014ce74562667d8d6888edcc42fbbb6f7", 0xa5}, {&(0x7f00000002c0)="07030357fa3f85cd282cb9ab7e0a6d90d11f30e1bc20889d43e59a72354107b7849bc3c72e1485cca17aa5f4264f117b820688c6e25503bb54b2f6557d8b906aa997860941de528c25ca5ec78456babac034dc8cd2c4a4f078a8224b7ea2", 0x5e}, {&(0x7f0000000540)="3b645eb24aa5ebc806eab3faa6f18d93b255723549f425b3601f3cf9e6ff8c15e31d85eb95293c599d5aa08aa490d49346a247ae375960a86ff490f0535ec56bb6c173c7bfe8bf0a62", 0x49}], 0x5}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb3bf10f3485e399c8b59df5b02c5f2702522", 0x3c}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2c691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d7d77ceefde94faf2e36c3920581691a79a6678db1e5e7fa1ca703ee7aa87272e9c4a1bde5fbc390c7ccb9d3c1020e80bd0659e82d861dc6fe4c62639134c54e708601eae992", 0xd2}, {&(0x7f0000000940)="5be3b011e12323e4ab88c0472fd012198c3c61bb81e71ba62134303d2db9740143b0374a0d0be875789932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19645f7a1dcf1449fd34eecae5f52fba1e89d6d34b39297bbbc258c2ea547d47f2d89ad6e36e737691a1c6bdd164b2a85cbaaf648c910559f53581c60bd6c80f90c75f664e5b285c738881560f8ae89a4943141ac45fb6995cece6a2e0e62bd79213527a11c34a6e89ca41ead3e2589301279d9b0832d0b5a6ebe2cf0cbfa40ab948b0b9efe108aeded8d12388a459902261bb0d5ab83ed7ce81b8a59ef1aece", 0xe5}, {&(0x7f0000000840)="a1c3704ecc4399d294157fa2b9", 0xd}, {&(0x7f0000000880)="b45a498ea447ee604887121819ab170a8c4da8299a", 0x15}, {&(0x7f0000000a40)="bd2f6aa36cea0e62ac00a4539dd80281164750339fcc3cd1f7bb1b74e98dbbe81e997d4847ee5d06a72e6f1c6b8a873c7ea7760f102483b578526af9775e51b84818d03da71c7a9a2b18fac6dde3bbf18625", 0x52}], 0x6}}], 0x4, 0x0) (async)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$l2tp(r2, &(0x7f0000000dc0)="a673fc2fed737fe4c700273fe1a3515d0661b4cae3a75303fff7eb5382e42c470e19794ce4603ba4e600f644702ace85d0dfef28cd15befb583d05dc6fe69dc2c8e76486479ad55ca70c82a235e032e6292763", 0x53, 0x0, 0x0, 0x0) (async)
socket(0x0, 0x0, 0x0) (async)
sendto$inet(r2, &(0x7f00000012c0)='\t', 0x1, 0x11, 0x0, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1e, 0x4, 0xa12b, 0x3, 0x2a8, r0, 0x2, '\x00', 0x0, r3, 0x1, 0x5}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r7, &(0x7f0000000180), 0x20000000}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f00000000c0)={r7, &(0x7f0000000180), 0x0}, 0x20) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='block_split\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000007d2700000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r8, &(0x7f0000000100)}, 0x20) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='block_split\x00', r9}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xcd}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x840158fe4a42149c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.1564564s ago: executing program 4 (id=2429):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a00140000000280168712", 0x2d}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x2c00, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)

1.097493148s ago: executing program 1 (id=2430):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000020002851000000600000018100000", @ANYRES32=r0, @ANYBLOB="00000000000000006608000000000000180000001000000000000000000000009500000000000000360a000000000000180000002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)

986.89979ms ago: executing program 2 (id=2431):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001000010400000000fddbdf2500000000", @ANYRES32=r2, @ANYBLOB="00000002e1000000"], 0x20}}, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x1f0, 0x2f0, 0xe8, 0x2f0, 0x2f0, 0x2f0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x100}, @unspec=@NFQUEUE0={0x0, 'NFQUEUE\x00', 0x0, {0x7}}}, {{@uncond, 0xc0, 0x110, 0x0, {0x0, 0x1e03}}, @unspec=@IDLETIMER={0x0, 'IDLETIMER\x00', 0x0, {0x6, 'syz1\x00', {0xc}}}}, {{@arp={@rand_addr=0x64010102, @loopback, 0xffffffff, 0xffffffff, 0x1, 0x10, {@mac=@multicast, {[0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0x0, 0xff]}}, 0xff81, 0x0, 0x63, 0x8, 0x80, 0x401, 'team0\x00', 'rose0\x00', {}, {0xe5e5ed5069c5f272}, 0x0, 0x20}, 0xc0, 0xf0}, @unspec=@RATEEST={0x0, 'RATEEST\x00', 0x0, {'syz1\x00', 0x8, 0x6, {0x7}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x10000000a)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f00000008c0)=ANY=[@ANYBLOB="18080000796400000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095", @ANYRES16=r0], &(0x7f0000000280)='syzkaller\x00', 0xa, 0x0, 0x0, 0x41100, 0x18}, 0x90)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1a, 0x0, &(0x7f0000001100)=0x8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'pim6reg0\x00', <r6=>0x0})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071122500000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x18, 0x8, 0x43, 0x2, 0x1, 0x0, '\x00', r6, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f00000002c0), 0x1000, r8}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r8, &(0x7f0000001240)="df", &(0x7f0000000580)=""/107}, 0x20)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000010000000000000000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001d00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r11, 0x6, 0x21, &(0x7f0000000240)="b0184fd05b20b987986a95399622aab1", 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r10, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="5a6e41dea43e63a3f70cff11c72b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=ANY=[@ANYBLOB="9f1a2c10000104003000000000", @ANYRESDEC, @ANYRES32=r4], 0x50}}, 0x0)
bind$can_j1939(r7, &(0x7f00000001c0), 0x18)
sendmsg$can_j1939(r7, &(0x7f0000000380)={&(0x7f0000000200)={0x1d, 0x0, 0x2}, 0x18, &(0x7f0000000340)={&(0x7f00000000c0)="10", 0x6fffff9}}, 0xfeffff)

902.89684ms ago: executing program 0 (id=2432):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000940)=@bpf_ext={0x1c, 0x0, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x800, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000700)={0x7}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f00000008c0), 0x10, 0x7fffffff}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'sit0\x00', @local})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'sit0\x00', @random="4f33e363a4b1"})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, 0x0}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x54, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6}, @IFLA_GRE_LOCAL={0x14, 0x6, @local}]}}}]}, 0x54}, 0x1, 0xb00}, 0xa00)

902.754795ms ago: executing program 1 (id=2433):
close(0xffffffffffffffff)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x3a, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x32, 0x0, 0x0)

902.307365ms ago: executing program 3 (id=2434):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='@'], 0x40}}, 0x0)

901.998781ms ago: executing program 4 (id=2435):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000631108000000000007000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
socket$netlink(0x10, 0x3, 0x0)
setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000280)=0x6, 0x4)
socket$packet(0x11, 0x3, 0x300)
socket$rxrpc(0x21, 0x2, 0xa)
socket$rxrpc(0x21, 0x2, 0xa)
socket$rxrpc(0x21, 0x2, 0xa)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)='%pS    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r4}, 0x10)
write$binfmt_script(r1, &(0x7f0000000140), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000180)={@map=0x1}, 0x20)

729.392681ms ago: executing program 1 (id=2436):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000186800000000000090737c73267beee600000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3000000}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x0, 0x81, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, &(0x7f00000001c0), 0x1)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)

646.305789ms ago: executing program 3 (id=2437):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000500002100000008000300", @ANYRES32=r3], 0x30}}, 0x0)

591.764429ms ago: executing program 2 (id=2438):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @broadcast}], 0x10)
r0 = socket$inet(0xa, 0x801, 0x0)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f0000000100), 0x4)
accept4(r0, 0x0, 0x0, 0xc0800)
socket$kcm(0x2, 0xa, 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x17, &(0x7f00000004c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf09000000000000350901000000000095000000000000001801000020646c3200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000de9800000000000056080000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a3312779a", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)

470.099605ms ago: executing program 4 (id=2439):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {0x0, 0x0, 0x0, 0x80ff}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x138}}, 0x0)

460.791383ms ago: executing program 0 (id=2440):
socket$l2tp6(0xa, 0x2, 0x73)
shutdown(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000140)={@random="5b1a033f2511", @remote, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x4578, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x12, 0x0, 0x5000000, "fdcdae25a7a296872a8a5290e48e30acf8afc7e67d70a62c979cefa10a0028bd", "ae0000000000000000e400", {"35f3c07eeca4a20a9858ac1500", "63081fe8fe001a08ed082ad7121d696f"}}}}}}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)

404.015962ms ago: executing program 3 (id=2441):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010400000000000000001200000018000700feffffff180001801400020076657468305f746f0f006f6e64000000"], 0x34}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000500000000000000000085000000270000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000180)='syzkaller\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x0, 0x0, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$rxrpc(0x21, 0x2, 0x0)
bind$rxrpc(r2, 0x0, 0x0)
connect$rxrpc(0xffffffffffffffff, &(0x7f00000002c0)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @dev}}, 0x24)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000c80)=ANY=[@ANYBLOB="1c00000068000100000000000000000002000000ee89df0000000004000400"], 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @empty}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a07fef8ffffff71a400fe0000000071101000000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a02fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@ipv6_getrule={0x1c, 0x22, 0x100, 0x70bd2b, 0x25dfdbfc, {0xa, 0x14, 0xa0, 0x1f, 0x0, 0x0, 0x0, 0xa, 0x8}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000a40), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008002000b704000000000000850000003300000085000000a000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(0xffffffffffffffff, &(0x7f0000000340)="05040006e8fe091c6202a0ffffffff006003000000007f141434e3177f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000d80)={'syztnl2\x00', &(0x7f0000000d00)={'syztnl1\x00', 0x0, 0x4, 0x3f, 0xd5, 0x2, 0xa, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, 0x40, 0x8000}})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000f40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x80)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r6}, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073017a30000000000900020073797a3000000000140003800800014000000000080002400000000028010000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000fc000380040000000400010000000000000000000000000a"], 0x1b0}}, 0x0)
socket$inet6(0xa, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

361.539936ms ago: executing program 2 (id=2442):
pipe(&(0x7f0000000300))
socket$inet6_tcp(0xa, 0x1, 0x0)
unshare(0x2040400)
epoll_create(0x1ff)
socket$igmp6(0xa, 0x3, 0x2)
socket$tipc(0x1e, 0x5, 0x0)
epoll_create1(0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfe}, 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

253.252748ms ago: executing program 4 (id=2443):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000080)={{{@in=@private, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@broadcast, 0x0, 0x32}, 0x0, @in6=@loopback, 0xfffffffc}}, 0xe8)
r2 = socket$netlink(0x10, 0x3, 0x6)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000000)="480000001500190a20ffff7fffffff5602113e850e1de0974881030491720000de213ee23ffbf510040041feff5aff2b0000000000000700"/68, 0x44}, {&(0x7f0000000080)="c1130389", 0x4}], 0x2)
readv(r2, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/94, 0x5e}], 0x1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000380)={'ip6gre0\x00'})
sendmsg$NFC_CMD_GET_TARGET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r3)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r3)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="0100018000000000080001"], 0x1c}}, 0x0)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r8}, 0xc)
sendmsg$netlink(r6, &(0x7f0000000180)={0x0, 0xb00, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b00010a000000000000001807"], 0x114}], 0x1}, 0x0)

152.299018ms ago: executing program 0 (id=2444):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="03011400ff1e430000030800ad0001140000002f0600ac14141fe000e502808a8972bd0f72e410820c520f068c3f1fe4fdfe4b449430ebb52997e36e039b1c598825f80100a3c06376c3304176a167d50261a67a34a09e5fe2bb07b6f14607a8d84bf8"], 0xdd12}], 0x1}, 0x0)

105.606338ms ago: executing program 2 (id=2445):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800000007"], 0x0}, 0x90)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x2000000}, 0x0, 0x0, 0x0, 0x300, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0x3, 0x8}}}}]}, 0x78}}, 0x0)

22.933545ms ago: executing program 4 (id=2446):
unshare(0x20000400)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x209, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x88}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x30, r6, 0x10, 0x0, 0x25d7dbfe, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x5d, 0x4d}}}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x4000042)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', <r8=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x2c, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_KEY={0x10, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0xc, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}]}]}, 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="897111a9b25c1400f1c89ebfb65a52557100001000010000000000000000000000000a48000000060a09040000000000000000020000001c000480180001800d00010073796e70726f787900000000040002800900010073797a30000000000900020073797a320000000014000000110001000000006901ed20c6ce3e891fe0056480b27306281c0598cde7316d11e19be77364a50c0f3c830b8d08262701c2204e2eefffee1bcfaa8d7f497d2f8224854b868d6419e727635c5bac89a164884bfe2a3fd018139a099db72ef592e2a7a271e1ba44d83efad746221293341bce50fda32628e7c307cf637609cac2a8c0e8a475213df215f95dda7be2da4684d4d203ac2bd8"], 0x70}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010800000000000000000000000a14000000020a0104000000000000000000000000140000001100010000000000000000000000000a"], 0x3c}}, 0x0)
r9 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r9, 0x0, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r14=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000300)={0x24, r13, 0x5, 0x0, 0x0, {{}, {@val={0xfdb1, 0x3, r14}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4255e014b82d", @ANYRES16=r13, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r14, @ANYBLOB="72000e0080000000ffffffffffff08021100000008021100000000000000000000000000640000000301ae0602000025030005002a01003c04000006102d1a00000000000000000000000000000000000000000000000000007206030303030303710700000000000000760600000000000000000400800004007f000500a3000000000008000d0000000000"], 0xa8}}, 0x0)
r15 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r15, 0x0)
shutdown(r15, 0x0)
sendmsg$NL80211_CMD_DEL_STATION(r10, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r11, 0xa28b71136a99e6a7, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r14}, @void}}, [@NL80211_ATTR_STA_AID={0x6, 0x10, 0x771}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x7ff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x40800)

0s ago: executing program 3 (id=2447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x1, 0x4}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}, 0x1, 0x800000000000000}, 0x0)

kernel console output (not intermixed with test programs):

841][ T9349] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  176.060263][ T9637] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1323'.
[  176.084548][ T9637] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1323'.
[  176.223338][ T9642] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1324'.
[  176.311403][ T9648] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1325'.
[  176.332019][ T9648] openvswitch: Κό: Dropping previously announced user features
[  176.380505][ T9648] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1325'.
[  176.394307][ T9648] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1325'.
[  176.667336][ T9657] FAULT_INJECTION: forcing a failure.
[  176.667336][ T9657] name failslab, interval 1, probability 0, space 0, times 0
[  176.720061][ T9657] CPU: 1 UID: 0 PID: 9657 Comm: syz.2.1326 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  176.730444][ T9657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  176.733465][ T9349] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.740590][ T9657] Call Trace:
[  176.740602][ T9657]  <TASK>
[  176.740612][ T9657]  dump_stack_lvl+0x241/0x360
[  176.740641][ T9657]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.740661][ T9657]  ? __pfx__printk+0x10/0x10
[  176.740682][ T9657]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  176.740703][ T9657]  ? __pfx___might_resched+0x10/0x10
[  176.779392][ T9657]  should_fail_ex+0x3b0/0x4e0
[  176.784109][ T9657]  should_failslab+0xac/0x100
[  176.788817][ T9657]  ? __alloc_skb+0x1c3/0x440
[  176.793434][ T9657]  kmem_cache_alloc_node_noprof+0x71/0x320
[  176.799287][ T9657]  __alloc_skb+0x1c3/0x440
[  176.803734][ T9657]  ? __pfx___alloc_skb+0x10/0x10
[  176.808693][ T9657]  ? netlink_autobind+0xd6/0x2f0
[  176.813631][ T9657]  ? netlink_autobind+0x2b0/0x2f0
[  176.818830][ T9657]  netlink_sendmsg+0x638/0xcb0
[  176.823598][ T9657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.828879][ T9657]  ? __import_iovec+0x536/0x820
[  176.833726][ T9657]  ? aa_sock_msg_perm+0x91/0x160
[  176.838663][ T9657]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  176.843946][ T9657]  ? security_socket_sendmsg+0x87/0xb0
[  176.849409][ T9657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.854688][ T9657]  __sock_sendmsg+0x221/0x270
[  176.859363][ T9657]  ____sys_sendmsg+0x525/0x7d0
[  176.864135][ T9657]  ? __pfx_____sys_sendmsg+0x10/0x10
[  176.869427][ T9657]  __sys_sendmsg+0x2b0/0x3a0
[  176.874024][ T9657]  ? __pfx___sys_sendmsg+0x10/0x10
[  176.879142][ T9657]  ? vfs_write+0x7c4/0xc90
[  176.883589][ T9657]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  176.889919][ T9657]  ? do_syscall_64+0x100/0x230
[  176.894685][ T9657]  ? do_syscall_64+0xb6/0x230
[  176.899359][ T9657]  do_syscall_64+0xf3/0x230
[  176.903853][ T9657]  ? clear_bhb_loop+0x35/0x90
[  176.908529][ T9657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.914416][ T9657] RIP: 0033:0x7fd243b77299
[  176.918827][ T9657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.938431][ T9657] RSP: 002b:00007fd2448d0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.946840][ T9657] RAX: ffffffffffffffda RBX: 00007fd243d05f80 RCX: 00007fd243b77299
[  176.954805][ T9657] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000006
[  176.962769][ T9657] RBP: 00007fd2448d00a0 R08: 0000000000000000 R09: 0000000000000000
[  176.970736][ T9657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.978713][ T9657] R13: 000000000000000b R14: 00007fd243d05f80 R15: 00007ffde2f22578
[  176.986706][ T9657]  </TASK>
[  177.090662][ T9661] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1327'.
[  177.177597][ T9349] veth0_vlan: entered promiscuous mode
[  177.282749][ T9349] veth1_vlan: entered promiscuous mode
[  177.394671][ T9668] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1329'.
[  177.498301][ T9672] Bluetooth: MGMT ver 1.23
[  177.499027][ T9349] veth0_macvtap: entered promiscuous mode
[  177.514605][ T9675] xt_recent: hitcount (184549376) is larger than allowed maximum (65535)
[  177.548215][ T9349] veth1_macvtap: entered promiscuous mode
[  177.664415][ T9679] netlink: 'syz.4.1332': attribute type 28 has an invalid length.
[  177.867567][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.921632][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.970257][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.992199][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.005059][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.017194][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.029169][ T9349] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.071309][ T9694] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1336'.
[  178.146348][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.181456][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.221609][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.278961][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.311768][ T9349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.342230][ T9349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.360433][ T9349] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.409785][ T9709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1340'.
[  178.461427][ T9349] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.501578][ T9349] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.521842][ T9349] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.549857][ T9349] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.761783][ T9720] xt_CT: No such helper "syz0"
[  179.184545][ T1064] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.192389][ T1064] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.341968][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.362313][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.626697][ T9769] netlink: 'syz.3.1353': attribute type 4 has an invalid length.
[  180.137843][ T9791] team0: Port device bond0 removed
[  180.166133][ T9798] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.257018][ T9798] team0: Port device bond0 added
[  180.351487][ T9805] vlan3: entered promiscuous mode
[  180.866513][ T9832] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  180.893287][ T9834] syz_tun: entered promiscuous mode
[  180.914599][ T9834] batadv_slave_0: entered promiscuous mode
[  180.938092][ T9834] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  180.971125][ T9834] Cannot create hsr debugfs directory
[  180.985783][ T9834] syz_tun: left promiscuous mode
[  180.991541][ T9834] batadv_slave_0: left promiscuous mode
[  181.005992][    C0] eth0: bad gso: type: 1, size: 1408
[  181.286176][ T5228] Bluetooth: hci1: command 0x0406 tx timeout
[  181.289907][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  181.292700][ T4618] Bluetooth: hci2: command 0x0406 tx timeout
[  181.401586][ T9861] FAULT_INJECTION: forcing a failure.
[  181.401586][ T9861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.408565][ T9851] batman_adv: batadv0: Adding interface: gretap1
[  181.415916][ T9861] CPU: 1 UID: 0 PID: 9861 Comm: syz.0.1376 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  181.431550][ T9861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  181.441624][ T9861] Call Trace:
[  181.444909][ T9861]  <TASK>
[  181.447838][ T9861]  dump_stack_lvl+0x241/0x360
[  181.452519][ T9861]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.457828][ T9861]  ? __pfx__printk+0x10/0x10
[  181.462415][ T9861]  ? __pfx_lock_release+0x10/0x10
[  181.467447][ T9861]  should_fail_ex+0x3b0/0x4e0
[  181.472125][ T9861]  _copy_from_user+0x2f/0xe0
[  181.477146][ T9861]  do_ipv6_setsockopt+0x2f1/0x3630
[  181.482259][ T9861]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  181.487802][ T9861]  ? aa_label_sk_perm+0x4f0/0x6d0
[  181.492830][ T9861]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  181.498224][ T9861]  ? __pfx___might_resched+0x10/0x10
[  181.503607][ T9861]  ? __lock_acquire+0x137a/0x2040
[  181.508640][ T9861]  ? aa_sk_perm+0x967/0xab0
[  181.513145][ T9861]  ipv6_setsockopt+0x5c/0x1a0
[  181.517824][ T9861]  rawv6_setsockopt+0x327/0x740
[  181.522675][ T9861]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  181.528041][ T9861]  ? aa_sock_opt_perm+0x79/0x120
[  181.532973][ T9861]  ? sock_common_setsockopt+0x37/0xc0
[  181.538339][ T9861]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  181.544226][ T9861]  do_sock_setsockopt+0x3af/0x720
[  181.549255][ T9861]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  181.554798][ T9861]  ? __fget_files+0x29/0x470
[  181.559410][ T9861]  ? __fget_files+0x3f6/0x470
[  181.564113][ T9861]  __sys_setsockopt+0x1ae/0x250
[  181.568979][ T9861]  __x64_sys_setsockopt+0xb5/0xd0
[  181.574096][ T9861]  do_syscall_64+0xf3/0x230
[  181.578596][ T9861]  ? clear_bhb_loop+0x35/0x90
[  181.583280][ T9861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.589176][ T9861] RIP: 0033:0x7ff9cd177299
[  181.593588][ T9861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.613194][ T9861] RSP: 002b:00007ff9cdf3d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  181.621610][ T9861] RAX: ffffffffffffffda RBX: 00007ff9cd305f80 RCX: 00007ff9cd177299
[  181.629578][ T9861] RDX: 0000000000000018 RSI: 0000000000000029 RDI: 0000000000000003
[  181.637539][ T9861] RBP: 00007ff9cdf3d0a0 R08: 0000000000000004 R09: 0000000000000000
[  181.645502][ T9861] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000001
[  181.653467][ T9861] R13: 000000000000000b R14: 00007ff9cd305f80 R15: 00007ffc14e0f868
[  181.661448][ T9861]  </TASK>
[  181.673904][ T9851] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.709518][ T9851] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  181.742865][ T9857] __nla_validate_parse: 9 callbacks suppressed
[  181.742885][ T9857] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1370'.
[  181.759690][ T9857] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1370'.
[  181.814989][ T9863] tipc: Started in network mode
[  181.823603][ T9863] tipc: Node identity ac1414aa, cluster identity 4711
[  181.841878][ T9866] xt_bpf: check failed: parse error
[  181.844905][ T9863] tipc: Enabled bearer <udp:syz2>, priority 10
[  181.976664][ T9870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1380'.
[  182.140734][ T9879] Bluetooth: hci3: invalid length 0, exp 2 for type 26
[  182.833297][ T9908] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1392'.
[  182.920180][ T9916] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1395'.
[  182.971159][ T6260] tipc: Node number set to 2886997162
[  183.003647][ T9920] xt_bpf: check failed: parse error
[  183.081229][ T9917] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1393'.
[  183.124527][ T9917] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1393'.
[  183.221692][ T9924] Bluetooth: hci3: invalid length 0, exp 2 for type 26
[  183.582537][    C0] eth0: bad gso: type: 1, size: 1408
[  183.631423][ T9940] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  183.691825][ T9942] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.943864][ T9953] Bluetooth: hci3: unsupported parameter 64512
[  183.967610][ T9953] Bluetooth: hci3: invalid length 0, exp 2 for type 4
[  183.970333][ T9955] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1410'.
[  184.006630][ T9957] netlink: 'syz.1.1411': attribute type 1 has an invalid length.
[  184.194598][ T9970] IPVS: length: 164 != 24
[  184.318266][    C0] eth0: bad gso: type: 1, size: 1408
[  184.335887][ T9977] netlink: 4552 bytes leftover after parsing attributes in process `syz.4.1417'.
[  184.390297][ T9977] netlink: 4552 bytes leftover after parsing attributes in process `syz.4.1417'.
[  184.476023][ T9979] team0: left allmulticast mode
[  184.480941][ T9979] team_slave_0: left allmulticast mode
[  184.507902][ T9977] xt_CT: No such helper "syz0"
[  184.514174][ T9979] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  184.539473][ T9979] team0: left promiscuous mode
[  184.574158][ T9979] team_slave_0: left promiscuous mode
[  184.582632][ T9979] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  184.605376][ T9979] bridge0: port 3(team0) entered disabled state
[  184.638883][ T9979] bridge_slave_0: left allmulticast mode
[  184.660302][ T9979] bridge_slave_0: left promiscuous mode
[  184.688467][ T9979] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.711939][ T9979] bridge_slave_1: left allmulticast mode
[  184.728329][ T9979] bridge_slave_1: left promiscuous mode
[  184.738534][ T9979] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.751282][ T9979] bond0: (slave bond_slave_0): Releasing backup interface
[  184.765836][ T9979] bond_slave_0: left promiscuous mode
[  184.794110][ T9979] bond0: (slave bond_slave_1): Releasing backup interface
[  184.801880][ T9979] bond_slave_1: left promiscuous mode
[  184.829905][ T9979] team0: Port device team_slave_0 removed
[  184.844150][ T9979] bond4: (slave team_slave_1): Releasing active interface
[  184.851675][ T9979] team_slave_1: left promiscuous mode
[  184.870183][ T9979] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.878086][ T9979] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.891255][ T9979] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.901405][ T9979] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.915057][ T9979] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  184.922253][ T9979] batman_adv: batadv0: Removing interface: virt_wifi0
[  184.945546][ T9979] team0: Port device netdevsim0 removed
[  184.960554][ T9979] bond0: (slave macvlan2): Releasing backup interface
[  184.977907][ T9979] macvlan2: left promiscuous mode
[  184.983155][ T9979] vlan1: left promiscuous mode
[  185.013800][ T9990] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.034996][ T9990] team0: Port device bond0 added
[  185.429072][T10023] IPVS: length: 164 != 24
[  185.971012][T10042] xt_CT: No such helper "syz0"
[  186.860002][T10088] xt_CT: You must specify a L4 protocol and not use inversions on it
[  187.053505][T10090] bond0: (slave macvlan2): Releasing backup interface
[  187.151520][T10096] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.166288][T10096] team0: Port device bond0 added
[  187.324631][T10105] __nla_validate_parse: 7 callbacks suppressed
[  187.324652][T10105] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1459'.
[  187.437219][T10110] netlink: 'syz.0.1461': attribute type 10 has an invalid length.
[  187.463197][T10110] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1461'.
[  187.510515][T10110] bridge0: port 1(dummy0) entered blocking state
[  187.559008][T10110] bridge0: port 1(dummy0) entered disabled state
[  187.569210][T10110] dummy0: entered allmulticast mode
[  187.607826][T10110] dummy0: entered promiscuous mode
[  187.639054][T10110] bridge0: port 1(dummy0) entered blocking state
[  187.645618][T10110] bridge0: port 1(dummy0) entered forwarding state
[  187.923039][T10138] netlink: 200836 bytes leftover after parsing attributes in process `syz.4.1466'.
[  187.943906][T10139] netlink: 200836 bytes leftover after parsing attributes in process `syz.4.1466'.
[  187.960492][T10139] openvswitch: netlink: Duplicate key (type 0).
[  187.975454][T10138] openvswitch: netlink: Duplicate key (type 0).
[  188.994415][T10181] sit0: left promiscuous mode
[  189.062942][T10181] bond1: left promiscuous mode
[  189.115195][T10181] bond0: left promiscuous mode
[  189.146331][T10181] vlan2: left promiscuous mode
[  189.170435][T10181] bond2: left promiscuous mode
[  189.377691][T10194] tap0: tun_chr_ioctl cmd 1074025675
[  189.394185][T10194] tap0: persist disabled
[  189.465340][T10197] FAULT_INJECTION: forcing a failure.
[  189.465340][T10197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.514801][T10197] CPU: 1 UID: 0 PID: 10197 Comm: syz.4.1485 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  189.525637][T10197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  189.535716][T10197] Call Trace:
[  189.539011][T10197]  <TASK>
[  189.541962][T10197]  dump_stack_lvl+0x241/0x360
[  189.546672][T10197]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.551907][T10197]  ? __pfx__printk+0x10/0x10
[  189.556531][T10197]  ? snprintf+0xda/0x120
[  189.560804][T10197]  should_fail_ex+0x3b0/0x4e0
[  189.565522][T10197]  _copy_to_user+0x2f/0xb0
[  189.569959][T10197]  simple_read_from_buffer+0xca/0x150
[  189.575358][T10197]  proc_fail_nth_read+0x1e9/0x250
[  189.580495][T10197]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.586074][T10197]  ? rw_verify_area+0x520/0x6b0
[  189.591109][T10197]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.596658][T10197]  vfs_read+0x204/0xbc0
[  189.600808][T10197]  ? __pfx_lock_release+0x10/0x10
[  189.606016][T10197]  ? do_sock_setsockopt+0x3e2/0x720
[  189.611211][T10197]  ? __pfx_vfs_read+0x10/0x10
[  189.615883][T10197]  ? __fget_files+0x29/0x470
[  189.620467][T10197]  ? __fget_files+0x3f6/0x470
[  189.625162][T10197]  ksys_read+0x1a0/0x2c0
[  189.629417][T10197]  ? __pfx_ksys_read+0x10/0x10
[  189.634190][T10197]  ? do_syscall_64+0x100/0x230
[  189.638964][T10197]  ? do_syscall_64+0xb6/0x230
[  189.643639][T10197]  do_syscall_64+0xf3/0x230
[  189.648137][T10197]  ? clear_bhb_loop+0x35/0x90
[  189.652812][T10197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.658707][T10197] RIP: 0033:0x7f10a2975d7c
[  189.663204][T10197] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  189.682894][T10197] RSP: 002b:00007f10a37bf040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  189.691321][T10197] RAX: ffffffffffffffda RBX: 00007f10a2b05f80 RCX: 00007f10a2975d7c
[  189.699289][T10197] RDX: 000000000000000f RSI: 00007f10a37bf0b0 RDI: 0000000000000004
[  189.707252][T10197] RBP: 00007f10a37bf0a0 R08: 0000000000000000 R09: 0000000000000000
[  189.715212][T10197] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000001
[  189.723176][T10197] R13: 000000000000000b R14: 00007f10a2b05f80 R15: 00007ffd37bca0a8
[  189.731324][T10197]  </TASK>
[  189.828920][T10206] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1487'.
[  189.833553][T10199] team0: Port device bond0 removed
[  189.993541][T10202] 8021q: adding VLAN 0 to HW filter on device bond0
[  190.011441][T10202] team0: Port device bond0 added
[  190.249368][T10226] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1493'.
[  190.509118][T10230] batadv0: mtu less than device minimum
[  190.562513][T10230] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  190.575327][T10230] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  190.587617][T10230] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  190.599854][T10230] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  190.612069][T10230] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  190.624278][T10230] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  190.636728][T10230] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  190.969181][T10236] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.976918][T10236] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.358007][T10236] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.400624][T10236] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.704765][T10236] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.744040][T10236] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.763233][T10236] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  191.786444][T10236] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.140898][T10271] netlink: 'syz.2.1505': attribute type 1 has an invalid length.
[  192.231815][T10271] bond5: entered promiscuous mode
[  192.720165][T10303] FAULT_INJECTION: forcing a failure.
[  192.720165][T10303] name failslab, interval 1, probability 0, space 0, times 0
[  192.786234][T10303] CPU: 0 UID: 0 PID: 10303 Comm: syz.1.1513 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  192.796696][T10303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  192.806869][T10303] Call Trace:
[  192.810169][T10303]  <TASK>
[  192.811130][T10306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1515'.
[  192.813105][T10303]  dump_stack_lvl+0x241/0x360
[  192.813139][T10303]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.813160][T10303]  ? __pfx__printk+0x10/0x10
[  192.836465][T10303]  ? __kmalloc_noprof+0xb0/0x400
[  192.841430][T10303]  ? __pfx___might_resched+0x10/0x10
[  192.846758][T10303]  should_fail_ex+0x3b0/0x4e0
[  192.851555][T10303]  ? copy_splice_read+0x18d/0xb60
[  192.856598][T10303]  should_failslab+0xac/0x100
[  192.861301][T10303]  ? copy_splice_read+0x18d/0xb60
[  192.866336][T10303]  __kmalloc_noprof+0xd8/0x400
[  192.871104][T10303]  copy_splice_read+0x18d/0xb60
[  192.875952][T10303]  ? __pfx_copy_splice_read+0x10/0x10
[  192.881322][T10303]  ? file_end_write+0xe0/0x250
[  192.886080][T10303]  ? direct_splice_actor+0x12b/0x220
[  192.891372][T10303]  splice_direct_to_actor+0x502/0xc90
[  192.896754][T10303]  ? __pfx_direct_splice_actor+0x10/0x10
[  192.902384][T10303]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  192.908272][T10303]  ? __fget_files+0x29/0x470
[  192.912857][T10303]  ? __pfx_lock_release+0x10/0x10
[  192.917876][T10303]  do_splice_direct+0x28c/0x3e0
[  192.922722][T10303]  ? __pfx_do_splice_direct+0x10/0x10
[  192.928086][T10303]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  192.933975][T10303]  ? security_file_permission+0x7f/0xa0
[  192.939518][T10303]  ? rw_verify_area+0x1d2/0x6b0
[  192.944363][T10303]  do_sendfile+0x56d/0xe20
[  192.948789][T10303]  ? __pfx_do_sendfile+0x10/0x10
[  192.953810][T10303]  ? bpf_trace_run2+0x1fc/0x540
[  192.958659][T10303]  ? bpf_trace_run2+0x36e/0x540
[  192.963507][T10303]  __se_sys_sendfile64+0x17c/0x1e0
[  192.968620][T10303]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  192.974252][T10303]  ? rcu_is_watching+0x15/0xb0
[  192.979021][T10303]  ? trace_sys_enter+0x1f/0xd0
[  192.983773][T10303]  do_syscall_64+0xf3/0x230
[  192.988271][T10303]  ? clear_bhb_loop+0x35/0x90
[  192.992945][T10303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.998837][T10303] RIP: 0033:0x7f4e2dd77299
[  193.003241][T10303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.022848][T10303] RSP: 002b:00007f4e2eb67048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  193.031256][T10303] RAX: ffffffffffffffda RBX: 00007f4e2df05f80 RCX: 00007f4e2dd77299
[  193.039248][T10303] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000d
[  193.047228][T10303] RBP: 00007f4e2eb670a0 R08: 0000000000000000 R09: 0000000000000000
[  193.055196][T10303] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002
[  193.063157][T10303] R13: 000000000000000b R14: 00007f4e2df05f80 R15: 00007ffc93b04b78
[  193.071136][T10303]  </TASK>
[  193.140978][T10311] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bridge, syncid = 0, id = 0
[  193.468154][T10324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1521'.
[  194.005546][T10347] sit0: left allmulticast mode
[  194.032821][T10347] team0: left allmulticast mode
[  194.035703][T10351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1531'.
[  194.070934][T10347] team_slave_0: left allmulticast mode
[  194.085593][T10347] team_slave_1: left allmulticast mode
[  194.094779][T10347] team0: left promiscuous mode
[  194.099627][T10347] team_slave_0: left promiscuous mode
[  194.134459][T10347] team_slave_1: left promiscuous mode
[  194.151504][T10358] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1532'.
[  194.157708][T10347] bridge0: port 3(team0) entered disabled state
[  194.212338][T10347] bridge_slave_0: left allmulticast mode
[  194.236438][T10347] bridge_slave_0: left promiscuous mode
[  194.256521][T10347] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.300203][T10347] bridge_slave_1: left allmulticast mode
[  194.306424][T10347] bridge_slave_1: left promiscuous mode
[  194.317943][T10347] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.360789][T10347] bond0: (slave bond_slave_0): Releasing backup interface
[  194.382096][T10347] bond0: (slave bond_slave_1): Releasing backup interface
[  194.461092][T10347] team0: Port device team_slave_0 removed
[  194.501772][T10347] team0: Port device team_slave_1 removed
[  194.518628][T10347] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.537536][T10347] net_ratelimit: 13 callbacks suppressed
[  194.537558][T10347] batadv0: mtu less than device minimum
[  194.565153][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.577591][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.589990][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.602149][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.614574][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.624785][ T1260] ieee802154 phy0 wpan0: encryption failed: -22
[  194.633006][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.636303][ T1260] ieee802154 phy1 wpan1: encryption failed: -22
[  194.645097][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.661709][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.673899][T10347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (92)
[  194.773465][T10347] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.799644][T10347] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.838391][T10347] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.881470][T10347] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  194.919854][T10347] batman_adv: batadv0: Removing interface: virt_wifi0
[  194.985866][T10347] batman_adv: batadv0: Removing interface: gretap1
[  195.049151][T10354] 8021q: adding VLAN 0 to HW filter on device bond0
[  195.087352][T10354] team0: Port device bond0 added
[  195.274909][T10366] sch_tbf: burst 0 is lower than device team0 mtu (1514) !
[  196.120948][T10416] team0: Port device bond0 removed
[  196.479756][T10427] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1552'.
[  197.389690][T10442] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1555'.
[  197.457837][T10442] gretap0: entered promiscuous mode
[  197.561964][T10440] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1555'.
[  197.615380][T10440] 0ͺXΉ¦D: renamed from gretap0
[  197.657186][T10440] 0ͺXΉ¦D: left promiscuous mode
[  197.662099][T10440] 0ͺXΉ¦D: entered allmulticast mode
[  197.714678][T10455] netlink: 'syz.4.1560': attribute type 13 has an invalid length.
[  198.095665][T10482] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.421351][T10492] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  198.535554][T10510] sit0: entered allmulticast mode
[  198.577235][T10510] sit0: entered promiscuous mode
[  198.874490][T10523] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1573'.
[  199.224881][T10542] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1577'.
[  199.315030][T10547] --map-set only usable from mangle table
[  199.339278][T10549] netlink: 'syz.3.1577': attribute type 7 has an invalid length.
[  199.357552][T10549] netlink: 'syz.3.1577': attribute type 39 has an invalid length.
[  199.431761][T10542] bridge2: port 1(gretap2) entered blocking state
[  199.474211][T10542] bridge2: port 1(gretap2) entered disabled state
[  199.480967][T10542] gretap2: entered allmulticast mode
[  199.499044][T10542] gretap2: entered promiscuous mode
[  199.557196][T10549] netlink: 'syz.3.1577': attribute type 7 has an invalid length.
[  199.567338][T10542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1577'.
[  199.622269][T10542] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1577'.
[  199.652056][T10549] netlink: 'syz.3.1577': attribute type 39 has an invalid length.
[  199.752732][T10568] FAULT_INJECTION: forcing a failure.
[  199.752732][T10568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.826218][T10568] CPU: 1 UID: 0 PID: 10568 Comm: syz.1.1583 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  199.836684][T10568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  199.846763][T10568] Call Trace:
[  199.850060][T10568]  <TASK>
[  199.853015][T10568]  dump_stack_lvl+0x241/0x360
[  199.857714][T10568]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.862923][T10568]  ? __pfx__printk+0x10/0x10
[  199.867519][T10568]  ? snprintf+0xda/0x120
[  199.871761][T10568]  should_fail_ex+0x3b0/0x4e0
[  199.876445][T10568]  _copy_to_user+0x2f/0xb0
[  199.880861][T10568]  simple_read_from_buffer+0xca/0x150
[  199.886230][T10568]  proc_fail_nth_read+0x1e9/0x250
[  199.891250][T10568]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  199.896790][T10568]  ? rw_verify_area+0x520/0x6b0
[  199.901633][T10568]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  199.907174][T10568]  vfs_read+0x204/0xbc0
[  199.911326][T10568]  ? __pfx_lock_release+0x10/0x10
[  199.916366][T10568]  ? do_sock_setsockopt+0x3e2/0x720
[  199.921571][T10568]  ? __pfx_vfs_read+0x10/0x10
[  199.926245][T10568]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  199.931793][T10568]  ? __fget_files+0x29/0x470
[  199.936379][T10568]  ? __fget_files+0x3f6/0x470
[  199.941058][T10568]  ksys_read+0x1a0/0x2c0
[  199.945304][T10568]  ? __pfx_ksys_read+0x10/0x10
[  199.950064][T10568]  ? do_syscall_64+0x100/0x230
[  199.954915][T10568]  ? do_syscall_64+0xb6/0x230
[  199.959584][T10568]  do_syscall_64+0xf3/0x230
[  199.964081][T10568]  ? clear_bhb_loop+0x35/0x90
[  199.968755][T10568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.974679][T10568] RIP: 0033:0x7f4e2dd75d7c
[  199.979084][T10568] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  199.998680][T10568] RSP: 002b:00007f4e2eb46040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  200.007088][T10568] RAX: ffffffffffffffda RBX: 00007f4e2df06058 RCX: 00007f4e2dd75d7c
[  200.015053][T10568] RDX: 000000000000000f RSI: 00007f4e2eb460b0 RDI: 0000000000000008
[  200.023188][T10568] RBP: 00007f4e2eb460a0 R08: 0000000000000000 R09: 0000000000000000
[  200.031158][T10568] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001
[  200.039121][T10568] R13: 000000000000006e R14: 00007f4e2df06058 R15: 00007ffc93b04b78
[  200.047098][T10568]  </TASK>
[  200.136036][T10579] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1588'.
[  200.150490][T10579] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1588'.
[  200.201472][    C0] net_ratelimit: 12 callbacks suppressed
[  200.201492][    C0] eth0: bad gso: type: 1, size: 1408
[  200.415165][T10590] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1591'.
[  201.023348][T10613] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1596'.
[  201.123328][T10613] netlink: 'syz.3.1596': attribute type 10 has an invalid length.
[  201.179879][T10613] team0: Port device dummy0 added
[  201.202325][T10626] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1600'.
[  201.234576][T10626] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1600'.
[  202.012518][T10656] netlink: 'syz.0.1612': attribute type 10 has an invalid length.
[  202.089302][T10656] bridge0: port 1(dummy0) entered disabled state
[  202.136275][T10656] dummy0: left allmulticast mode
[  202.154253][T10656] dummy0: left promiscuous mode
[  202.184158][T10656] bridge0: port 1(dummy0) entered disabled state
[  202.261643][T10656] team0: Port device dummy0 added
[  202.287708][T10671] sit0: entered promiscuous mode
[  202.292998][T10671] netlink: 'syz.4.1617': attribute type 1 has an invalid length.
[  202.916440][T10710] team0: Port device bond0 removed
[  202.926607][T10710] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.935790][T10710] team0: Port device bond0 added
[  203.328195][T10730] sctp: [Deprecated]: syz.0.1638 (pid 10730) Use of int in max_burst socket option.
[  203.328195][T10730] Use struct sctp_assoc_value instead
[  203.584716][T10746] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  204.707472][T10780] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  204.746094][T10782] netlink: 'syz.0.1654': attribute type 1 has an invalid length.
[  204.824870][T10782] bond1: entered promiscuous mode
[  204.855139][T10790] __nla_validate_parse: 12 callbacks suppressed
[  204.855158][T10790] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1656'.
[  204.972258][T10800] netlink: 232 bytes leftover after parsing attributes in process `syz.4.1658'.
[  205.012407][T10800] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1658'.
[  205.145911][T10806] syz_tun: entered promiscuous mode
[  205.205562][T10806] batadv_slave_0: entered promiscuous mode
[  205.247041][T10806] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  205.265689][T10806] Cannot create hsr debugfs directory
[  205.273219][T10806] syz_tun: left promiscuous mode
[  205.300076][T10806] batadv_slave_0: left promiscuous mode
[  205.366298][T10810] netlink: 11 bytes leftover after parsing attributes in process `syz.3.1664'.
[  205.496851][T10826] sit0: left promiscuous mode
[  205.501603][T10826] sit0: entered allmulticast mode
[  205.591097][T10828] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1670'.
[  205.617803][T10829] sit0: entered promiscuous mode
[  205.783377][T10828] batadv_slave_1: mtu less than device minimum
[  205.808830][T10837] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1673'.
[  205.906311][T10838] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  205.991063][T10837] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  206.035571][T10845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1675'.
[  206.282452][T10862] netlink: 'syz.4.1678': attribute type 10 has an invalid length.
[  206.315721][T10862] batman_adv: batadv0: Adding interface: team0
[  206.321930][T10862] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  206.391252][T10862] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  206.432930][T10872] netlink: 'syz.4.1678': attribute type 10 has an invalid length.
[  206.484854][T10872] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1678'.
[  206.509219][T10872] team0: entered promiscuous mode
[  206.544544][T10872] bond0: entered promiscuous mode
[  206.562476][T10872] 8021q: adding VLAN 0 to HW filter on device team0
[  206.597446][T10871] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  206.598430][T10872] batman_adv: batadv0: Interface activated: team0
[  206.604600][T10871] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  206.604842][T10871] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  206.624215][T10871] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  206.630691][T10871] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  206.631126][T10872] batman_adv: batadv0: Interface deactivated: team0
[  206.637175][T10871] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  206.637309][T10871] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  206.637413][T10871] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  206.651431][T10872] batman_adv: batadv0: Removing interface: team0
[  206.706797][T10872] bridge0: port 1(team0) entered blocking state
[  206.713433][T10872] bridge0: port 1(team0) entered disabled state
[  206.722271][T10872] team0: entered allmulticast mode
[  206.733679][T10872] bond0: entered allmulticast mode
[  206.777767][T10874] syz_tun: entered promiscuous mode
[  206.805118][T10874] batadv_slave_0: entered promiscuous mode
[  206.812206][T10874] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  206.833319][T10874] Cannot create hsr debugfs directory
[  206.844572][T10874] syz_tun: left promiscuous mode
[  206.858991][T10874] batadv_slave_0: left promiscuous mode
[  206.920816][T10887] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1685'.
[  206.943240][T10890] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1687'.
[  206.961994][T10895] netlink: 'syz.4.1688': attribute type 10 has an invalid length.
[  207.691810][T10939] FAULT_INJECTION: forcing a failure.
[  207.691810][T10939] name failslab, interval 1, probability 0, space 0, times 0
[  207.736781][T10939] CPU: 1 UID: 0 PID: 10939 Comm: syz.2.1698 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  207.747250][T10939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  207.757328][T10939] Call Trace:
[  207.760633][T10939]  <TASK>
[  207.763572][T10939]  dump_stack_lvl+0x241/0x360
[  207.768266][T10939]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.773470][T10939]  ? __pfx__printk+0x10/0x10
[  207.778065][T10939]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  207.783518][T10939]  ? __pfx___might_resched+0x10/0x10
[  207.788801][T10939]  ? netlink_sendmsg+0x8e4/0xcb0
[  207.793736][T10939]  should_fail_ex+0x3b0/0x4e0
[  207.798418][T10939]  should_failslab+0xac/0x100
[  207.803102][T10939]  ? rtnl_newlink+0xf2/0x20a0
[  207.807784][T10939]  __kmalloc_cache_noprof+0x6c/0x2c0
[  207.813069][T10939]  rtnl_newlink+0xf2/0x20a0
[  207.817589][T10939]  ? __mutex_trylock_common+0x183/0x2e0
[  207.823124][T10939]  ? __pfx___might_resched+0x10/0x10
[  207.828406][T10939]  ? __pfx_rtnl_newlink+0x10/0x10
[  207.833426][T10939]  ? __pfx___mutex_trylock_common+0x10/0x10
[  207.839315][T10939]  ? rcu_is_watching+0x15/0xb0
[  207.844087][T10939]  ? trace_contention_end+0x3c/0x120
[  207.849374][T10939]  ? __mutex_lock+0x2ef/0xd70
[  207.854047][T10939]  ? rcu_read_unlock+0x87/0xa0
[  207.858801][T10939]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  207.863899][T10939]  ? __pfx_lock_release+0x10/0x10
[  207.868920][T10939]  ? __pfx___mutex_lock+0x10/0x10
[  207.873956][T10939]  ? __pfx_rtnl_newlink+0x10/0x10
[  207.878986][T10939]  rtnetlink_rcv_msg+0x73f/0xcf0
[  207.883915][T10939]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  207.889029][T10939]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  207.894492][T10939]  ? ref_tracker_free+0x643/0x7e0
[  207.899520][T10939]  netlink_rcv_skb+0x1e3/0x430
[  207.904286][T10939]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  207.909756][T10939]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  207.915062][T10939]  ? netlink_deliver_tap+0x2e/0x1b0
[  207.920257][T10939]  netlink_unicast+0x7f0/0x990
[  207.925022][T10939]  ? __pfx_netlink_unicast+0x10/0x10
[  207.930294][T10939]  ? __virt_addr_valid+0x183/0x530
[  207.935400][T10939]  ? __check_object_size+0x49c/0x900
[  207.940675][T10939]  ? bpf_lsm_netlink_send+0x9/0x10
[  207.945792][T10939]  netlink_sendmsg+0x8e4/0xcb0
[  207.950561][T10939]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.955842][T10939]  ? __import_iovec+0x536/0x820
[  207.960682][T10939]  ? aa_sock_msg_perm+0x91/0x160
[  207.965612][T10939]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  207.970891][T10939]  ? security_socket_sendmsg+0x87/0xb0
[  207.976348][T10939]  ? __pfx_netlink_sendmsg+0x10/0x10
[  207.981631][T10939]  __sock_sendmsg+0x221/0x270
[  207.986308][T10939]  ____sys_sendmsg+0x525/0x7d0
[  207.991087][T10939]  ? __pfx_____sys_sendmsg+0x10/0x10
[  207.996466][T10939]  __sys_sendmsg+0x2b0/0x3a0
[  208.001051][T10939]  ? __pfx___sys_sendmsg+0x10/0x10
[  208.006159][T10939]  ? vfs_write+0x7c4/0xc90
[  208.010609][T10939]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  208.016944][T10939]  ? do_syscall_64+0x100/0x230
[  208.021711][T10939]  ? do_syscall_64+0xb6/0x230
[  208.026387][T10939]  do_syscall_64+0xf3/0x230
[  208.030883][T10939]  ? clear_bhb_loop+0x35/0x90
[  208.035559][T10939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.041442][T10939] RIP: 0033:0x7fd243b77299
[  208.045853][T10939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.065452][T10939] RSP: 002b:00007fd2448d0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.073861][T10939] RAX: ffffffffffffffda RBX: 00007fd243d05f80 RCX: 00007fd243b77299
[  208.081834][T10939] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000006
[  208.089798][T10939] RBP: 00007fd2448d00a0 R08: 0000000000000000 R09: 0000000000000000
[  208.097759][T10939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.105719][T10939] R13: 000000000000000b R14: 00007fd243d05f80 R15: 00007ffde2f22578
[  208.113701][T10939]  </TASK>
[  208.217114][T10945] IPVS: length: 164 != 24
[  208.706165][T10971] netlink: 'syz.4.1711': attribute type 5 has an invalid length.
[  209.001878][T10985] IPVS: length: 164 != 24
[  209.278561][T10998] sit0: left allmulticast mode
[  209.400289][T10998] netlink: 'syz.0.1722': attribute type 1 has an invalid length.
[  209.639490][T11006] 0ͺXΉ¦D: entered promiscuous mode
[  209.668449][T11006] batadv_slave_0: entered promiscuous mode
[  209.682952][T11006] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  209.692544][T11006] Cannot create hsr debugfs directory
[  209.980605][T11021] __nla_validate_parse: 9 callbacks suppressed
[  209.980626][T11021] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1731'.
[  210.044604][T11016] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1727'.
[  210.898445][T11070] Bluetooth: hci3: invalid len left 7, exp >= 121
[  211.268799][T11087] vlan2: entered promiscuous mode
[  211.274378][T11087] bond0: entered promiscuous mode
[  211.330654][T11087] bond0: left promiscuous mode
[  211.772255][T11107] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1760'.
[  212.669774][T11129] netlink: 'syz.4.1768': attribute type 11 has an invalid length.
[  212.686483][ T5241] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  212.696904][ T5241] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  212.706056][ T5241] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  212.713211][T11129] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1768'.
[  212.725758][T11137] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1768'.
[  212.735985][ T5241] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  212.743101][T11137] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1768'.
[  212.754228][ T5241] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  212.765660][ T5241] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  212.768001][T11137] gretap0: entered promiscuous mode
[  212.790915][T11137] batadv_slave_0: entered promiscuous mode
[  212.800608][T11137] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  212.808757][T11137] Cannot create hsr debugfs directory
[  212.814540][T11137] hsr1: Slave A (gretap0) is not up; please bring it up to get a fully working HSR network
[  212.826440][T11137] hsr1: Slave B (batadv_slave_0) is not up; please bring it up to get a fully working HSR network
[  212.843190][T11133] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  212.850540][T11133] IPv6: NLM_F_CREATE should be set when creating new route
[  212.857858][T11133] IPv6: NLM_F_CREATE should be set when creating new route
[  212.879180][T11132] tipc: Enabled bearer <udp:syz2>, priority 10
[  213.047959][T11140] vlan3: entered promiscuous mode
[  213.076476][T11140] team0: entered promiscuous mode
[  213.102305][T11140] team0: left promiscuous mode
[  213.147001][T11148] netlink: 232 bytes leftover after parsing attributes in process `syz.3.1774'.
[  213.149679][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1772'.
[  213.161193][T11148] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1774'.
[  213.668214][T11167] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1780'.
[  213.884172][ T6262] tipc: Node number set to 2014796831
[  213.894876][T11131] chnl_net:caif_netlink_parms(): no params data found
[  214.067249][   T62] bridge_slave_1: left allmulticast mode
[  214.073317][   T62] bridge_slave_1: left promiscuous mode
[  214.084186][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.098934][   T62] bridge_slave_0: left allmulticast mode
[  214.104862][   T62] bridge_slave_0: left promiscuous mode
[  214.110555][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.427932][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.444309][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.458338][   T62] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  214.469736][   T62] bond0 (unregistering): Released all slaves
[  214.483781][T11180] dummy0: entered promiscuous mode
[  214.490083][T11180] vlan2: entered promiscuous mode
[  214.495248][T11180] team0: entered promiscuous mode
[  214.503071][T11180] team0: left promiscuous mode
[  214.508353][T11180] dummy0: left promiscuous mode
[  214.604374][   T62] tipc: Disabling bearer <udp:syz2>
[  214.612801][   T62] tipc: Left network mode
[  214.724081][T11187] netlink: 'syz.4.1789': attribute type 4 has an invalid length.
[  214.804339][ T5241] Bluetooth: hci4: command tx timeout
[  214.833829][T11185] sit0: left promiscuous mode
[  214.843012][T11185] sit0: entered allmulticast mode
[  214.883176][T11188] sit0: entered promiscuous mode
[  214.940931][T11131] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.949947][T11131] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.957528][T11131] bridge_slave_0: entered allmulticast mode
[  214.969621][T11131] bridge_slave_0: entered promiscuous mode
[  215.112263][T11193] net_ratelimit: 52 callbacks suppressed
[  215.112283][T11193] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  215.200639][T11131] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.218420][T11131] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.243045][T11131] bridge_slave_1: entered allmulticast mode
[  215.280731][T11131] bridge_slave_1: entered promiscuous mode
[  215.646762][T11131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.790859][   T62] hsr_slave_0: left promiscuous mode
[  215.798679][   T62] hsr_slave_1: left promiscuous mode
[  215.808085][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  215.824457][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.322750][T11263] __nla_validate_parse: 2 callbacks suppressed
[  216.322904][T11263] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1804'.
[  216.544902][   T62] team0 (unregistering): Port device team_slave_1 removed
[  216.592480][   T62] team0 (unregistering): Port device team_slave_0 removed
[  216.887660][ T5241] Bluetooth: hci4: command tx timeout
[  216.915543][T11131] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.001640][T11270] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave
[  217.030616][T11270] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  217.188078][T11131] team0: Port device team_slave_0 added
[  217.260240][T11131] team0: Port device team_slave_1 added
[  217.476866][T11289] vlan3: entered promiscuous mode
[  217.488127][T11289] team0: entered promiscuous mode
[  217.530148][T11289] team0: left promiscuous mode
[  217.614907][T11131] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.622046][T11131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.649231][T11131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.675584][T11131] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.692661][T11131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.730361][T11131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.757449][T11300] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1815'.
[  217.784590][T11300] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1815'.
[  218.173096][T11131] hsr_slave_0: entered promiscuous mode
[  218.221429][T11131] hsr_slave_1: entered promiscuous mode
[  218.314847][T11325] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1820'.
[  218.969663][ T5241] Bluetooth: hci4: command tx timeout
[  219.133286][T11354] vlan2: entered promiscuous mode
[  219.151391][T11354] bond0: entered promiscuous mode
[  219.176492][T11354] bond0: left promiscuous mode
[  219.235580][T11356] netlink: 'syz.0.1827': attribute type 10 has an invalid length.
[  219.259207][T11356] batman_adv: batadv0: Adding interface: team0
[  219.324620][T11356] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  219.377788][T11356] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  219.422960][T11357] netlink: 'syz.0.1827': attribute type 10 has an invalid length.
[  219.441348][T11357] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1827'.
[  219.481126][T11357] team0: entered promiscuous mode
[  219.494264][T11357] bond0: entered promiscuous mode
[  219.504524][T11357] dummy0: entered promiscuous mode
[  219.512797][T11363] FAULT_INJECTION: forcing a failure.
[  219.512797][T11363] name failslab, interval 1, probability 0, space 0, times 0
[  219.522229][T11357] 8021q: adding VLAN 0 to HW filter on device team0
[  219.534744][T11357] batman_adv: batadv0: Interface activated: team0
[  219.546456][T11363] CPU: 0 UID: 0 PID: 11363 Comm: syz.3.1829 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  219.556909][T11363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  219.566965][T11363] Call Trace:
[  219.570244][T11363]  <TASK>
[  219.573171][T11363]  dump_stack_lvl+0x241/0x360
[  219.577852][T11363]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.583051][T11363]  ? __pfx__printk+0x10/0x10
[  219.587641][T11363]  ? ref_tracker_alloc+0x332/0x490
[  219.592751][T11363]  should_fail_ex+0x3b0/0x4e0
[  219.597430][T11363]  ? skb_clone+0x20c/0x390
[  219.601842][T11363]  should_failslab+0xac/0x100
[  219.606520][T11363]  ? skb_clone+0x20c/0x390
[  219.610977][T11363]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  219.616350][T11363]  skb_clone+0x20c/0x390
[  219.620601][T11363]  __netlink_deliver_tap+0x3cc/0x7c0
[  219.625892][T11363]  ? netlink_deliver_tap+0x2e/0x1b0
[  219.631086][T11363]  netlink_deliver_tap+0x19d/0x1b0
[  219.636230][T11363]  netlink_unicast+0x7be/0x990
[  219.641014][T11363]  ? __pfx_netlink_unicast+0x10/0x10
[  219.646301][T11363]  ? __virt_addr_valid+0x183/0x530
[  219.651421][T11363]  ? __check_object_size+0x49c/0x900
[  219.656706][T11363]  ? bpf_lsm_netlink_send+0x9/0x10
[  219.661910][T11363]  netlink_sendmsg+0x8e4/0xcb0
[  219.666684][T11363]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.671961][T11363]  ? arch_stack_walk+0x16d/0x1b0
[  219.676891][T11363]  ? aa_sock_msg_perm+0x91/0x160
[  219.681829][T11363]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  219.687112][T11363]  ? security_socket_sendmsg+0x87/0xb0
[  219.692573][T11363]  ? __pfx_netlink_sendmsg+0x10/0x10
[  219.697855][T11363]  __sock_sendmsg+0x221/0x270
[  219.702555][T11363]  sock_sendmsg+0x134/0x200
[  219.707086][T11363]  ? __pfx_sock_sendmsg+0x10/0x10
[  219.712132][T11363]  ? splice_direct_to_actor+0x502/0xc90
[  219.717696][T11363]  ? do_splice_direct+0x28c/0x3e0
[  219.722729][T11363]  ? do_sendfile+0x56d/0xe20
[  219.727315][T11363]  ? __se_sys_sendfile64+0x17c/0x1e0
[  219.732644][T11363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.738732][T11363]  ? iov_iter_bvec+0x4e/0x180
[  219.743416][T11363]  splice_to_socket+0xa13/0x10b0
[  219.748373][T11363]  ? __pfx_splice_to_socket+0x10/0x10
[  219.753785][T11363]  ? __pfx_splice_to_socket+0x10/0x10
[  219.759159][T11363]  direct_splice_actor+0x11e/0x220
[  219.764272][T11363]  splice_direct_to_actor+0x58e/0xc90
[  219.769653][T11363]  ? __pfx_direct_splice_actor+0x10/0x10
[  219.775282][T11363]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  219.781257][T11363]  ? __fget_files+0x29/0x470
[  219.785852][T11363]  ? __pfx_lock_release+0x10/0x10
[  219.790889][T11363]  do_splice_direct+0x28c/0x3e0
[  219.795742][T11363]  ? __pfx_do_splice_direct+0x10/0x10
[  219.801112][T11363]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  219.807008][T11363]  ? security_file_permission+0x7f/0xa0
[  219.812565][T11363]  ? rw_verify_area+0x1d2/0x6b0
[  219.817419][T11363]  do_sendfile+0x56d/0xe20
[  219.821839][T11363]  ? __pfx_do_sendfile+0x10/0x10
[  219.826769][T11363]  ? bpf_trace_run2+0x1fc/0x540
[  219.831612][T11363]  ? bpf_trace_run2+0x36e/0x540
[  219.836471][T11363]  __se_sys_sendfile64+0x17c/0x1e0
[  219.841585][T11363]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  219.847229][T11363]  ? rcu_is_watching+0x15/0xb0
[  219.851988][T11363]  ? trace_sys_enter+0x1f/0xd0
[  219.856834][T11363]  do_syscall_64+0xf3/0x230
[  219.861334][T11363]  ? clear_bhb_loop+0x35/0x90
[  219.866010][T11363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.871894][T11363] RIP: 0033:0x7fcce1977299
[  219.876302][T11363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.895913][T11363] RSP: 002b:00007fcce276c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  219.904329][T11363] RAX: ffffffffffffffda RBX: 00007fcce1b05f80 RCX: 00007fcce1977299
[  219.912297][T11363] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000d
[  219.920262][T11363] RBP: 00007fcce276c0a0 R08: 0000000000000000 R09: 0000000000000000
[  219.928235][T11363] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002
[  219.936206][T11363] R13: 000000000000000b R14: 00007fcce1b05f80 R15: 00007ffd0654e438
[  219.944185][T11363]  </TASK>
[  220.005263][T11357] batman_adv: batadv0: Interface deactivated: team0
[  220.038153][T11357] batman_adv: batadv0: Removing interface: team0
[  220.063044][T11357] bridge0: port 1(team0) entered blocking state
[  220.073553][T11357] bridge0: port 1(team0) entered disabled state
[  220.085985][T11357] team0: entered allmulticast mode
[  220.104305][T11357] bond0: entered allmulticast mode
[  220.109558][T11357] dummy0: entered allmulticast mode
[  220.121574][T11357] bridge0: port 1(team0) entered blocking state
[  220.128032][T11357] bridge0: port 1(team0) entered forwarding state
[  220.307310][T11378] netlink: 'syz.3.1831': attribute type 1 has an invalid length.
[  220.326320][T11378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1831'.
[  220.590865][T11375] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1831'.
[  220.628043][T11378] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1831'.
[  220.663144][T11397] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1831'.
[  220.884379][T11410] bond0: left promiscuous mode
[  220.901915][T11410] bond0: left allmulticast mode
[  220.935901][T11410] team0: Port device bond0 removed
[  220.956685][T11410] team0: left allmulticast mode
[  220.982317][T11410] bridge0: port 1(team0) entered disabled state
[  221.016079][T11413] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.044818][ T5241] Bluetooth: hci4: command tx timeout
[  221.087935][T11413] bond0: entered promiscuous mode
[  221.128222][T11413] team0: Port device bond0 added
[  221.136568][T11131] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  221.170205][T11131] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  221.200126][T11131] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  221.235356][T11131] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  221.567266][T11131] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.623408][T11131] 8021q: adding VLAN 0 to HW filter on device team0
[  221.677340][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.684626][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.704724][T11432] FAULT_INJECTION: forcing a failure.
[  221.704724][T11432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.728321][T11434] Bluetooth: hci3: unsupported parameter 28
[  221.751525][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.758752][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.764182][T11432] CPU: 1 UID: 0 PID: 11432 Comm: syz.0.1844 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  221.774941][T11434] Bluetooth: hci3: unsupported parameter 28
[  221.776332][T11432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  221.792304][T11432] Call Trace:
[  221.795607][T11432]  <TASK>
[  221.798567][T11432]  dump_stack_lvl+0x241/0x360
[  221.803280][T11432]  ? __pfx_dump_stack_lvl+0x10/0x10
[  221.808513][T11432]  ? __pfx__printk+0x10/0x10
[  221.813124][T11432]  ? __pfx_lock_release+0x10/0x10
[  221.818173][T11432]  ? vfs_write+0x7c4/0xc90
[  221.822618][T11432]  should_fail_ex+0x3b0/0x4e0
[  221.827330][T11432]  _copy_from_user+0x2f/0xe0
[  221.832205][T11432]  __sys_bpf+0x1a4/0x810
[  221.836473][T11432]  ? __pfx___sys_bpf+0x10/0x10
[  221.841271][T11432]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  221.847278][T11432]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  221.853635][T11432]  ? do_syscall_64+0x100/0x230
[  221.858426][T11432]  __x64_sys_bpf+0x7c/0x90
[  221.862864][T11432]  do_syscall_64+0xf3/0x230
[  221.867392][T11432]  ? clear_bhb_loop+0x35/0x90
[  221.872100][T11432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.878013][T11432] RIP: 0033:0x7ff9cd177299
[  221.882448][T11432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.902083][T11432] RSP: 002b:00007ff9cdf3d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  221.910535][T11432] RAX: ffffffffffffffda RBX: 00007ff9cd305f80 RCX: 00007ff9cd177299
[  221.918537][T11432] RDX: 0000000000000090 RSI: 0000000020002c80 RDI: 0000000000000005
[  221.926632][T11432] RBP: 00007ff9cdf3d0a0 R08: 0000000000000000 R09: 0000000000000000
[  221.934634][T11432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.942631][T11432] R13: 000000000000000b R14: 00007ff9cd305f80 R15: 00007ffc14e0f868
[  221.950655][T11432]  </TASK>
[  222.258469][T11454] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1850'.
[  222.493505][T11131] 8021q: adding VLAN 0 to HW filter on device batadv0
[  222.669536][T11467] tipc: Started in network mode
[  222.679664][T11467] tipc: Node identity ac1414aa, cluster identity 4711
[  222.697734][T11467] tipc: Enabled bearer <udp:syz2>, priority 10
[  222.791410][T11131] veth0_vlan: entered promiscuous mode
[  222.893220][T11131] veth1_vlan: entered promiscuous mode
[  223.002219][T11131] veth0_macvtap: entered promiscuous mode
[  223.042419][T11131] veth1_macvtap: entered promiscuous mode
[  223.124778][ T5241] Bluetooth: hci4: command tx timeout
[  223.163310][T11488] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1855'.
[  223.174115][T11131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.222894][T11131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.267959][T11131] batman_adv: batadv0: Interface activated: batadv_slave_0
[  223.295369][T11131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.315081][T11131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.356115][T11131] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.384470][T11131] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.435025][T11131] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.444349][T11131] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.453080][T11131] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.816157][ T6224] tipc: Node number set to 2886997162
[  224.119483][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.150838][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.227851][T11523] netlink: 'syz.4.1867': attribute type 10 has an invalid length.
[  224.243172][T11523] team0: left promiscuous mode
[  224.248636][T11523] bond0: left promiscuous mode
[  224.265696][T11523] batman_adv: batadv0: Adding interface: team0
[  224.271991][T11523] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  224.287860][T11526] netlink: 'syz.4.1867': attribute type 10 has an invalid length.
[  224.303563][T11526] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1867'.
[  224.322712][T11526] team0: entered promiscuous mode
[  224.330487][T11526] bond0: entered promiscuous mode
[  224.346131][T11526] 8021q: adding VLAN 0 to HW filter on device team0
[  224.353195][T11526] batman_adv: batadv0: Interface activated: team0
[  224.369478][T11526] batman_adv: batadv0: Interface deactivated: team0
[  224.380529][T11526] batman_adv: batadv0: Removing interface: team0
[  224.398844][T11526] bridge0: port 1(team0) entered blocking state
[  224.412236][T11526] bridge0: port 1(team0) entered disabled state
[  224.422585][T11526] team0: entered allmulticast mode
[  224.432354][T11526] bond0: entered allmulticast mode
[  224.449519][ T1291] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.477328][ T1291] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.677212][T11537] netlink: 480 bytes leftover after parsing attributes in process `syz.1.1761'.
[  224.694289][T11536] netlink: 202920 bytes leftover after parsing attributes in process `syz.4.1870'.
[  225.015251][T11545] syzkaller0: entered allmulticast mode
[  225.025470][T11545] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1872'.
[  225.039007][T11545] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1872'.
[  225.055653][T11545] syzkaller0: left allmulticast mode
[  225.699884][T11562] netlink: 'syz.3.1879': attribute type 10 has an invalid length.
[  225.740315][T11562] batman_adv: batadv0: Adding interface: team0
[  225.749352][T11562] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  225.797954][T11568] openvswitch: netlink: Key 3 has unexpected len 2 expected 4
[  225.822073][T11569] xt_TCPMSS: Only works on TCP SYN packets
[  227.542194][T11567] netlink: 'syz.3.1879': attribute type 10 has an invalid length.
[  227.550385][T11567] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1879'.
[  227.559570][T11567] team0: entered promiscuous mode
[  227.568263][T11567] dummy0: entered promiscuous mode
[  227.577911][T11567] 8021q: adding VLAN 0 to HW filter on device team0
[  227.585273][T11567] batman_adv: batadv0: Interface activated: team0
[  227.591951][T11567] batman_adv: batadv0: Interface deactivated: team0
[  227.598995][T11567] batman_adv: batadv0: Removing interface: team0
[  227.612802][T11567] bridge0: port 1(team0) entered blocking state
[  227.621914][T11567] bridge0: port 1(team0) entered disabled state
[  227.629595][T11567] team0: entered allmulticast mode
[  227.635298][T11567] dummy0: entered allmulticast mode
[  227.643361][T11567] bridge0: port 1(team0) entered blocking state
[  227.649755][T11567] bridge0: port 1(team0) entered forwarding state
[  227.784466][    C0] eth0: bad gso: type: 1, size: 1408
[  229.164504][T11628] netlink: 'syz.0.1896': attribute type 10 has an invalid length.
[  229.220610][T11628] bridge0: port 1(team0) entered disabled state
[  229.245920][T11628] team0: left allmulticast mode
[  229.251066][T11628] bond0: left allmulticast mode
[  229.260859][T11634] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1898'.
[  229.275819][T11628] dummy0: left allmulticast mode
[  229.280825][T11628] team0: left promiscuous mode
[  229.297485][T11628] bond0: left promiscuous mode
[  229.302470][T11628] dummy0: left promiscuous mode
[  229.335537][T11628] bridge0: port 1(team0) entered disabled state
[  229.377427][T11628] batman_adv: batadv0: Adding interface: team0
[  229.396159][T11628] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  229.484378][T11631] netlink: 'syz.0.1896': attribute type 10 has an invalid length.
[  229.520033][T11631] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1896'.
[  229.558933][T11631] team0: entered promiscuous mode
[  229.577494][T11631] bond0: entered promiscuous mode
[  229.616941][T11631] dummy0: entered promiscuous mode
[  229.635991][T11631] 8021q: adding VLAN 0 to HW filter on device team0
[  229.688510][T11631] batman_adv: batadv0: Interface activated: team0
[  229.701095][T11631] batman_adv: batadv0: Interface deactivated: team0
[  229.709316][T11631] batman_adv: batadv0: Removing interface: team0
[  229.719396][T11631] bridge0: port 1(team0) entered blocking state
[  229.735648][T11631] bridge0: port 1(team0) entered disabled state
[  229.751499][T11631] team0: entered allmulticast mode
[  229.774056][T11631] bond0: entered allmulticast mode
[  229.798003][T11631] dummy0: entered allmulticast mode
[  229.831062][T11631] bridge0: port 1(team0) entered blocking state
[  229.837547][T11631] bridge0: port 1(team0) entered forwarding state
[  230.150291][T11654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1906'.
[  230.253418][T11657] xt_TCPMSS: Only works on TCP SYN packets
[  230.274498][T11657] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  230.699172][T11672] team0: left allmulticast mode
[  230.729954][T11672] dummy0: left allmulticast mode
[  230.755509][T11672] bridge0: port 1(team0) entered disabled state
[  230.778946][T11672] dummy0: left promiscuous mode
[  230.786320][T11676] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1915'.
[  230.859419][T11672] team0: Port device dummy0 removed
[  230.894972][T11686] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1918'.
[  230.912148][T11672] gretap2: left allmulticast mode
[  230.929584][T11689] openvswitch: netlink: Key 3 has unexpected len 2 expected 4
[  230.930375][T11672] gretap2: left promiscuous mode
[  230.959025][T11672] bridge2: port 1(gretap2) entered disabled state
[  230.980261][T11678] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.990387][T11678] bond0: entered promiscuous mode
[  230.996434][T11678] team0: Port device bond0 added
[  231.398414][T11706] FAULT_INJECTION: forcing a failure.
[  231.398414][T11706] name failslab, interval 1, probability 0, space 0, times 0
[  231.420889][T11706] CPU: 1 UID: 0 PID: 11706 Comm: syz.0.1923 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  231.431356][T11706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  231.441430][T11706] Call Trace:
[  231.444729][T11706]  <TASK>
[  231.447676][T11706]  dump_stack_lvl+0x241/0x360
[  231.452399][T11706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.457623][T11706]  ? __pfx__printk+0x10/0x10
[  231.462237][T11706]  ? __kmalloc_cache_node_noprof+0x4c/0x300
[  231.468153][T11706]  ? __pfx___might_resched+0x10/0x10
[  231.473465][T11706]  should_fail_ex+0x3b0/0x4e0
[  231.478176][T11706]  should_failslab+0xac/0x100
[  231.482866][T11706]  __kmalloc_cache_node_noprof+0x74/0x300
[  231.488607][T11706]  ? __get_vm_area_node+0x113/0x270
[  231.493824][T11706]  __get_vm_area_node+0x113/0x270
[  231.498861][T11706]  __vmalloc_node_range_noprof+0x3bc/0x1460
[  231.504755][T11706]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.510302][T11706]  ? mark_lock+0x9a/0x350
[  231.514646][T11706]  ? aa_get_newest_label+0xff/0x6f0
[  231.519846][T11706]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  231.526179][T11706]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.531718][T11706]  __vmalloc_noprof+0x79/0x90
[  231.536390][T11706]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.541943][T11706]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.547394][T11706]  ? bpf_prog_alloc+0x28/0x1b0
[  231.552159][T11706]  bpf_prog_alloc+0x3a/0x1b0
[  231.556748][T11706]  bpf_prog_load+0x7f7/0x20f0
[  231.561435][T11706]  ? __pfx_bpf_prog_load+0x10/0x10
[  231.566543][T11706]  ? __pfx___might_resched+0x10/0x10
[  231.571835][T11706]  ? __might_fault+0xc6/0x120
[  231.576513][T11706]  ? bpf_lsm_bpf+0x9/0x10
[  231.580834][T11706]  ? security_bpf+0x87/0xb0
[  231.585329][T11706]  __sys_bpf+0x4ee/0x810
[  231.589569][T11706]  ? __pfx___sys_bpf+0x10/0x10
[  231.594335][T11706]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  231.600310][T11706]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  231.606651][T11706]  ? do_syscall_64+0x100/0x230
[  231.611452][T11706]  __x64_sys_bpf+0x7c/0x90
[  231.615884][T11706]  do_syscall_64+0xf3/0x230
[  231.620395][T11706]  ? clear_bhb_loop+0x35/0x90
[  231.625075][T11706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.630968][T11706] RIP: 0033:0x7ff9cd177299
[  231.635378][T11706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.654996][T11706] RSP: 002b:00007ff9cdf3d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  231.663431][T11706] RAX: ffffffffffffffda RBX: 00007ff9cd305f80 RCX: 00007ff9cd177299
[  231.671422][T11706] RDX: 0000000000000090 RSI: 0000000020002c80 RDI: 0000000000000005
[  231.679397][T11706] RBP: 00007ff9cdf3d0a0 R08: 0000000000000000 R09: 0000000000000000
[  231.687367][T11706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.695332][T11706] R13: 000000000000000b R14: 00007ff9cd305f80 R15: 00007ffc14e0f868
[  231.703312][T11706]  </TASK>
[  231.740287][T11706] syz.0.1923: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  231.759678][T11706] CPU: 1 UID: 0 PID: 11706 Comm: syz.0.1923 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  231.770230][T11706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  231.780312][T11706] Call Trace:
[  231.783609][T11706]  <TASK>
[  231.786560][T11706]  dump_stack_lvl+0x241/0x360
[  231.791260][T11706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.796479][T11706]  ? __pfx__printk+0x10/0x10
[  231.801099][T11706]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  231.807535][T11706]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  231.814064][T11706]  warn_alloc+0x278/0x410
[  231.818426][T11706]  ? __pfx_warn_alloc+0x10/0x10
[  231.823297][T11706]  ? __get_vm_area_node+0x113/0x270
[  231.828523][T11706]  ? __get_vm_area_node+0x261/0x270
[  231.833754][T11706]  __vmalloc_node_range_noprof+0x3e0/0x1460
[  231.839666][T11706]  ? mark_lock+0x9a/0x350
[  231.844028][T11706]  ? aa_get_newest_label+0xff/0x6f0
[  231.849250][T11706]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  231.855604][T11706]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.861167][T11706]  __vmalloc_noprof+0x79/0x90
[  231.865857][T11706]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.871411][T11706]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.876781][T11706]  ? bpf_prog_alloc+0x28/0x1b0
[  231.881543][T11706]  bpf_prog_alloc+0x3a/0x1b0
[  231.886131][T11706]  bpf_prog_load+0x7f7/0x20f0
[  231.890822][T11706]  ? __pfx_bpf_prog_load+0x10/0x10
[  231.895931][T11706]  ? __pfx___might_resched+0x10/0x10
[  231.901326][T11706]  ? __might_fault+0xc6/0x120
[  231.906004][T11706]  ? bpf_lsm_bpf+0x9/0x10
[  231.910326][T11706]  ? security_bpf+0x87/0xb0
[  231.914827][T11706]  __sys_bpf+0x4ee/0x810
[  231.919067][T11706]  ? __pfx___sys_bpf+0x10/0x10
[  231.923853][T11706]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  231.929863][T11706]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  231.936213][T11706]  ? do_syscall_64+0x100/0x230
[  231.941072][T11706]  __x64_sys_bpf+0x7c/0x90
[  231.945486][T11706]  do_syscall_64+0xf3/0x230
[  231.949990][T11706]  ? clear_bhb_loop+0x35/0x90
[  231.954673][T11706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.960560][T11706] RIP: 0033:0x7ff9cd177299
[  231.964968][T11706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.984576][T11706] RSP: 002b:00007ff9cdf3d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  231.992989][T11706] RAX: ffffffffffffffda RBX: 00007ff9cd305f80 RCX: 00007ff9cd177299
[  232.000954][T11706] RDX: 0000000000000090 RSI: 0000000020002c80 RDI: 0000000000000005
[  232.008926][T11706] RBP: 00007ff9cdf3d0a0 R08: 0000000000000000 R09: 0000000000000000
[  232.017092][T11706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.025056][T11706] R13: 000000000000000b R14: 00007ff9cd305f80 R15: 00007ffc14e0f868
[  232.033033][T11706]  </TASK>
[  232.042838][T11706] Mem-Info:
[  232.046132][T11706] active_anon:4820 inactive_anon:0 isolated_anon:0
[  232.046132][T11706]  active_file:1879 inactive_file:38211 isolated_file:0
[  232.046132][T11706]  unevictable:768 dirty:217 writeback:0
[  232.046132][T11706]  slab_reclaimable:9005 slab_unreclaimable:101085
[  232.046132][T11706]  mapped:21335 shmem:1255 pagetables:771
[  232.046132][T11706]  sec_pagetables:0 bounce:0
[  232.046132][T11706]  kernel_misc_reclaimable:0
[  232.046132][T11706]  free:1387292 free_pcp:827 free_cma:0
[  232.124010][T11706] Node 0 active_anon:16780kB inactive_anon:0kB active_file:7516kB inactive_file:152760kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:85340kB dirty:868kB writeback:0kB shmem:3484kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11196kB pagetables:2984kB sec_pagetables:0kB all_unreclaimable? no
[  232.218260][T11715] bond_slave_0: entered promiscuous mode
[  232.224061][T11715] bond_slave_1: entered promiscuous mode
[  232.254931][T11706] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:84kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  232.296754][T11717] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1928'.
[  232.305214][T11715] bond0: entered promiscuous mode
[  232.328223][T11706] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  232.429644][T11706] lowmem_reserve[]: 0 2563 2565 0 0
[  232.450923][T11706] Node 0 DMA32 free:1589640kB boost:0kB min:35036kB low:43792kB high:52548kB reserved_highatomic:0KB active_anon:16596kB inactive_anon:0kB active_file:7516kB inactive_file:151184kB unevictable:1536kB writepending:868kB present:3129332kB managed:2653304kB mlocked:0kB bounce:0kB free_pcp:2064kB local_pcp:1004kB free_cma:0kB
[  232.554241][T11706] lowmem_reserve[]: 0 0 1 0 0
[  232.559064][T11706] Node 0 Normal free:8kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1576kB unevictable:0kB writepending:0kB present:1048576kB managed:1640kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  232.603683][T11706] lowmem_reserve[]: 0 0 0 0 0
[  232.629665][T11706] Node 1 Normal free:3949604kB boost:0kB min:54844kB low:68552kB high:82260kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:84kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  232.678809][T11706] lowmem_reserve[]: 0 0 0 0 0
[  232.700355][T11706] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  232.744301][T11706] Node 0 DMA32: 379*4kB (UME) 416*8kB (UME) 213*16kB (UME) 283*32kB (UME) 90*64kB (UME) 44*128kB (UM) 65*256kB (UME) 24*512kB (UM) 19*1024kB (UM) 3*2048kB (UM) 368*4096kB (UM) = 1590556kB
[  232.783009][T11706] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  232.796893][T11706] Node 1 Normal: 3*4kB (UM) 3*8kB (UM) 8*16kB (UM) 10*32kB (UM) 3*64kB (U) 7*128kB (U) 4*256kB (UM) 5*512kB (UM) 4*1024kB (U) 2*2048kB (U) 961*4096kB (M) = 3949604kB
[  232.846071][T11706] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  232.856776][T11706] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  232.866352][T11706] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  232.876367][T11706] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  232.886078][T11706] 41345 total pagecache pages
[  232.891806][T11706] 0 pages in swap cache
[  232.896252][T11706] Free swap  = 124996kB
[  232.900558][T11706] Total swap = 124996kB
[  232.905941][T11715] bond0 (unregistering): left promiscuous mode
[  232.907245][T11706] 2097051 pages RAM
[  232.912429][T11715] bond_slave_0: left promiscuous mode
[  232.916241][T11706] 0 pages HighMem/MovableOnly
[  232.926601][T11706] 402195 pages reserved
[  232.929279][T11715] bond_slave_1: left promiscuous mode
[  232.930880][T11706] 0 pages cma reserved
[  232.941131][T11715] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  232.971704][T11715] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  232.998529][T11715] bond0 (unregistering): Released all slaves
[  233.015740][T11724] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  233.023693][T11732] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1932'.
[  233.031327][T11735] netlink: 'syz.3.1932': attribute type 1 has an invalid length.
[  233.062944][T11735] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.1932'.
[  233.207203][T11748] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1936'.
[  233.597294][T11765] x_tables: ip_tables: CONNMARK.1 target: invalid size 16 (kernel) != (user) 0
[  233.651057][T11762] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1942'.
[  233.669524][T11763] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1942'.
[  234.157390][T11775] netlink: 480 bytes leftover after parsing attributes in process `syz.4.1946'.
[  234.283149][T11777] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1947'.
[  234.472907][T11789] sit0: left promiscuous mode
[  234.614897][T11794] sit0: entered promiscuous mode
[  234.779217][T11800] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1952'.
[  234.816289][T11800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1952'.
[  235.110382][T11820] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1959'.
[  236.204534][T11870] team0: Port device bond0 removed
[  236.281662][T11876] netlink: 'syz.0.1981': attribute type 10 has an invalid length.
[  236.311120][T11879] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.390540][T11879] team0: Port device bond0 added
[  236.966270][T11922] netlink: 'syz.3.1997': attribute type 10 has an invalid length.
[  237.001985][T11922] bridge0: port 1(team0) entered blocking state
[  237.025995][T11922] bridge0: port 1(team0) entered disabled state
[  237.045771][T11922] team0: entered allmulticast mode
[  237.062668][T11922] bond0: entered allmulticast mode
[  237.085341][T11922] bridge0: port 1(team0) entered blocking state
[  237.091786][T11922] bridge0: port 1(team0) entered forwarding state
[  237.102894][T11928] netlink: 'syz.4.2000': attribute type 33 has an invalid length.
[  238.228783][T11990] netlink: 'syz.1.2025': attribute type 10 has an invalid length.
[  238.343571][T11993] __nla_validate_parse: 17 callbacks suppressed
[  238.343591][T11993] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2027'.
[  238.363471][T11997] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2028'.
[  238.401925][T11986] netlink: 296 bytes leftover after parsing attributes in process `syz.3.2024'.
[  238.660762][T12011] xt_bpf: check failed: parse error
[  238.822348][T12016] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  239.138788][T12030] netlink: 'syz.0.2034': attribute type 1 has an invalid length.
[  239.159537][T12030] netlink: 9328 bytes leftover after parsing attributes in process `syz.0.2034'.
[  239.175994][T12030] netlink: 'syz.0.2034': attribute type 1 has an invalid length.
[  240.424468][T12047] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2041'.
[  240.622349][T12059] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2044'.
[  240.632537][T12040] netlink: 31 bytes leftover after parsing attributes in process `syz.3.2038'.
[  240.685102][T12061] xt_ecn: cannot match TCP bits for non-tcp packets
[  240.927222][T12073] delete_channel: no stack
[  241.075423][T12078] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2050'.
[  241.371612][T12092] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  241.408392][T12092] mac80211_hwsim hwsim11 wlan1: left promiscuous mode
[  241.553515][T12102] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2058'.
[  241.605142][T12102] macvlan2: entered promiscuous mode
[  241.627026][T12102] vlan1: entered promiscuous mode
[  241.648204][T12102] macvlan2: entered allmulticast mode
[  241.653633][T12102] vlan1: entered allmulticast mode
[  241.662654][T12109] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2060'.
[  241.691638][T12102] veth0_vlan: entered allmulticast mode
[  241.764979][T12102] vlan1: left allmulticast mode
[  241.769891][T12102] veth0_vlan: left allmulticast mode
[  241.784690][T12102] vlan1: left promiscuous mode
[  241.852300][T12110] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  241.940923][T12123] netlink: 'syz.1.2064': attribute type 10 has an invalid length.
[  242.037749][T12120] netlink: 'syz.1.2064': attribute type 10 has an invalid length.
[  242.069064][T12120] bridge0: port 3(team0) entered blocking state
[  242.101924][T12120] bridge0: port 3(team0) entered disabled state
[  242.118348][T12120] team0: entered allmulticast mode
[  242.131287][T12120] team_slave_0: entered allmulticast mode
[  242.148702][T12120] team_slave_1: entered allmulticast mode
[  242.160367][T12120] team0: entered promiscuous mode
[  242.166961][T12120] team_slave_0: entered promiscuous mode
[  242.176079][T12120] team_slave_1: entered promiscuous mode
[  242.240741][T12137] bond0: left promiscuous mode
[  242.285806][T12137] bond0: left allmulticast mode
[  242.325289][T12137] team0: Port device bond0 removed
[  242.340943][T12137] team0: left allmulticast mode
[  242.356513][T12137] dummy0: left allmulticast mode
[  242.368829][T12137] bridge0: port 1(team0) entered disabled state
[  242.393540][T12137] dummy0: left promiscuous mode
[  242.456965][T12137] team0: Port device dummy0 removed
[  242.531915][T12143] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.564507][T12143] bond0: entered promiscuous mode
[  242.577523][T12143] team0: Port device bond0 added
[  243.398996][T12200] __nla_validate_parse: 4 callbacks suppressed
[  243.399015][T12200] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2090'.
[  243.412101][T12196] syzkaller1: entered promiscuous mode
[  243.429182][T12196] syzkaller1: entered allmulticast mode
[  243.456220][T12202] sctp: [Deprecated]: syz.0.2091 (pid 12202) Use of struct sctp_assoc_value in delayed_ack socket option.
[  243.456220][T12202] Use struct sctp_sack_info instead
[  243.475464][T12196] xt_connbytes: Forcing CT accounting to be enabled
[  243.502797][T12196] xt_NFQUEUE: number of total queues is 0
[  243.611328][T12208] netlink: 'syz.0.2094': attribute type 1 has an invalid length.
[  243.620246][T12205] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2092'.
[  243.629466][T12205] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2092'.
[  243.644338][T12208] netlink: 9232 bytes leftover after parsing attributes in process `syz.0.2094'.
[  243.658937][T12208] netlink: 'syz.0.2094': attribute type 1 has an invalid length.
[  243.673028][T12205] gretap0: entered promiscuous mode
[  243.682226][T12205] batadv_slave_0: entered promiscuous mode
[  243.699561][T12205] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  243.730747][T12205] Cannot create hsr debugfs directory
[  244.065653][T12231] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2102'.
[  244.286553][T12237] sctp: [Deprecated]: syz.3.2104 (pid 12237) Use of struct sctp_assoc_value in delayed_ack socket option.
[  244.286553][T12237] Use struct sctp_sack_info instead
[  244.307280][T12239] FAULT_INJECTION: forcing a failure.
[  244.307280][T12239] name failslab, interval 1, probability 0, space 0, times 0
[  244.334240][T12239] CPU: 1 UID: 0 PID: 12239 Comm: syz.4.2105 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  244.344702][T12239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  244.354765][T12239] Call Trace:
[  244.358040][T12239]  <TASK>
[  244.360963][T12239]  dump_stack_lvl+0x241/0x360
[  244.365644][T12239]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.370839][T12239]  ? __pfx__printk+0x10/0x10
[  244.375431][T12239]  should_fail_ex+0x3b0/0x4e0
[  244.380104][T12239]  ? __build_skb+0x4b/0x90
[  244.384512][T12239]  should_failslab+0xac/0x100
[  244.389187][T12239]  ? __build_skb+0x4b/0x90
[  244.393596][T12239]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  244.398966][T12239]  __build_skb+0x4b/0x90
[  244.403310][T12239]  netlink_alloc_large_skb+0x65/0x100
[  244.408706][T12239]  netlink_sendmsg+0x638/0xcb0
[  244.413498][T12239]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.418780][T12239]  ? arch_stack_walk+0x16d/0x1b0
[  244.423719][T12239]  ? aa_sock_msg_perm+0x91/0x160
[  244.428657][T12239]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  244.433940][T12239]  ? security_socket_sendmsg+0x87/0xb0
[  244.439402][T12239]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.444683][T12239]  __sock_sendmsg+0x221/0x270
[  244.449362][T12239]  sock_sendmsg+0x134/0x200
[  244.453859][T12239]  ? __pfx_sock_sendmsg+0x10/0x10
[  244.458884][T12239]  ? splice_direct_to_actor+0x502/0xc90
[  244.464438][T12239]  ? do_splice_direct+0x28c/0x3e0
[  244.469480][T12239]  ? do_sendfile+0x56d/0xe20
[  244.474077][T12239]  ? __se_sys_sendfile64+0x17c/0x1e0
[  244.479379][T12239]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.485454][T12239]  ? iov_iter_bvec+0x4e/0x180
[  244.490162][T12239]  splice_to_socket+0xa13/0x10b0
[  244.495134][T12239]  ? __pfx_splice_to_socket+0x10/0x10
[  244.500546][T12239]  ? __pfx_splice_to_socket+0x10/0x10
[  244.505923][T12239]  direct_splice_actor+0x11e/0x220
[  244.511033][T12239]  splice_direct_to_actor+0x58e/0xc90
[  244.516414][T12239]  ? __pfx_direct_splice_actor+0x10/0x10
[  244.522064][T12239]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  244.527951][T12239]  ? __fget_files+0x29/0x470
[  244.532538][T12239]  ? __pfx_lock_release+0x10/0x10
[  244.537568][T12239]  do_splice_direct+0x28c/0x3e0
[  244.542422][T12239]  ? __pfx_do_splice_direct+0x10/0x10
[  244.547785][T12239]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  244.553689][T12239]  ? security_file_permission+0x7f/0xa0
[  244.559233][T12239]  ? rw_verify_area+0x1d2/0x6b0
[  244.564090][T12239]  do_sendfile+0x56d/0xe20
[  244.568518][T12239]  ? __pfx_do_sendfile+0x10/0x10
[  244.573450][T12239]  ? bpf_trace_run2+0x1fc/0x540
[  244.578295][T12239]  ? bpf_trace_run2+0x36e/0x540
[  244.583142][T12239]  __se_sys_sendfile64+0x17c/0x1e0
[  244.588251][T12239]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  244.593905][T12239]  ? rcu_is_watching+0x15/0xb0
[  244.598672][T12239]  ? trace_sys_enter+0x1f/0xd0
[  244.603450][T12239]  do_syscall_64+0xf3/0x230
[  244.607961][T12239]  ? clear_bhb_loop+0x35/0x90
[  244.612651][T12239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.618556][T12239] RIP: 0033:0x7f10a2977299
[  244.622965][T12239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.642567][T12239] RSP: 002b:00007f10a37bf048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  244.650984][T12239] RAX: ffffffffffffffda RBX: 00007f10a2b05f80 RCX: 00007f10a2977299
[  244.658953][T12239] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000d
[  244.666919][T12239] RBP: 00007f10a37bf0a0 R08: 0000000000000000 R09: 0000000000000000
[  244.674882][T12239] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002
[  244.682856][T12239] R13: 000000000000000b R14: 00007f10a2b05f80 R15: 00007ffd37bca0a8
[  244.690842][T12239]  </TASK>
[  244.894467][T12254] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2111'.
[  245.032706][T12261] netlink: 'syz.1.2113': attribute type 1 has an invalid length.
[  245.075495][T12263] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2115'.
[  245.566511][T12285] Bluetooth: hci0: load_link_keys: too big key_count value 65280
[  245.569746][T12290] netlink: 324 bytes leftover after parsing attributes in process `syz.4.2123'.
[  245.590226][T12287] sctp: [Deprecated]: syz.2.2122 (pid 12287) Use of struct sctp_assoc_value in delayed_ack socket option.
[  245.590226][T12287] Use struct sctp_sack_info instead
[  245.622247][T12285] dummy0: entered promiscuous mode
[  245.714581][T12285] dummy0: left promiscuous mode
[  245.877161][T12300] syz_tun: entered promiscuous mode
[  245.908924][T12300] syz_tun: left promiscuous mode
[  245.984608][T12306] x_tables: ip_tables: CONNMARK.1 target: invalid size 16 (kernel) != (user) 0
[  246.081041][T12310] IPVS: length: 164 != 24
[  246.522591][T12338] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2139'.
[  246.650294][T12347] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2142'.
[  246.989038][T12356] IPVS: length: 164 != 24
[  247.454938][T12376] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  247.697729][T12389] IPVS: length: 164 != 24
[  247.813337][    C0] eth0: bad gso: type: 1, size: 1408
[  247.928311][T12393] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.353346][T12424] netlink: 'syz.1.2170': attribute type 1 has an invalid length.
[  248.398771][T12424] bond0: entered promiscuous mode
[  248.451122][T12429] IPVS: length: 164 != 24
[  248.458484][T12424] team_slave_1: left promiscuous mode
[  248.486562][    C0] eth0: bad gso: type: 1, size: 1408
[  248.497134][T12424] team_slave_1: left allmulticast mode
[  248.606318][T12424] team0: Port device team_slave_1 removed
[  248.631171][T12424] bond0: (slave team_slave_1): making interface the new active one
[  248.665357][T12424] team_slave_1: entered promiscuous mode
[  248.702910][T12424] bond0: (slave team_slave_1): Enslaving as an active interface with an up link
[  248.729204][T12441] __nla_validate_parse: 1 callbacks suppressed
[  248.729223][T12441] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2175'.
[  248.784646][T12441] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2175'.
[  248.787701][T12444] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2178'.
[  249.083124][T12457] IPVS: length: 164 != 24
[  249.179866][    C0] eth0: bad gso: type: 1, size: 1408
[  249.249202][T12466] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2185'.
[  249.403545][T12468] dvmrp0: entered allmulticast mode
[  249.558479][T12482] batman_adv: batadv0: Adding interface: gretap0
[  249.597005][T12482] batman_adv: batadv0: The MTU of interface gretap0 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  249.624508][T12482] batman_adv: batadv0: Not using interface gretap0 (retrying later): interface not active
[  249.801630][T12495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2195'.
[  249.832359][T12496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2193'.
[  249.873017][T12501] IPVS: length: 164 != 24
[  249.874617][T12496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2193'.
[  249.896083][T12499] FAULT_INJECTION: forcing a failure.
[  249.896083][T12499] name failslab, interval 1, probability 0, space 0, times 0
[  249.929916][T12499] CPU: 0 UID: 0 PID: 12499 Comm: syz.0.2196 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  249.940390][T12499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  249.950470][T12499] Call Trace:
[  249.953770][T12499]  <TASK>
[  249.956719][T12499]  dump_stack_lvl+0x241/0x360
[  249.961432][T12499]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.966656][T12499]  ? __pfx__printk+0x10/0x10
[  249.971275][T12499]  ? __kmalloc_noprof+0xb0/0x400
[  249.976266][T12499]  ? __pfx___might_resched+0x10/0x10
[  249.981580][T12499]  should_fail_ex+0x3b0/0x4e0
[  249.986291][T12499]  ? copy_splice_read+0x18d/0xb60
[  249.991320][T12499]  should_failslab+0xac/0x100
[  249.995999][T12499]  ? copy_splice_read+0x18d/0xb60
[  250.001018][T12499]  __kmalloc_noprof+0xd8/0x400
[  250.005785][T12499]  copy_splice_read+0x18d/0xb60
[  250.010633][T12499]  ? __pfx_copy_splice_read+0x10/0x10
[  250.016012][T12499]  ? file_end_write+0xe0/0x250
[  250.020768][T12499]  ? direct_splice_actor+0x12b/0x220
[  250.026046][T12499]  splice_direct_to_actor+0x502/0xc90
[  250.031429][T12499]  ? __pfx_direct_splice_actor+0x10/0x10
[  250.037055][T12499]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  250.042940][T12499]  ? __fget_files+0x29/0x470
[  250.047523][T12499]  ? __pfx_lock_release+0x10/0x10
[  250.052545][T12499]  do_splice_direct+0x28c/0x3e0
[  250.057392][T12499]  ? __pfx_do_splice_direct+0x10/0x10
[  250.062782][T12499]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  250.068677][T12499]  ? security_file_permission+0x7f/0xa0
[  250.074220][T12499]  ? rw_verify_area+0x1d2/0x6b0
[  250.079074][T12499]  do_sendfile+0x56d/0xe20
[  250.083488][T12499]  ? __pfx_do_sendfile+0x10/0x10
[  250.088435][T12499]  ? bpf_trace_run2+0x1fc/0x540
[  250.093283][T12499]  ? bpf_trace_run2+0x36e/0x540
[  250.098132][T12499]  __se_sys_sendfile64+0x17c/0x1e0
[  250.103245][T12499]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  250.108882][T12499]  ? rcu_is_watching+0x15/0xb0
[  250.113643][T12499]  ? trace_sys_enter+0x1f/0xd0
[  250.118399][T12499]  do_syscall_64+0xf3/0x230
[  250.122894][T12499]  ? clear_bhb_loop+0x35/0x90
[  250.127570][T12499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.133457][T12499] RIP: 0033:0x7ff9cd177299
[  250.137863][T12499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.157463][T12499] RSP: 002b:00007ff9cdf3d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  250.165870][T12499] RAX: ffffffffffffffda RBX: 00007ff9cd305f80 RCX: 00007ff9cd177299
[  250.173930][T12499] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000d
[  250.181888][T12499] RBP: 00007ff9cdf3d0a0 R08: 0000000000000000 R09: 0000000000000000
[  250.189867][T12499] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002
[  250.197840][T12499] R13: 000000000000000b R14: 00007ff9cd305f80 R15: 00007ffc14e0f868
[  250.205834][T12499]  </TASK>
[  250.305418][T12507] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2198'.
[  250.592329][T12515] syz.4.2201 uses old SIOCAX25GETINFO
[  250.655064][T12515] mac80211_hwsim hwsim21 wlan0: entered promiscuous mode
[  250.662437][T12515] macvlan4: entered allmulticast mode
[  250.691634][T12515] mac80211_hwsim hwsim21 wlan0: entered allmulticast mode
[  250.819170][T12528] syz.0.2206 (12528) used greatest stack depth: 17936 bytes left
[  250.827937][T12533] openvswitch: netlink: Message has 4 unknown bytes.
[  250.991058][T12537] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2209'.
[  251.035316][ T1064] bridge_slave_1: left allmulticast mode
[  251.041022][ T1064] bridge_slave_1: left promiscuous mode
[  251.094242][ T1064] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.212441][ T1064] bridge_slave_0: left allmulticast mode
[  251.241227][ T1064] bridge_slave_0: left promiscuous mode
[  251.266039][ T1064] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.727689][ T5235] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  251.741325][ T5235] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  251.751872][ T5235] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  251.763436][ T5235] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  251.779188][ T5235] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  251.787044][ T5235] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  252.107334][ T1064] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  252.120305][ T1064] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  252.136965][ T1064] bond0 (unregistering): Released all slaves
[  252.286330][T12553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2216'.
[  252.477191][T12577] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.505051][T12579] netlink: 'syz.0.2223': attribute type 10 has an invalid length.
[  252.550102][T12579] bridge0: port 1(team0) entered blocking state
[  252.580111][T12579] bridge0: port 1(team0) entered disabled state
[  252.614306][T12579] team0: entered allmulticast mode
[  252.621170][T12579] bond0: entered allmulticast mode
[  252.801793][ T1064] hsr_slave_0: left promiscuous mode
[  252.813367][ T1064] hsr_slave_1: left promiscuous mode
[  252.840963][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.853029][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.875104][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  252.885375][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_1
[  252.910913][ T1064] veth1_macvtap: left promiscuous mode
[  252.916807][ T1064] veth0_macvtap: left promiscuous mode
[  252.922929][ T1064] veth1_vlan: left promiscuous mode
[  252.928758][ T1064] veth0_vlan: left promiscuous mode
[  253.643172][ T1064] team0 (unregistering): Port device team_slave_1 removed
[  253.680929][ T1064] team0 (unregistering): Port device team_slave_0 removed
[  253.846615][ T5241] Bluetooth: hci3: command tx timeout
[  254.075859][T12592] __nla_validate_parse: 4 callbacks suppressed
[  254.075878][T12592] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2228'.
[  254.102222][T12603] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2228'.
[  254.122911][T12603] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2228'.
[  254.196294][T12606] netlink: 'syz.0.2228': attribute type 4 has an invalid length.
[  254.219733][T12598] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2228'.
[  254.229867][T12598] tc_dump_action: action bad kind
[  254.260901][T12620] team0: left allmulticast mode
[  254.304416][T12620] team_slave_0: left allmulticast mode
[  254.324752][T12620] team0: left promiscuous mode
[  254.364631][T12620] team_slave_0: left promiscuous mode
[  254.384517][T12620] bridge0: port 3(team0) entered disabled state
[  254.437634][T12620] bridge_slave_0: left allmulticast mode
[  254.443540][T12620] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.476300][T12620] bridge_slave_1: left allmulticast mode
[  254.482189][T12620] bridge_slave_1: left promiscuous mode
[  254.503747][T12620] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.572785][T12620] team0: Port device team_slave_0 removed
[  254.582679][T12620] bond0: (slave team_slave_1): Releasing active interface
[  254.590228][T12620] team_slave_1: left promiscuous mode
[  254.606456][T12620] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.615506][T12620] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.624816][T12620] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.632471][T12620] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.659193][T12622] bond0: left promiscuous mode
[  254.684397][T12622] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.693740][T12622] team0: Port device bond0 added
[  254.700981][T12625] netlink: 'syz.0.2236': attribute type 21 has an invalid length.
[  254.709738][T12627] netlink: 'syz.3.2237': attribute type 1 has an invalid length.
[  254.828736][T12627] bond1: entered promiscuous mode
[  255.093824][T12637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2240'.
[  255.451740][T12652] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2246'.
[  255.726610][T12565] chnl_net:caif_netlink_parms(): no params data found
[  255.902623][   T81] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  255.924437][ T5241] Bluetooth: hci3: command tx timeout
[  255.932596][   T81] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.987623][T12666] netlink: 'syz.3.2252': attribute type 10 has an invalid length.
[  256.005550][T12666] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2252'.
[  256.009286][ T1260] ieee802154 phy0 wpan0: encryption failed: -22
[  256.319988][   T81] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  256.341140][   T81] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.457833][T12683] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2257'.
[  256.567910][   T81] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  256.588722][   T81] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.626609][T12692] netlink: 'syz.1.2259': attribute type 2 has an invalid length.
[  256.638297][T12692] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2259'.
[  256.712754][T12707] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2263'.
[  256.739579][    C0] eth0: bad gso: type: 1, size: 1408
[  256.842141][   T81] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  256.863405][   T81] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.897680][T12565] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.905617][T12565] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.914297][T12565] bridge_slave_0: entered allmulticast mode
[  256.930949][T12565] bridge_slave_0: entered promiscuous mode
[  256.947421][T12712] netlink: 'syz.1.2265': attribute type 10 has an invalid length.
[  256.956383][T12712] team0: entered promiscuous mode
[  256.961676][T12712] bond0: entered promiscuous mode
[  256.970319][T12712] 8021q: adding VLAN 0 to HW filter on device team0
[  256.977594][T12712] bridge0: port 1(team0) entered blocking state
[  256.986862][T12712] bridge0: port 1(team0) entered disabled state
[  256.995614][T12712] team0: entered allmulticast mode
[  257.000954][T12712] bond0: entered allmulticast mode
[  257.017175][T12565] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.040418][T12565] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.061294][T12565] bridge_slave_1: entered allmulticast mode
[  257.072153][T12565] bridge_slave_1: entered promiscuous mode
[  257.092697][T12718] macvlan6: entered promiscuous mode
[  257.102822][T12718] vlan1: entered promiscuous mode
[  257.112355][T12718] macvlan6: entered allmulticast mode
[  257.122918][T12718] vlan1: entered allmulticast mode
[  257.130961][T12718] bond0: (slave macvlan6): Enslaving as an active interface with an up link
[  257.150289][T12715] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  257.265605][T12720] bond0: left promiscuous mode
[  257.279900][T12720] bond0: left allmulticast mode
[  257.350296][T12720] team0: Port device bond0 removed
[  257.364846][T12720] team0: left allmulticast mode
[  257.369954][T12720] bridge0: port 1(team0) entered disabled state
[  257.402698][T12735] IPVS: length: 164 != 24
[  257.418898][T12720] batman_adv: batadv0: Removing interface: gretap0
[  257.460194][T12565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.505230][T12565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.772847][T12565] team0: Port device team_slave_0 added
[  257.803592][T12565] team0: Port device team_slave_1 added
[  258.007690][ T5241] Bluetooth: hci3: command tx timeout
[  258.366860][   T81] gretap0 (unregistering): left promiscuous mode
[  258.863810][   T81] team0: Port device bond0 removed
[  258.874568][   T81] bond0 (unregistering): left promiscuous mode
[  258.903780][   T81] bond0 (unregistering): Released all slaves
[  259.091627][   T81] bond1 (unregistering): Released all slaves
[  259.114633][   T81] bond2 (unregistering): Released all slaves
[  259.134636][   T81] bond3 (unregistering): Released all slaves
[  259.150048][   T81] bond4 (unregistering): Released all slaves
[  259.171097][   T81] bond5 (unregistering): Released all slaves
[  259.198327][T12565] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.206213][T12565] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.241567][T12565] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.280145][T12756] netlink: 'syz.4.2281': attribute type 1 has an invalid length.
[  259.294140][T12756] __nla_validate_parse: 5 callbacks suppressed
[  259.294162][T12756] netlink: 67 bytes leftover after parsing attributes in process `syz.4.2281'.
[  259.348119][T12565] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.374905][T12565] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.415107][T12565] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.461501][   T81] tipc: Disabling bearer <udp:syz2>
[  259.472321][   T81] tipc: Left network mode
[  259.532118][T12788] netlink: 'syz.4.2290': attribute type 10 has an invalid length.
[  259.543742][T12788] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2290'.
[  259.576168][   T81] IPVS: stopping master sync thread 10311 ...
[  259.600699][T12792] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2292'.
[  259.701461][T12565] hsr_slave_0: entered promiscuous mode
[  259.725769][T12565] hsr_slave_1: entered promiscuous mode
[  259.739873][T12565] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.750617][T12565] Cannot create hsr debugfs directory
[  260.087898][   T81] batadv_slave_0: left promiscuous mode
[  260.098436][ T5241] Bluetooth: hci3: command tx timeout
[  260.112213][   T81] hsr_slave_0: left promiscuous mode
[  260.120428][   T81] hsr_slave_1: left promiscuous mode
[  260.181264][   T81] veth1_macvtap: left promiscuous mode
[  260.187124][   T81] veth0_macvtap: left promiscuous mode
[  260.192794][   T81] veth1_vlan: left promiscuous mode
[  260.198439][   T81] veth0_vlan: left promiscuous mode
[  260.418011][T12826] netlink: 480 bytes leftover after parsing attributes in process `syz.3.2303'.
[  261.311242][T12824] netlink: 'syz.1.2302': attribute type 10 has an invalid length.
[  261.334141][T12824] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2302'.
[  261.431097][T12828] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2304'.
[  261.518608][T12836] vlan2: entered promiscuous mode
[  262.235521][T12857] netlink: 'syz.0.2316': attribute type 10 has an invalid length.
[  262.264077][T12857] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2316'.
[  262.301633][T12857] bridge0: port 1(team0) entered blocking state
[  262.343276][T12857] bridge0: port 1(team0) entered disabled state
[  262.366894][T12857] team0: entered allmulticast mode
[  262.452981][T12867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2321'.
[  262.465633][   T81] IPVS: stop unused estimator thread 0...
[  262.715666][T12565] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  262.731113][T12565] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  262.766964][T12565] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  262.796356][T12565] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  262.999846][T12565] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.025186][T12565] 8021q: adding VLAN 0 to HW filter on device team0
[  263.045941][T10263] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.053107][T10263] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.076337][T10263] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.083565][T10263] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.416779][T12912] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2336'.
[  263.426767][T12565] 8021q: adding VLAN 0 to HW filter on device batadv0
[  263.528295][T12565] veth0_vlan: entered promiscuous mode
[  263.575153][T12565] veth1_vlan: entered promiscuous mode
[  263.677548][T12565] veth0_macvtap: entered promiscuous mode
[  263.736952][T12565] veth1_macvtap: entered promiscuous mode
[  263.862375][T12565] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.891561][T12565] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.910747][T12565] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.927388][T12565] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.940169][T12565] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.953743][T12565] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.002778][T12932] vlan2: entered promiscuous mode
[  264.208402][T12940] netlink: 'syz.0.2348': attribute type 10 has an invalid length.
[  264.232292][T12940] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  264.247965][T12940] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  264.271170][T12940] team0: Port device netdevsim0 added
[  264.302682][T12941] netlink: 'syz.0.2348': attribute type 10 has an invalid length.
[  264.312132][T12941] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  264.324477][T12941] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  264.371342][T12941] team0: Port device netdevsim0 removed
[  264.383851][T12941] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  264.395015][ T1064] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.406791][ T1064] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.479376][ T1064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.534767][ T1064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.738800][T12960] FAULT_INJECTION: forcing a failure.
[  264.738800][T12960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.773529][T12962] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2208'.
[  264.808004][T12960] CPU: 0 UID: 0 PID: 12960 Comm: syz.4.2354 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  264.818476][T12960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  264.828551][T12960] Call Trace:
[  264.831845][T12960]  <TASK>
[  264.834805][T12960]  dump_stack_lvl+0x241/0x360
[  264.839513][T12960]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.844737][T12960]  ? __pfx__printk+0x10/0x10
[  264.849358][T12960]  ? snprintf+0xda/0x120
[  264.853627][T12960]  should_fail_ex+0x3b0/0x4e0
[  264.858337][T12960]  _copy_to_user+0x2f/0xb0
[  264.862777][T12960]  simple_read_from_buffer+0xca/0x150
[  264.868176][T12960]  proc_fail_nth_read+0x1e9/0x250
[  264.873215][T12960]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.878759][T12960]  ? rw_verify_area+0x520/0x6b0
[  264.883611][T12960]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.889151][T12960]  vfs_read+0x204/0xbc0
[  264.893304][T12960]  ? __pfx_lock_release+0x10/0x10
[  264.898335][T12960]  ? __pfx_vfs_read+0x10/0x10
[  264.903008][T12960]  ? __fget_files+0x29/0x470
[  264.907597][T12960]  ? __fget_files+0x3f6/0x470
[  264.912283][T12960]  ksys_read+0x1a0/0x2c0
[  264.916529][T12960]  ? __pfx_ksys_read+0x10/0x10
[  264.921291][T12960]  ? do_syscall_64+0x100/0x230
[  264.926055][T12960]  ? do_syscall_64+0xb6/0x230
[  264.930725][T12960]  do_syscall_64+0xf3/0x230
[  264.935223][T12960]  ? clear_bhb_loop+0x35/0x90
[  264.939904][T12960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.945820][T12960] RIP: 0033:0x7f10a2975d7c
[  264.950317][T12960] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  264.969919][T12960] RSP: 002b:00007f10a37bf040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  264.978330][T12960] RAX: ffffffffffffffda RBX: 00007f10a2b05f80 RCX: 00007f10a2975d7c
[  264.986291][T12960] RDX: 000000000000000f RSI: 00007f10a37bf0b0 RDI: 0000000000000004
[  264.994258][T12960] RBP: 00007f10a37bf0a0 R08: 0000000000000000 R09: 0000000000000000
[  265.002219][T12960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.010180][T12960] R13: 000000000000000b R14: 00007f10a2b05f80 R15: 00007ffd37bca0a8
[  265.018168][T12960]  </TASK>
[  265.130663][T12962] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2208'.
[  265.189682][T12962] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2208'.
[  265.250377][T12973] vlan4: entered promiscuous mode
[  265.294531][T12955] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  266.525484][T13033] vlan2: entered promiscuous mode
[  266.612802][T13023] team0: left allmulticast mode
[  266.624245][T13023] bridge0: port 1(team0) entered disabled state
[  266.713502][T13023] bond0: (slave netdevsim0): Releasing backup interface
[  266.872035][T13044] netlink: 480 bytes leftover after parsing attributes in process `syz.1.2378'.
[  266.920848][T13046] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2379'.
[  267.012859][T13050] netlink: 'syz.2.2379': attribute type 7 has an invalid length.
[  267.051259][T13050] netlink: 'syz.2.2379': attribute type 39 has an invalid length.
[  267.278788][T13052] sit0: left allmulticast mode
[  267.402336][T13052] netlink: 'syz.3.2381': attribute type 1 has an invalid length.
[  267.436974][T13052] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2381'.
[  267.652985][T13063] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.678836][T13063] bond0: entered promiscuous mode
[  267.689724][T13063] team0: Port device bond0 added
[  267.706496][T13069] bond_slave_0: entered promiscuous mode
[  267.712265][T13069] bond_slave_1: entered promiscuous mode
[  267.741892][T13069] vlan2: entered promiscuous mode
[  267.766882][T13069] bond0: entered promiscuous mode
[  267.800970][T13069] bond0: left promiscuous mode
[  267.812348][T13069] bond_slave_0: left promiscuous mode
[  267.817908][T13069] bond_slave_1: left promiscuous mode
[  268.207063][T13095] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2394'.
[  268.383723][T13102] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2398'.
[  268.598439][T13104] syzkaller0: entered promiscuous mode
[  268.606588][T13104] syzkaller0: entered allmulticast mode
[  270.578937][T13124] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2404'.
[  270.606989][T13134] vlan2: entered promiscuous mode
[  270.697696][T13138] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2409'.
[  270.822198][T13138] macvlan2: entered promiscuous mode
[  270.843420][T13138] vlan1: entered promiscuous mode
[  270.874586][T13138] macvlan2: entered allmulticast mode
[  270.880592][T13138] vlan1: entered allmulticast mode
[  270.914895][T13138] veth0_vlan: entered allmulticast mode
[  270.994778][T13138] vlan1: left allmulticast mode
[  271.008994][T13138] veth0_vlan: left allmulticast mode
[  271.015077][T13138] vlan1: left promiscuous mode
[  271.080154][T13145] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  271.404612][T13169] batman_adv: batadv0: Adding interface: gretap3
[  271.440926][T13169] batman_adv: batadv0: The MTU of interface gretap3 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  271.484701][T13169] batman_adv: batadv0: Not using interface gretap3 (retrying later): interface not active
[  271.707026][T13184] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2424'.
[  271.810254][T13186] FAULT_INJECTION: forcing a failure.
[  271.810254][T13186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.844594][T13186] CPU: 1 UID: 0 PID: 13186 Comm: syz.3.2426 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  271.855066][T13186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  271.865144][T13186] Call Trace:
[  271.868533][T13186]  <TASK>
[  271.871481][T13186]  dump_stack_lvl+0x241/0x360
[  271.876191][T13186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.881409][T13186]  ? __pfx__printk+0x10/0x10
[  271.886052][T13186]  ? __pfx_lock_release+0x10/0x10
[  271.891110][T13186]  ? rcu_is_watching+0x15/0xb0
[  271.895917][T13186]  should_fail_ex+0x3b0/0x4e0
[  271.900625][T13186]  _copy_from_iter+0x1f6/0x1960
[  271.905507][T13186]  ? alloc_pages_mpol_noprof+0x417/0x680
[  271.911173][T13186]  ? __pfx__copy_from_iter+0x10/0x10
[  271.916485][T13186]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  271.922496][T13186]  ? alloc_pages_noprof+0xef/0x170
[  271.927717][T13186]  ? page_copy_sane+0x46/0x260
[  271.932506][T13186]  copy_page_from_iter+0x7a/0x100
[  271.937556][T13186]  tun_get_user+0x1f7d/0x4720
[  271.942263][T13186]  ? tun_get_user+0x871/0x4720
[  271.947069][T13186]  ? __lock_acquire+0x137a/0x2040
[  271.952135][T13186]  ? __pfx_tun_get_user+0x10/0x10
[  271.957214][T13186]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  271.962688][T13186]  ? tun_get+0x1e/0x2f0
[  271.966853][T13186]  ? __pfx_lock_release+0x10/0x10
[  271.971919][T13186]  ? tun_get+0x1e/0x2f0
[  271.976096][T13186]  ? tun_get+0x27d/0x2f0
[  271.980368][T13186]  tun_chr_write_iter+0x113/0x1f0
[  271.985423][T13186]  vfs_write+0xa72/0xc90
[  271.989711][T13186]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  271.995288][T13186]  ? __pfx_vfs_write+0x10/0x10
[  272.000187][T13186]  ksys_write+0x1a0/0x2c0
[  272.004548][T13186]  ? __pfx_ksys_write+0x10/0x10
[  272.009403][T13186]  ? do_syscall_64+0x100/0x230
[  272.014179][T13186]  ? do_syscall_64+0xb6/0x230
[  272.018884][T13186]  do_syscall_64+0xf3/0x230
[  272.023421][T13186]  ? clear_bhb_loop+0x35/0x90
[  272.028124][T13186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.034047][T13186] RIP: 0033:0x7fcce1975e1f
[  272.038481][T13186] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  272.058107][T13186] RSP: 002b:00007fcce276c010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  272.066569][T13186] RAX: ffffffffffffffda RBX: 00007fcce1b05f80 RCX: 00007fcce1975e1f
[  272.074560][T13186] RDX: 000000000000002a RSI: 0000000020000000 RDI: 00000000000000c8
[  272.082552][T13186] RBP: 00007fcce276c0a0 R08: 0000000000000000 R09: 0000000000000000
[  272.090546][T13186] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[  272.098538][T13186] R13: 000000000000000b R14: 00007fcce1b05f80 R15: 00007ffd0654e438
[  272.106542][T13186]  </TASK>
[  272.121205][T13200] netlink: 'syz.4.2429': attribute type 10 has an invalid length.
[  272.150835][T13200] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2429'.
[  272.381254][T13206] sit0: left promiscuous mode
[  272.514394][T13214] sit0: entered promiscuous mode
[  272.632870][T13220] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2437'.
[  272.870044][T13227] netlink: 'syz.3.2441': attribute type 7 has an invalid length.
[  272.892785][T13227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2441'.
[  273.027902][T13234] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2443'.
[  273.052613][T13234] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2443'.
[  273.129893][T13238] skb len=8071 headroom=168 headlen=136 tailroom=0
[  273.129893][T13238] mac=(168,0) mac_len=0 net=(168,20) trans=188
[  273.129893][T13238] shinfo(txflags=0 nr_frags=1 gso(size=0 type=0 segs=0))
[  273.129893][T13238] csum(0x30000eb start=235 offset=768 ip_summed=3 complete_sw=0 valid=0 level=0)
[  273.129893][T13238] hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0
[  273.129893][T13238] priority=0x0 mark=0x0 alloc_cpu=1 vlan_all=0x0
[  273.129893][T13238] encapsulation=1 inner(proto=0x0008, mac=192, net=192, trans=244)
[  273.178985][T13238] dev name=veth0_to_team feat=0x000061164fdd19e9
[  273.185402][T13238] skb linear:   00000000: 45 02 1f 87 60 c8 00 00 0f 2f a6 47 ac 14 14 1f
[  273.193959][T13238] skb linear:   00000010: e0 00 e5 02 00 00 08 00 bd 0f 1f 6f 10 83 0c 52
[  273.202497][T13238] skb linear:   00000020: 0f 06 3d 78 1f e4 fd fe 4b 44 94 30 eb b5 29 97
[  273.211063][T13238] skb linear:   00000030: e3 6e 03 9b 1c 59 88 25 f8 01 00 a3 c0 63 76 c3
[  273.219623][T13238] skb linear:   00000040: 30 41 76 a1 67 d5 02 61 a6 7a 34 a0 9e 5f e2 bb
[  273.228181][T13238] skb linear:   00000050: 07 b7 10 45 07 a8 d8 4b f8 00 00 00 42 7e 00 00
[  273.236831][T13238] skb linear:   00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.245399][T13238] skb linear:   00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.253958][T13238] skb linear:   00000080: 00 00 00 00 00 00 00 00
[  273.260402][T13238] skb frag:     00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.264742][T13242] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2446'.
[  273.268936][T13238] skb frag:     00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.286435][T13238] skb frag:     00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.295075][T13238] skb frag:     00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.303594][T13238] skb frag:     00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.312151][T13238] skb frag:     00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.320711][T13238] skb frag:     00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.329275][T13238] skb frag:     00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.337840][T13238] skb frag:     00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.346396][T13238] skb frag:     00000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  273.355039][T13238] skb frag:     000000a0: 00 00 00 00 00 00 00 00
[  273.361483][T13238] ------------[ cut here ]------------
[  273.366989][T13238] offset+2 (837) > skb_headlen() (136)
[  273.372961][T13238] WARNING: CPU: 1 PID: 13238 at net/core/dev.c:3336 skb_checksum_help+0x68f/0x730
[  273.382243][T13238] Modules linked in:
[  273.386209][T13238] CPU: 1 UID: 0 PID: 13238 Comm: syz.0.2444 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  273.396706][T13238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  273.406829][T13238] RIP: 0010:skb_checksum_help+0x68f/0x730
[  273.412601][T13238] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 89 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 c0 7d ec 8c 4c 89 f6 89 da e8 e2 61 d2 f7 90 <0f> 0b 90 90 bb ea ff ff ff e9 cf fc ff ff 48 8b 0c 24 80 e1 07 80
[  273.432278][T13238] RSP: 0018:ffffc9000efded28 EFLAGS: 00010246
[  273.438421][T13238] RAX: bb2861248ebb6000 RBX: 0000000000000088 RCX: 0000000000040000
[  273.446530][T13238] RDX: ffffc90009cf9000 RSI: 000000000003ffff RDI: 0000000000040000
[  273.454733][T13238] RBP: dffffc0000000000 R08: ffffffff81559432 R09: fffffbfff1cb9f88
[  273.462812][T13238] R10: dffffc0000000000 R11: fffffbfff1cb9f88 R12: 1ffff1100fbb9e0e
[  273.470862][T13238] R13: 0000000000000343 R14: 0000000000000345 R15: ffff88807ddcf000
[  273.478913][T13238] FS:  00007ff9cdf3d6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  273.487901][T13238] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  273.494566][T13238] CR2: 000000002000d000 CR3: 000000007df26000 CR4: 00000000003506f0
[  273.502652][T13238] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  273.510652][T13238] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  273.519142][T13238] Call Trace:
[  273.522434][T13238]  <TASK>
[  273.525412][T13238]  ? __warn+0x163/0x4e0
[  273.529600][T13238]  ? skb_checksum_help+0x68f/0x730
[  273.534786][T13238]  ? report_bug+0x2b3/0x500
[  273.539305][T13238]  ? skb_checksum_help+0x68f/0x730
[  273.544515][T13238]  ? handle_bug+0x3e/0x70
[  273.548877][T13238]  ? exc_invalid_op+0x1a/0x50
[  273.553560][T13238]  ? asm_exc_invalid_op+0x1a/0x20
[  273.558664][T13238]  ? __warn_printk+0x292/0x360
[  273.563467][T13238]  ? skb_checksum_help+0x68f/0x730
[  273.568626][T13238]  ? skb_checksum_help+0x68e/0x730
[  273.573853][T13238]  ip_do_fragment+0x20d/0x1b30
[  273.578700][T13238]  ? __pfx_ip_finish_output2+0x10/0x10
[  273.584317][T13238]  ? __pfx_ip_do_fragment+0x10/0x10
[  273.589539][T13238]  ? kasan_quarantine_put+0xdc/0x230
[  273.594877][T13238]  ? lockdep_hardirqs_on+0x99/0x150
[  273.600109][T13238]  ? __ip_finish_output+0x247/0x400
[  273.605385][T13238]  ? kmem_cache_free+0x145/0x350
[  273.610423][T13238]  ? ip_fragment+0x9a/0x220
[  273.615027][T13238]  __ip_finish_output+0x290/0x400
[  273.620176][T13238]  iptunnel_xmit+0x540/0x9b0
[  273.624847][T13238]  ip_tunnel_xmit+0x2119/0x2950
[  273.629825][T13238]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  273.635076][T13238]  ? gre_build_header+0x341/0xb30
[  273.640144][T13238]  ? __pfx_gre_build_header+0x10/0x10
[  273.645613][T13238]  ? iptunnel_handle_offloads+0x25f/0x650
[  273.651370][T13238]  ipgre_xmit+0x958/0xd40
[  273.655779][T13238]  ? __pfx_ipgre_xmit+0x10/0x10
[  273.660647][T13238]  ? validate_xmit_skb+0x9f9/0x1120
[  273.665902][T13238]  dev_hard_start_xmit+0x27a/0x7e0
[  273.671064][T13238]  __dev_queue_xmit+0x1b63/0x3e90
[  273.676165][T13238]  ? __dev_queue_xmit+0x2da/0x3e90
[  273.681312][T13238]  ? _copy_from_iter+0x26b/0x1960
[  273.686399][T13238]  ? __pfx___dev_queue_xmit+0x10/0x10
[  273.691795][T13238]  ? __virt_addr_valid+0x183/0x530
[  273.696951][T13238]  ? skb_set_owner_w+0x238/0x3e0
[  273.701920][T13238]  ? skb_partial_csum_set+0x105/0x350
[  273.707350][T13238]  ? virtio_net_hdr_to_skb+0xb52/0x1460
[  273.712899][T13238]  ? packet_parse_headers+0x7e3/0xaf0
[  273.718342][T13238]  ? packet_xmit+0x68/0x330
[  273.722871][T13238]  packet_sendmsg+0x4bc0/0x6710
[  273.727770][T13238]  ? __pfx___might_resched+0x10/0x10
[  273.733063][T13238]  ? aa_sk_perm+0x967/0xab0
[  273.737653][T13238]  ? __pfx_packet_sendmsg+0x10/0x10
[  273.742886][T13238]  ? __pfx_lock_release+0x10/0x10
[  273.747977][T13238]  ? __import_iovec+0x536/0x820
[  273.752847][T13238]  ? aa_sock_msg_perm+0x91/0x160
[  273.757879][T13238]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  273.763192][T13238]  ? security_socket_sendmsg+0x87/0xb0
[  273.768696][T13238]  ? __pfx_packet_sendmsg+0x10/0x10
[  273.773946][T13238]  __sock_sendmsg+0x221/0x270
[  273.778643][T13238]  ____sys_sendmsg+0x525/0x7d0
[  273.783412][T13238]  ? __pfx_____sys_sendmsg+0x10/0x10
[  273.788745][T13238]  __sys_sendmsg+0x2b0/0x3a0
[  273.793336][T13238]  ? __pfx___sys_sendmsg+0x10/0x10
[  273.798543][T13238]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  273.804961][T13238]  ? do_syscall_64+0x100/0x230
[  273.809837][T13238]  ? do_syscall_64+0xb6/0x230
[  273.814560][T13238]  do_syscall_64+0xf3/0x230
[  273.819165][T13238]  ? clear_bhb_loop+0x35/0x90
[  273.823846][T13238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.829770][T13238] RIP: 0033:0x7ff9cd177299
[  273.834225][T13238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.853936][T13238] RSP: 002b:00007ff9cdf3d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  273.862384][T13238] RAX: ffffffffffffffda RBX: 00007ff9cd305f80 RCX: 00007ff9cd177299
[  273.870530][T13238] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003
[  273.878576][T13238] RBP: 00007ff9cd1e48e6 R08: 0000000000000000 R09: 0000000000000000
[  273.886627][T13238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  273.894682][T13238] R13: 000000000000000b R14: 00007ff9cd305f80 R15: 00007ffc14e0f868
[  273.902692][T13238]  </TASK>
[  273.905756][T13238] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  273.913045][T13238] CPU: 1 UID: 0 PID: 13238 Comm: syz.0.2444 Not tainted 6.10.0-syzkaller-12585-g301927d2d2eb #0
[  273.923470][T13238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  273.933521][T13238] Call Trace:
[  273.936796][T13238]  <TASK>
[  273.939724][T13238]  dump_stack_lvl+0x241/0x360
[  273.944504][T13238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.949716][T13238]  ? __pfx__printk+0x10/0x10
[  273.954580][T13238]  ? vscnprintf+0x5d/0x90
[  273.958962][T13238]  panic+0x349/0x860
[  273.962873][T13238]  ? __warn+0x172/0x4e0
[  273.967144][T13238]  ? __pfx_panic+0x10/0x10
[  273.971606][T13238]  __warn+0x346/0x4e0
[  273.975599][T13238]  ? skb_checksum_help+0x68f/0x730
[  273.980712][T13238]  report_bug+0x2b3/0x500
[  273.985051][T13238]  ? skb_checksum_help+0x68f/0x730
[  273.990165][T13238]  handle_bug+0x3e/0x70
[  273.994313][T13238]  exc_invalid_op+0x1a/0x50
[  273.998811][T13238]  asm_exc_invalid_op+0x1a/0x20
[  274.003667][T13238] RIP: 0010:skb_checksum_help+0x68f/0x730
[  274.009390][T13238] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 89 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 c0 7d ec 8c 4c 89 f6 89 da e8 e2 61 d2 f7 90 <0f> 0b 90 90 bb ea ff ff ff e9 cf fc ff ff 48 8b 0c 24 80 e1 07 80
[  274.029081][T13238] RSP: 0018:ffffc9000efded28 EFLAGS: 00010246
[  274.035163][T13238] RAX: bb2861248ebb6000 RBX: 0000000000000088 RCX: 0000000000040000
[  274.043124][T13238] RDX: ffffc90009cf9000 RSI: 000000000003ffff RDI: 0000000000040000
[  274.051087][T13238] RBP: dffffc0000000000 R08: ffffffff81559432 R09: fffffbfff1cb9f88
[  274.059055][T13238] R10: dffffc0000000000 R11: fffffbfff1cb9f88 R12: 1ffff1100fbb9e0e
[  274.067026][T13238] R13: 0000000000000343 R14: 0000000000000345 R15: ffff88807ddcf000
[  274.074995][T13238]  ? __warn_printk+0x292/0x360
[  274.079762][T13238]  ? skb_checksum_help+0x68e/0x730
[  274.084881][T13238]  ip_do_fragment+0x20d/0x1b30
[  274.089649][T13238]  ? __pfx_ip_finish_output2+0x10/0x10
[  274.095102][T13238]  ? __pfx_ip_do_fragment+0x10/0x10
[  274.100292][T13238]  ? kasan_quarantine_put+0xdc/0x230
[  274.105571][T13238]  ? lockdep_hardirqs_on+0x99/0x150
[  274.110768][T13238]  ? __ip_finish_output+0x247/0x400
[  274.115958][T13238]  ? kmem_cache_free+0x145/0x350
[  274.120888][T13238]  ? ip_fragment+0x9a/0x220
[  274.125391][T13238]  __ip_finish_output+0x290/0x400
[  274.130508][T13238]  iptunnel_xmit+0x540/0x9b0
[  274.135103][T13238]  ip_tunnel_xmit+0x2119/0x2950
[  274.139988][T13238]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  274.145181][T13238]  ? gre_build_header+0x341/0xb30
[  274.150210][T13238]  ? __pfx_gre_build_header+0x10/0x10
[  274.155665][T13238]  ? iptunnel_handle_offloads+0x25f/0x650
[  274.161390][T13238]  ipgre_xmit+0x958/0xd40
[  274.165742][T13238]  ? __pfx_ipgre_xmit+0x10/0x10
[  274.170597][T13238]  ? validate_xmit_skb+0x9f9/0x1120
[  274.175797][T13238]  dev_hard_start_xmit+0x27a/0x7e0
[  274.180916][T13238]  __dev_queue_xmit+0x1b63/0x3e90
[  274.185951][T13238]  ? __dev_queue_xmit+0x2da/0x3e90
[  274.191058][T13238]  ? _copy_from_iter+0x26b/0x1960
[  274.196163][T13238]  ? __pfx___dev_queue_xmit+0x10/0x10
[  274.201532][T13238]  ? __virt_addr_valid+0x183/0x530
[  274.206640][T13238]  ? skb_set_owner_w+0x238/0x3e0
[  274.211588][T13238]  ? skb_partial_csum_set+0x105/0x350
[  274.216964][T13238]  ? virtio_net_hdr_to_skb+0xb52/0x1460
[  274.222500][T13238]  ? packet_parse_headers+0x7e3/0xaf0
[  274.227892][T13238]  ? packet_xmit+0x68/0x330
[  274.232397][T13238]  packet_sendmsg+0x4bc0/0x6710
[  274.237276][T13238]  ? __pfx___might_resched+0x10/0x10
[  274.242570][T13238]  ? aa_sk_perm+0x967/0xab0
[  274.247077][T13238]  ? __pfx_packet_sendmsg+0x10/0x10
[  274.252287][T13238]  ? __pfx_lock_release+0x10/0x10
[  274.257309][T13238]  ? __import_iovec+0x536/0x820
[  274.262152][T13238]  ? aa_sock_msg_perm+0x91/0x160
[  274.267090][T13238]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  274.272371][T13238]  ? security_socket_sendmsg+0x87/0xb0
[  274.277835][T13238]  ? __pfx_packet_sendmsg+0x10/0x10
[  274.283064][T13238]  __sock_sendmsg+0x221/0x270
[  274.287741][T13238]  ____sys_sendmsg+0x525/0x7d0
[  274.292591][T13238]  ? __pfx_____sys_sendmsg+0x10/0x10
[  274.297886][T13238]  __sys_sendmsg+0x2b0/0x3a0
[  274.302479][T13238]  ? __pfx___sys_sendmsg+0x10/0x10
[  274.307615][T13238]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  274.313947][T13238]  ? do_syscall_64+0x100/0x230
[  274.318711][T13238]  ? do_syscall_64+0xb6/0x230
[  274.323395][T13238]  do_syscall_64+0xf3/0x230
[  274.327892][T13238]  ? clear_bhb_loop+0x35/0x90
[  274.332569][T13238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.338458][T13238] RIP: 0033:0x7ff9cd177299
[  274.342871][T13238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.362564][T13238] RSP: 002b:00007ff9cdf3d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.370985][T13238] RAX: ffffffffffffffda RBX: 00007ff9cd305f80 RCX: 00007ff9cd177299
[  274.378955][T13238] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003
[  274.386917][T13238] RBP: 00007ff9cd1e48e6 R08: 0000000000000000 R09: 0000000000000000
[  274.394884][T13238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  274.402849][T13238] R13: 000000000000000b R14: 00007ff9cd305f80 R15: 00007ffc14e0f868
[  274.410828][T13238]  </TASK>
[  274.414073][T13238] Kernel Offset: disabled
[  274.418493][T13238] Rebooting in 86400 seconds..