last executing test programs:

1.739329891s ago: executing program 4 (id=3616):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2111, 0x300, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000000)=ANY=[@ANYRES16, @ANYRES32, @ANYRESOCT], 0xffc9)
listen(r0, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt(r2, 0x0, 0xb, &(0x7f00000000c0)=""/3, &(0x7f0000000040)=0x3)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000180)={&(0x7f0000000080)=""/142, 0x8e})
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_extract_tcp_res$synack(&(0x7f00000001c0)={0x41424344, <r3=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @empty, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x1, @private2={0xfc, 0x2, '\x00', 0x3}, @local, {[], {{0x0, 0x4e22, 0x41424344, r3, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x4}}}}}}}, 0x0)

1.708246762s ago: executing program 3 (id=3618):
epoll_create1(0x80000)
socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x800000000000002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000d"], 0x48)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket(0x28, 0x1, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$rds(0x15, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='task_newtask\x00', r1, 0x0, 0x2000000000}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r2, @ANYRES64=0x0, @ANYRESOCT=r0], 0x20)

1.598108686s ago: executing program 4 (id=3619):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x1, 0x4)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000140)={@dev, @rand_addr, @empty}, &(0x7f0000000240)=0xc)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000b00)=""/241, 0xf1}], 0x1}, 0x10122)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r2, 0x0, 0xf69}, 0x18)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

1.568934366s ago: executing program 3 (id=3620):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r1, 0x28, 0x6, &(0x7f0000000140)={0x0, 0xea60}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='cq_schedule\x00', r0}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x18, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$inet(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)="71b2b7ae40bc2f233a20ecdaeba4125548b0d1608dcf56253e68cefb43eff814a0a5cea8f097293c0b83f2c4e5340ef8271f4905256131b4250caaede6424dabcdef0f6f75f8f2c45de465122b84233799ea8e89d146f83f67960e974395c555c6e0e542d0c315ec1e3a5c8f4b41f57b213eac3e", 0x74}, {&(0x7f0000000380)="79e7686402e8b00fbfc2951b3022f889184d05b37cc69deb31f46d0adca8cb6213648a11b6a4f2e0e2446253d027ae70ed3f2af1d15b787e992c765053208c7b7ec3990e226519384ce7c32ed28ff16c361ee3eb56", 0x55}], 0x2}, 0x40000)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000000040)={0x2, 0x4, 0x7fffffff}, 0xc)
r5 = accept4$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @multicast2}, &(0x7f00000001c0)=0x10, 0x80000)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r5, 0xf505, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
setsockopt$sock_int(r6, 0x1, 0x10, &(0x7f0000000000)=0xc, 0x4)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180200006db1516e0000000000005d8ab384f289b218e676"], &(0x7f0000000000)='GPL\x00'}, 0x94)
r8 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r8, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000004c0)={'bond0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0010001000", @ANYRES32=r10, @ANYBLOB="138000002b9001001c00128009000100626f6e64000000000c0002800800140000000080"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
sendmsg$kcm(r8, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x20000000)
sendmsg$kcm(r8, &(0x7f0000000100)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x23}}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000100000051d833483cc75d51900000000000000004000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319e2e66d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a33120800", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.103201739s ago: executing program 3 (id=3626):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)={0xbc, 0x1, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x6}, [@CTA_TUPLE_MASTER={0xa8, 0xe, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @local}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x6, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @mcast1}}}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x80}, 0x24000801)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r1, &(0x7f00000002c0), 0x220, 0x100, 0x0)

1.04436721s ago: executing program 3 (id=3627):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x1, 0x4)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000140)={@dev, @rand_addr, @empty}, &(0x7f0000000240)=0xc)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000b00)=""/241, 0xf1}], 0x1}, 0x10122)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r2, 0x0, 0xf69}, 0x18)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

953.445571ms ago: executing program 0 (id=3629):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="0000000000000000b70800000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000440), 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

903.514478ms ago: executing program 1 (id=3630):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000000)=ANY=[@ANYRES16, @ANYRES32, @ANYRESOCT], 0xffc9)
listen(r0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt(r1, 0x0, 0xb, &(0x7f00000000c0)=""/3, &(0x7f0000000040)=0x3)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000180)={&(0x7f0000000080)=""/142, 0x8e})
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_extract_tcp_res$synack(&(0x7f00000001c0)={0x41424344, <r2=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @empty, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x1, @private2={0xfc, 0x2, '\x00', 0x3}, @local, {[], {{0x0, 0x4e22, 0x41424344, r2, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x4}}}}}}}, 0x0)

827.10779ms ago: executing program 1 (id=3631):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0x3, 0x62}, @timestamp={0x44, 0x10, 0x5, 0x3, 0x0, [0x0, 0x0, 0x0]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000001a0001002bbd7000000000080a0020"], 0x2c}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

776.213ms ago: executing program 2 (id=3632):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r1, 0x800, 0x55007}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x9}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

774.844105ms ago: executing program 0 (id=3633):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x74, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3d}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x10, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MAXIP={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1}}, @CTA_NAT_PROTO={0x4}]}]}, 0x74}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c000180060006006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010) (async)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c000180060006006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1c, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20702, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f00000009c0)={0x0, 0x2, 0xf000}, &(0x7f0000000a00)=0x8) (async)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f00000009c0)={0x0, 0x2, 0xf000}, &(0x7f0000000a00)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r5, 0x84, 0x5, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r5, 0x84, 0x5, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f00000002c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x6, @dev={0xfe, 0x80, '\x00', 0x2b}, 0x5}, 0x1c, &(0x7f0000000480)=[{&(0x7f00000005c0)="8c7f924c55205cbf860621af9cffa024f339da7627d94ad102646641643a0295beead32ec1c0f6549e114ed345f8abb0c7096bf936fbe530e377ef9e15ddf1af09eb058230e647585f856a22a1b6c6c8273c8d617589b13a5073", 0x5a}], 0x1}}, {{&(0x7f00000004c0)={0xa, 0x4e22, 0x200006, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x8}, 0x1c, &(0x7f0000000a40)=[{&(0x7f0000000500)='\x00', 0x1}], 0x1}}], 0x2, 0x4048010)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000006c0)='fscache_resize\x00', r7, 0x0, 0x7fffffff}, 0x18)
sendmsg$nl_generic(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)=ANY=[@ANYBLOB="140000003800011b2c7c1602fadbdf2505000000"], 0x14}}, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511}) (async)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xe, 0x5, 0x4, 0x20006}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r8}, 0x0, 0x0}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r8, <r9=>0xffffffffffffffff}, 0x0, 0x0}, 0x20)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x100000, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r2, @ANYRES32=r10, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], 0x0, 0x8, 0xff8, &(0x7f00000010c0)=""/4088, 0x0, 0xa}, 0x94) (async)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r2, @ANYRES32=r10, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], 0x0, 0x8, 0xff8, &(0x7f00000010c0)=""/4088, 0x0, 0xa}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x3c756697f260f2c0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x9, 0x55, &(0x7f0000000180)=""/85, 0x41100, 0x32, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x5, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r11, 0x0, &(0x7f0000000980)=[r8, r8, r8, r8, r8, 0xffffffffffffffff, r8, r9, 0x1], 0x0, 0x10, 0x1}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x3c756697f260f2c0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x9, 0x55, &(0x7f0000000180)=""/85, 0x41100, 0x32, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x5, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r11, 0x0, &(0x7f0000000980)=[r8, r8, r8, r8, r8, 0xffffffffffffffff, r8, r9, 0x1], 0x0, 0x10, 0x1}, 0x94)
close(r3)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000006d00673c25bd7000ffdbdf2500000000", @ANYBLOB="119a040004e8020004003480140043"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r12 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x2261, 0x2}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r13, &(0x7f0000000100), &(0x7f0000000100)=""/13, 0x2}, 0x20)
getsockopt$bt_BT_SNDMTU(r12, 0x112, 0xc, 0x0, &(0x7f0000000180))
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)

680.34324ms ago: executing program 1 (id=3634):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00', @ANYRES16=r2, @ANYBLOB="010026bd70000400000005000000080009000200000008000c00a50a000008000b0000000000060001000700"], 0x34}}, 0x20)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)

653.877804ms ago: executing program 2 (id=3635):
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x80, 0x2, 0x0, @rand_addr=0x64010100, @remote}, @info_reply={0x10, 0x0, 0x0, 0x1000, 0x1000}}}}}, 0x0)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x14, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

624.295293ms ago: executing program 4 (id=3636):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="79129800000000006113280000000000bf2020000000000004000000080063033d030100000000009500003a000000006916000000000000bf6700000000000066060500fcff03006706000002000000760300000ee60060bf050000000000002c650000000000006507f9ff01000000070700004cdfffff1e75040000000000bf54000000000000070400000400f9ffad43010000000000d5000000000000000500000000000000950000000000000032410000000000000054bb12dc8c27df8ecfc7bdd2d17f2f1754558f22dd399703d6c4f6f3be0b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf7a13ba1fcf1111ce4fc0d742a81762bab8395fa64810b5b40d893ea8fe0ffffff7f1b546cad3f1d5af65706fd4f68795cce6cf16ab689b555202da2e0ec2871a51445dc8da39e5b0ab71ca9b901627b562ed84b026002d4519af619e3cca4d69e0dee080006774a8f3e691700ec88158f02001b0000c81c8b297dff0445a13d0045fb3cda32a673a6bb55d8c80800dce431e56723888fb126a1403d2b63f16fb2ad9bc117aba7cbebe174aba210d739a018f9bbec63222d20cedbc4d03723f1c932b3a6aa57f1ad2e99e0e67a993716d20000009f0f53acbb40b401e3738270b3156268784f2af9e4bcf8b07a10d6735154be1602f9dd1d7d4301e00000000000460bcc5989ec85e3cbcb6bcfaf0000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d0861cd64722cf74686ebfbe2562671cd47840f81d2a8f8f9be3bcd19dc6840aa7afaab43176e65ec1118d50d1e80100008000000000887a5ad103649afa17690884f800031e03a651bb96589a7eab049b1bd47287cd31cc43ea0ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f37ca363f601ae899a56715a0a62a26a0f6a5480a55c22fe394ae0000000000000000000000000000437d57defb79ea000500000000000000000000f014a4a318ba48d35ae9f438000000000000db894b62a614cb1fdd46619c5d2200000000000700000000000000000000006dcd2f421400f69947e4f26e099c9e8369080663c909b7e7c87e3b5e8e5a6df77c8f7338cd5a85f211a41b5d529d4243e47d7ab0d5991756b59d363ba30b18fc2ff189a4e8db38ab97c6a125e2785619e84c6a2b50f0e3ff83ef5149aff43dc899fdebdc2c496e6bdd4dd4d21f06fe133f4444272c5f0839ad663100452a6c6b6421f7e89a33b339401eee2cd466ab2a93a1ee7fb8a9e455ba1c6e17b02a1cd7bf35d36cf5b2a0f063469ae0d0b9fc042b48e98626eb0f9754d8cbbefa3079fe63063047baff09e9aaf7600000fba9a88db9ebef86f7cb522a784bb6d37e5f802757a15c6735138b493db9df53440a63fc565a0b190a710ae1e6807cbeb415ac841e94b706974160a60a14e571274f333d23186143b95514c79b50994cb39cda343bda8f01cf8ec7cdfdace0289e83ce50a57d69bfecfaf69fe7ff5b0375a47d3eb57b41d8a0589b82a1cf1149ba3f21ea2b65433321eb1a6f04ecc713c2b26d27baa49e54c2babec86335b9f418b5a5eb997bc9dd65197124b9aa80fc4aa8defb986bf05c41b919886bb81ecd3d24cf9ecc7004000000000000002c70d32f5d55ef2a2cf7560cb2884f46a92b3c25550f73e407fc5d514b2b7a6b690e290e676266addb7d96e723dec9c418eec8c48dffb6f432b4d5fef16e4f0051ba7efc690022c3f62b37cb5682d8bfdfc637ad3bf089ef0117bcd395322fcfb8e8e0a6e2babceb5f289b1d991770681192bcd0b584c3497e455f30ab918a690514a87a7d8e1d5f169a4e680e9c390071d26f2e0e26fc062f2785f14c0404fe01fb4000000000000000577dcb1698a9021a36d73ed03651c1937b2c84046023a1a0a87b208e33ad2d7c2892b176877264e1d699b7401eb917b289f6f67060fda0fa44b54bd87517a2bf09dba7209e41db4288b61bda5960952c45e5c55f2cd68bf9c6ff33e46109584bf42e8696ef1876564fef6f24cbbed0db8ab7fda1ffcc8c9fd4ab2cbe8f8df8e5535b12a942a948eacdaf308d48932064cfc3329da74f6f3e4409d6764a29680e312bf1a0143180e6493c9201ea916e6c9b2566c558ad88d9f7c0aebf82f5807eecefa97ada9bbd9e478e5d7748ee188bc719ca7a73dce5b6758a767c4c6b7572ab25eb2d73986379d5685cb438fe7091d097cc8f33fc0f83dee76603d6580f1c8fc4c37efd305ccc5a25678180425718bb9344e60dda8dae2677bb602d29aa0810616a2fdbca7020d72291b592b84223e2522ee01f5bdaa0fc4eb8d71d948a2baccf3ea2aa79d4d9069d8c0000000000000000000000321cd67859b4567badee56f158406f08683bdc5ffe2dedc916000c71f922fa2dfead7535999436a4aeb908781893479319b8b55e00d90ae6f09f06be2a0fc0bc17bef53331208112a0132350c0c5dd4607547079acc9471300dea6ae01742dccdae69f932cef80bca1bfcb57b9c852cf8358a580044772a80f20de36f707385380155be8907029d039a1d1447fc06b7020221e0d439f3f47edcf12f913dc8b6389a540340ae37804728ea65352e630c2e90424d58d72fdc1b28403e1dc7aad238b81df3b2d4166d656c6a9c73554bdf4f7312a4c0271e0eb45b4a596b7fa928ac3683f09fdaca46226c1df2c6c866cb4412d17d3d52c38cf0f7bd3b0eea2d4e06d061bb1b7c8c52f37f4036932d00028abd4527f5649bd60df638596fd639d7b16860033754ab13419429e5e39f290751ab6bd9392aef5519cd8c16e1f1cb1f225cc84a1a62497c1e436142fe28048a2b4d133905814a1808bc5b3e45eaa9eaebd946bee806968aeeb5a9eed87eba3d25d0b412a1b4cf2d419a58b09fc275c4395a0bd332eb538321465043e5967dd22459d0f52190a37f93ab823431a81fa6f54de61637fd473e19a6f567fead100e7d8cac149b66ebe9973af846146c62065a64854ed21e8b6f6fbe78474b753915a42efcb7da8ad18bacff8d69e0af1ca1f8174530a21820738412b100b54ee9b4a0dc22d5fe1cadecaea73fbfad087b19ce53177488d230539c5174f572a539d9d7c42698aa82bccf030ad393f25c10baa17e919f647d0e31877b7a6c1d8d86583f884a0c1da07b9b6dced06cdeb0094aa635a82f233b5993926b8970a0840ba116a7d20a40efb3bd03c4bdf380a2510a0a1ea69811ded68943c71218b42783b38959753978f222e1396b9b36dee2ce205122a000577cab29f48bff4f88c417e6bf5fb430d925596f29aca8677ca5a113aeaa5e0252ca17244d6c76e78ff1bbd81a71c4dfc72431d7f1126f8bdbf4056ee0f58a1bf83d53b1de07489541182dc4ee0f573c25b6c15dad930bc7a770b5a4f407d7a879db7185f15f80100000000000000739cc97db66ec6b925955d9a591808947fdd8d484ad27353230a449fdf87fc46c73b852fec931cfb6718acf3315bf5e577d00beb77c5514bc05d576a81345a03ad7aae74c5d2b77d45718348aed4fcbcd1441ff31b8f038824a989a9446a4a69367b228b3d174230b7320fc4d3c03368db573816dd0c04e65d6f8ce48283e76abdddbb965e0b2568e93c9cc5494a55421793f562c50c53f876cbde93c5cc7a3099c99d9775af010ba093f8a13b771782a3cfb24fbde6ef763e20c613164ab014d1906c4e098f1431b6b2886a155c4bac2911d7ee6a646f5913205ebd175e68975b93c330e4f9131788026b3b7cd5b6452c9e17452ac70000000000000000000000c71185f72436640fd4294fc3da230f9065095be47d7a848df12316c3c8b184fe110b061987fd79cf7d83443e69d08e2e839ae4fbe26ef7764f4870ef3bd0ec12eb45f60ca10dbfe329271f0bc93b28798e982e0dd32fc14bd4313c63b2dbb568f33fb45acad2dc7f438ea162c0709c0bbe1ea13e1e47399286e8143f400d7adf5f69e455706626814ee49274667f47769293451fd49885a152b8d2cf18febc7993f4a93893c6c7b7e46a230359ef2443e6bb9f50bb0faa5eaafd3ed6d551600c46b58a29fd7ccbbb0616f0be27302b683eccd742791d97f4a1daa0447f004426fd09b67d926f51525da63987bc73af35b28277879089b89fff6edab2fa1caf660a46a1a9f09e2d095b1c4be95c7c33dc81857f580e36c0a78d94dd879ee18de4a6475858d2ded2e3427ae007cc6f8e5e99aa146667f71ad83f3ddcf5db2dc396d7da499b65cd98125f20c284fc84d6a70be1de44b49c82022225292199c75cc26beab98dce4c331ed722f01d0d6314a72416814a565f4d90a5f8a255810f23541082f4b06f451e4724cd882f4d589600000000005854ca490d7df9cc293547c9a51aecc7a92f417f6a4d327737f1b198252358832dbe43507844a0cc112af4ce457c173fa64174ffd5ab9501eeb85508ebb60e169c0736c5960f2fe08735d6a7aa7c1f4a6433e77d3e547bbe6cf5b5d93a491ab4bba1ea7a1e6f37618b1d74cff3630d85a210092211be1ec12a30891eef590b19cdde055d626818c64e1c56b8918f33441a64b54946571b7bc70fb065d3bb1647f6f989ab8159e6d1cfa6c0ec7329d7d2263ca22144bf17d8692f03b592bd0f610096094da096233984e95b9a8216a6e60a104ae0bb5f77ac70b4390ea2cb6f6c40c928fae489f447240a25fd0a5bd9d5b6cd2a98f8804862922c11229c4e45c765e4d3348af3d3aadd5cc24b39437f1ea2df0000000000000000000000000022b90d93a267f3af4e02606f0ce6c2ffc4cab575a09d6e625f3248689005eb4a9c8df3c67e6b2b759cab3a7bedf1b927cd8ba6d13b3e7d7279515e3d6d20"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, 0x0, 0x0)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}, @val={@void}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x4}}}}}}}, 0x0)

507.847255ms ago: executing program 1 (id=3637):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000540)='io.stat\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xa79bbc92da6cc2a0, 0x11, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@alu={0x7, 0x0, 0x0, 0xa, 0x0, 0xfffffffffffffff0}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000400)='syzkaller\x00', 0x4, 0x6c, &(0x7f0000000440)=""/108, 0x40f00, 0x2a, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x1, 0x7, 0x8, 0x1ff}, 0x10, 0x0, 0xffffffffffffffff, 0x6, &(0x7f0000000580), &(0x7f00000005c0)=[{0x1, 0x4, 0xf, 0x2}, {0x5, 0x3, 0x3, 0xb}, {0x5, 0x5, 0x7, 0x5}, {0x1, 0x5, 0x1, 0x8}, {0x2, 0x5, 0xc, 0x3}, {0x2, 0x3, 0x3, 0x9}], 0x10, 0x9}, 0x94)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x8000)
close(0x3)
r3 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000040)={0x1d, r4, 0x8000000000000003}, 0x18)
close(0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60, 0x0, 0x0, 0xb100}, {}, {0x3, 0x20}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000001440)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000100)={0x1d, r6, 0x0, {0x1, 0x1, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)
readv(r5, &(0x7f00000009c0)=[{&(0x7f0000000380)=""/63, 0x3f}, {0x0}], 0x2)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x118, 0x0, 0x0, 0x0)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x40000003, 0x0, 0x400c)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
r7 = socket(0x2a, 0x3, 0xff)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x4000002}, 0x1c)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000180)={'geneve1\x00', {0x2, 0x4e21, @rand_addr=0x64010102}})
getsockopt$sock_buf(r3, 0x1, 0x1c, &(0x7f0000000200)=""/214, &(0x7f0000000300)=0xd6)
syz_emit_ethernet(0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbffffffffffff86dd697a262d00383afefe8000000000000000000000000000aaff020000000000000000010200907800000000000000002000ff00ff010000000000000000000000000001fe8000000000000000000000000000aa84000a38650000005339737b455c79ef26c20dac3e035d559f8c7904"], 0x0)

507.499857ms ago: executing program 2 (id=3638):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}, @val={@void, {0x8111}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x4}}}}}}}, 0x0)

435.045436ms ago: executing program 0 (id=3639):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000000000029000000", @ANYRES16=r0], 0x18}, 0x40c0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x5, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d1000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003100000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)

421.351258ms ago: executing program 4 (id=3640):
syz_emit_ethernet(0xf80, &(0x7f0000001180)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf4a, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @local, {[@routing={0x84}], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c"}}}}}, 0x0)

360.386988ms ago: executing program 2 (id=3641):
r0 = socket$kcm(0x2d, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
epoll_create1(0x80000)
listen(r1, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
socket(0x2, 0x80805, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0x14, 0x6, 0x1, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0xf}}}}}}}, 0x0)

329.876209ms ago: executing program 0 (id=3642):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)

292.85779ms ago: executing program 2 (id=3643):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="0000000000000000b70800000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000440), 0x10)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

283.394692ms ago: executing program 4 (id=3644):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0a41, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002})
write$tun(r1, &(0x7f0000000240)={@val={0x0, 0x18}, @val={0x3, 0x1, 0x3, 0x6b2, 0xc4, 0x10}, @ipv4=@tcp={{0x5, 0x4, 0x3, 0x4, 0xd8, 0x65, 0x0, 0x9, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x1, 0x0, 0x1d, 0x80, 0x7, 0x0, 0x9, {[@mptcp=@remove_addr={0x1e, 0x59, 0x6, 0x0, "3bcc55e2fb4b662a463b24b28a4fafb428a89d60f9547d33690c48bf9581455479f14cea31faf5212327c508ed14d3cc9f1b20adaecc3b4c664e61295f92adc7b03928e6f24a8ee8e299effe97537d57096d808d21b4"}, @exp_fastopen={0xfe, 0x4}]}}, {"13d3b3875dfd9a3f6328f33f09ceec09986b30406704e2560f04592cb4869c77658fcb3eca004c77b183c5840dbb0fd30bcd067737d3f07dff1755aac0e628d921d141b089c15306c066b177aab800b1"}}}}, 0xe6)
sendmsg$inet6(r0, &(0x7f00000008c0)={&(0x7f0000000200)={0xa, 0x4e26, 0x336, @mcast1, 0x7e}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000000001adc251fe80a26488f2b6100002900000e00"], 0x32}, 0x20008009)

224.33663ms ago: executing program 1 (id=3645):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@bridge_delneigh={0x1c, 0x1d, 0x200, 0x70bd2a, 0x25dfdbfc, {0x7, 0x0, 0x0, r1, 0x4, 0x2, 0x4}}, 0x1c}}, 0x0)
syz_emit_ethernet(0x6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="bbcbbbbbbbbb4aa468739b8508060001080006040001da82ce4f59beaaaaaaaaaaaa0a010100573303"], 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="34000000100039c1b730d03b3454acf16dbbb0b7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b000100697036746e6c000004000280"], 0x34}}, 0x0)

180.802252ms ago: executing program 0 (id=3646):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000100)=0x2a5d, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x200000000000005e)
sendto$inet(r0, &(0x7f00000007c0)="25d7fe75fa3496bb8e75411fe8ffffffffffffff000000000020ded4", 0x1c, 0xe044, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)

155.910444ms ago: executing program 2 (id=3647):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x1, 0x4)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000140)={@dev, @rand_addr, @empty}, &(0x7f0000000240)=0xc)
sendto$inet6(r0, &(0x7f0000000400)="b3", 0x1, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000b00)=""/241, 0xf1}], 0x1}, 0x10122)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r2, 0x0, 0xf69}, 0x18)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

137.995252ms ago: executing program 3 (id=3648):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa595b49a5eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc4ee8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000050000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="080026009015000008005700"], 0x2c}}, 0x0)

88.535919ms ago: executing program 0 (id=3649):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe6, 0x847b023adc5ee2e2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0xd, 0x20000271, &(0x7f0000000400)=ANY=[@ANYBLOB="d3cdda88d84ed59412f2670053a1de76a7d00f6135f09478e1c20fce53b07b16f4f6182283c27ea44df0327e864e43bc2622ff1302bc5d414d1ab8fceca04f7a8f06b6597b7cdf645df5ad0c80b5c5afda", @ANYRESOCT, @ANYRES8=0x0, @ANYRESHEX=0x0, @ANYRESHEX], &(0x7f0000000340)='syzkaller\x00', 0x7, 0x8, &(0x7f0000000300)=""/8, 0x0, 0x24, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000a80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x2}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x14}}, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000040)=0x8, 0x4)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
connect$unix(r1, &(0x7f0000000100)=@abs={0x27}, 0x6e)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x3, {{0x1, 0x4}, 0xffffffff}}, 0x10)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
unshare(0x22020600)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000020c000440000000000000000234000000030a01020000000000000000010000000900030073797a310000000008000a40000000042900010073797a31000000002ce4ff00050a01020000000000000000010020020c00024000000000000000010900010073797a3000000000140000001100010000000000000000000500000a56af7df304ed5f8d4537fa128a466e22ec78811279139d2226d8cbc3dc9c15ea3dfa7922c5ac237d4f1bdd5a6943d6aea3f76bb38c654cf1223d7f337e2f049f80a57b7dd4e841a460302e77aecc8bcdcb82276c80c18a8524cdadc3c6d9879fb24ce89e1b315910a0e5bf72ee2ee5f9d90c415f55f0e4b8f2e4e1234810597bc97570b8369e3c3edfd216c879764de8ea6b35ed96c51cc1ea8cce5eeaaed8b3c115ad6324ad1f942649bf976ebf536260fe30f6c4937483a2ce6d9cf83dfc0f14a67006dc559aeb13a9de9aa9329428bd1ef53d546820ba0f5187e908dcc1edf8ccdf9bc219193aa4011bfed5341233ff7123fb4b4a79b4284a39b16987a0f56f51498ba74ceb39326c5db3d8a32579e078600e90e3a1c57a34d383d3"], 0xa8}}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r6, 0x10e, 0x8, &(0x7f0000000100)=0x9, 0x4)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), 0xffffffffffffffff)
write(r5, &(0x7f0000000580)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
recvmmsg(r5, &(0x7f0000005180), 0x400000000000166, 0x1a000, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={0xffffffffffffffff}, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'batadv_slave_0\x00'})
accept4$ax25(r5, &(0x7f0000000500)={{0x3, @null}, [@remote, @null, @bcast, @null, @rose, @remote, @default, @netrom]}, &(0x7f00000003c0)=0x48, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25017c0000100036800c00020004000000000000000c00018006000600803500"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
ioctl$sock_netdev_private(r3, 0x8914, &(0x7f00000005c0)="59c18d212f38c47bb6929163acd123b17e2792aa4247660347f7582014fee2590a1573219d1185d0b46572096c30cd5de38c5037f95ef32307b6cd7506c1e84ce2bf45e6d13548264b96bed81f239882328c9bc7f0c44d659f38eb6782dd1caf71f1dfa6648a2c4b159fffa2d9c29eca74e1489593385679140c584068f49b82c708e624a2069b5918cf73fe0852")
r8 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCDELRT(r8, 0x890c, &(0x7f00000000c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @null, @bpq0, 0x1, [@bcast, @bcast, @default, @null, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]})

7.190142ms ago: executing program 4 (id=3650):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000180)={'gre0\x00', &(0x7f0000000100)={'gre0\x00', <r4=>0x0, 0x8000, 0x1, 0x2, 0x3, {{0x13, 0x4, 0x1, 0x6, 0x4c, 0x66, 0x0, 0x4, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x35}, {[@timestamp_prespec={0x44, 0x34, 0x64, 0x3, 0xf, [{@rand_addr=0x64010102, 0x9}, {@empty, 0xfffffffe}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xd}, {@multicast1, 0x80000000}, {@loopback, 0x8}, {@dev={0xac, 0x14, 0x14, 0x34}, 0x7}]}, @noop]}}}}})
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r3, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x44, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000e80)=@raw={'raw\x00', 0x8, 0x3, 0xa50, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x980, 0xffffffff, 0xffffffff, 0x980, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @dev={0xfe, 0x80, '\x00', 0x40}, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x73, 0x0, 0x0, 0x45}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x43}}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, [], [0x0, 0xffffffff, 0xff000000], 'wg1\x00', 'gre0\x00'}, 0x0, 0x888, 0x8b0, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x7fff, 0x1}, {0x4, 0x3}, {0xfffff7ec, 0x1}, {0xfff, 0x1}, {0x5, 0x2}, {0xb34c, 0x3}, {0x2}, {0xe48b, 0x2}, {0x101, 0x2}, {0x5, 0x2}, {0x5}], [{0x400}, {0x6, 0x8001}, {0x401, 0x40}, {0x7fff}, {0xffffc1b1, 0x32de}, {0xfff, 0x8}, {0x2, 0x9}, {0x1, 0xbbca}, {0x83, 0x1}, {0x5, 0x7}, {0x3}], 0x1, 0x7}, {[{0x9, 0x3}, {0x6, 0x3}, {0x4, 0x3}, {0x1, 0x2}, {0x9}, {0xfffffffa}, {0x0, 0x2}, {0x80000000, 0x3}, {0x80000001}, {0x8001, 0x2}, {0xff, 0x3}], [{0x7, 0x5}, {0x3, 0x6b6}, {0x4, 0x400}, {0x3}, {0x4, 0xfff}, {0x3ff, 0xe5d7}, {0x6, 0x3ff}, {0xa78, 0xffffffff}, {0xa9e1, 0x3}, {0x8, 0x1000}, {0xc7, 0xf385}], 0x6, 0x3}, {[{0x101, 0x2}, {0x9}, {0x1e, 0x3}, {0x2, 0x3}, {0x48, 0x2}, {0x9, 0x2}, {0x1, 0x2}, {0x7, 0x2}, {0x9}, {0x400007, 0x1}, {0x0, 0x3}], [{0xfffffffb, 0x5}, {0x8, 0xa17}, {0x80, 0x4}, {0x8}, {0x3, 0x7}, {0x5e18, 0x7}, {0x4, 0x101}, {0x7, 0xfff}, {0xd, 0x7f}, {0x2, 0x2}, {0xfb3, 0xa94}], 0xb, 0x4}, {[{0x8, 0x1}, {0x4, 0x2}, {0x4e, 0xc781c4f1f9c1fa4f}, {0x8, 0x1}, {0x4e5, 0x2}, {0x3, 0x3}, {0x6, 0x1}, {0x7, 0x1}, {0x5, 0x2}, {0xfff}, {0x4, 0x1}], [{0x9, 0x8001}, {0xfffe, 0x4}, {0x7fff, 0xf}, {0x66d, 0x9}, {0x92, 0xb}, {0x3, 0x6}, {0x7, 0xfff}, {0x1, 0xff}, {0x4b, 0xfffffffe}, {0x0, 0x8}, {0x1, 0xff}], 0xa, 0x20}, {[{0x5, 0x2}, {0x7a3, 0x2}, {0x1, 0x3}, {0x100, 0x3}, {0x40}, {0x8d, 0x1}, {0x8, 0x3}, {0x9, 0x3}, {0x8, 0x2}, {0x1, 0x1}, {0x7}], [{0x854f, 0x6b}, {0x7, 0x7}, {0x6, 0x80}, {0x3, 0xffc00000}, {0x4007}, {0x3, 0x6}, {0x2, 0xf17}, {0x25, 0x401}, {0x200, 0x84b}, {0x7fff, 0x80}, {0x3, 0x1}], 0x4, 0x8}, {[{0xc3d, 0x147d12363fe5c40a}, {0x64, 0x1}, {0xf, 0x3}, {0x5, 0x1}, {0x7fffffff, 0x2}, {0x5}, {0x2af0, 0x1}, {0x1bd6, 0x2}, {0x1}, {0x7, 0x1}, {0x7, 0x2}], [{0x92b, 0x1ff}, {0x1, 0xf458}, {0x5, 0x3}, {0x84, 0x1}, {0xe923, 0x7fff}, {0x4, 0xe}, {0x3, 0x6}, {0xad3f, 0x59f}, {0x4, 0xfffffffc}, {0x6}, {0x5, 0x6f}], 0x9}, {[{0x8}, {0x2f, 0x1}, {0x7, 0x1}, {0x0, 0x2}, {0x3, 0x3}, {0x0, 0x1}, {0x1, 0x3}, {0x8, 0x3}, {0x7}, {0x5}, {0x2, 0x3}], [{0x101, 0x80000000}, {0x1, 0x9}, {0x40, 0xff}, {0x4, 0x2}, {0x5, 0x6}, {0x2, 0x5}, {0x0, 0x3}, {0xe, 0x5}, {0x6, 0x1ff}, {0xc, 0x7}, {0x1, 0x4}], 0xb, 0x7}, {[{0x8c, 0x1}, {0xd}, {0x10002, 0x2}, {0x8, 0x2}, {0x3, 0x3}, {0x0, 0x3}, {0x1ff, 0x1}, {}, {0xc, 0x1}, {0xf0f}, {0xf629}], [{0x4, 0x5}, {0x35f7, 0x1}, {0x401, 0xf6}, {0x94, 0xd16}, {0x8, 0x5}, {0x35, 0x4929}, {0x8001, 0x5}, {0x1000, 0x9}, {0x9f, 0x65}, {0x9, 0x4}, {0x9, 0xf0a9}], 0x1, 0x4}, {[{0x9, 0x1}, {0x9}, {0x7, 0x1}, {0x4, 0x4adbb8db8b6f3087}, {0x3}, {0x103, 0x3}, {0x7ff}, {0x7, 0x1}, {0x10000, 0x3}, {0x0, 0x2}, {0x80000000, 0x1}], [{0xf767, 0x8}, {0xc, 0x5}, {0x9, 0x8}, {0x6, 0xb23}, {0x101, 0x5}, {0xfffffff7, 0xb98}, {0x10001, 0x8f}, {0x9, 0xa83}, {0xd, 0x1}, {0x4, 0xe00}, {0x7, 0x444}], 0x6, 0x4}, {[{0x2, 0x3}, {0x2}, {0x26914786, 0x3}, {0x3}, {0xd7f, 0x1}, {0x7fffffff}, {0xf}, {0x4, 0x2}, {0x8, 0x1}, {0x4, 0x3}, {0xe, 0x1}], [{0xb59, 0x6}, {0x4, 0x70c063f5}, {0x2, 0x7}, {0x5, 0x6}, {0x10000, 0x872}, {0x6, 0x8}, {0xffff, 0x7}, {0x7, 0x4}, {0x6, 0x10}, {0xfff, 0xa}, {0x81, 0x4}], 0xb, 0x4}, {[{0x200, 0x1}, {0x2, 0x1}, {0xa, 0x1}, {0x3ff, 0x1}, {0x7}, {0x1, 0x2}, {0x6, 0x3}, {0x7}, {0x92, 0x3}, {0x6, 0x1}, {0x7fffffff, 0x2}], [{0x3, 0xbbb9}, {0x4, 0x400}, {0xdec, 0x9}, {0x7, 0x1d}, {0x0, 0x9a}, {0x1, 0x7}, {0x1, 0x10f583}, {0x4, 0x9f}, {0x2, 0x4}, {0x5, 0x7}, {0xfff, 0x1}], 0x5, 0x7}], 0x4, 0x1}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x8, 0xff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0xab0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}}, 0x4010)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r6, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, r8, 0x0, 0x2, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004a40)=ANY=[@ANYBLOB="c0260000410007010000000007000000027c00000400fc80a72601"], 0x26c0}}, 0x4010)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000000000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

4.40306ms ago: executing program 1 (id=3651):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x8804, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xc3}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

0s ago: executing program 3 (id=3652):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x1ff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=@updpolicy={0xc0, 0x19, 0x1, 0x70bd29, 0x25dfdbfe, {{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x3, 0x0, 0x2, 0xfffffffffffffffd}, {0x0, 0x5, 0x6}, 0x0, 0x0, 0x1, 0x0, 0x2}, [@XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x5}]}, 0xc0}, 0x1, 0x0, 0x0, 0x24008040}, 0x8000)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x56, &(0x7f0000000400)={@local, @random="df00004000", @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0x7, 0xa2, [@broadcast]}, @timestamp={0x44, 0x10, 0x5, 0x3, 0x0, [0x10000, 0x0, 0x0]}, @cipso={0x86, 0x6, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000180)=0x10, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a300000000048000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000210c00098008000140ff"], 0x90}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x9, 0x3, 0x238, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x1a0, 0xffffffff, 0xffffffff, 0x1a0, 0xffffffff, 0x3, &(0x7f0000000200), {[{{@uncond, 0x0, 0xb0, 0x110, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x3, 0x3, 0x4, 0x4, 0x4, 0x4], 0x1, 0xc35e26e2184081db}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @random="07b467a3267e", 0x8, 0x5, [0x34, 0x18, 0x3c, 0x31, 0x28, 0x31, 0x6, 0x3e, 0x1a, 0x37, 0x4, 0x3, 0x20, 0x15, 0x15, 0x36], 0x2, 0x1400000, 0x10}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x1f}, @local, 0x0, 0xff, 'geneve1\x00', 'batadv_slave_0\x00', {0xff}, {}, 0xff, 0x1, 0xa}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x100000000)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close(0x3)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0xf, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
socket(0xf, 0x803, 0x0)

kernel console output (not intermixed with test programs):

0.295550][T14587]  ? clear_bhb_loop+0x60/0xb0
[  310.295574][T14587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.295593][T14587] RIP: 0033:0x7ff91918ebe9
[  310.295612][T14587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.295630][T14587] RSP: 002b:00007ff919fdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  310.295651][T14587] RAX: ffffffffffffffda RBX: 00007ff9193b5fa0 RCX: 00007ff91918ebe9
[  310.295666][T14587] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  310.295677][T14587] RBP: 00007ff919fdf090 R08: 0000000000000000 R09: 0000000000000000
[  310.295687][T14587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.295699][T14587] R13: 00007ff9193b6038 R14: 00007ff9193b5fa0 R15: 00007ffc2e46e508
[  310.295731][T14587]  </TASK>
[  310.548046][T14590] FAULT_INJECTION: forcing a failure.
[  310.548046][T14590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.561192][T14590] CPU: 1 UID: 0 PID: 14590 Comm: syz.3.3052 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  310.561222][T14590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  310.561232][T14590] Call Trace:
[  310.561239][T14590]  <TASK>
[  310.561245][T14590]  dump_stack_lvl+0x189/0x250
[  310.561271][T14590]  ? __pfx____ratelimit+0x10/0x10
[  310.561294][T14590]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.561314][T14590]  ? __pfx__printk+0x10/0x10
[  310.561338][T14590]  ? __might_fault+0xb0/0x130
[  310.561371][T14590]  should_fail_ex+0x414/0x560
[  310.561396][T14590]  _copy_from_user+0x2d/0xb0
[  310.561416][T14590]  ___sys_sendmsg+0x158/0x2a0
[  310.561436][T14590]  ? __pfx____sys_sendmsg+0x10/0x10
[  310.561483][T14590]  ? __fget_files+0x2a/0x420
[  310.561497][T14590]  ? __fget_files+0x3a0/0x420
[  310.561520][T14590]  __x64_sys_sendmsg+0x19b/0x260
[  310.561539][T14590]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  310.561564][T14590]  ? __pfx_ksys_write+0x10/0x10
[  310.561591][T14590]  ? do_syscall_64+0xbe/0x3b0
[  310.561619][T14590]  do_syscall_64+0xfa/0x3b0
[  310.561642][T14590]  ? lockdep_hardirqs_on+0x9c/0x150
[  310.561665][T14590]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.561681][T14590]  ? clear_bhb_loop+0x60/0xb0
[  310.561701][T14590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.561717][T14590] RIP: 0033:0x7f5d3418ebe9
[  310.561732][T14590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.561746][T14590] RSP: 002b:00007f5d35043038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  310.561763][T14590] RAX: ffffffffffffffda RBX: 00007f5d343b6090 RCX: 00007f5d3418ebe9
[  310.561775][T14590] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  310.561785][T14590] RBP: 00007f5d35043090 R08: 0000000000000000 R09: 0000000000000000
[  310.561795][T14590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.561805][T14590] R13: 00007f5d343b6128 R14: 00007f5d343b6090 R15: 00007ffd913a3d08
[  310.561830][T14590]  </TASK>
[  310.915939][T14513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.998123][T14513] team0: Port device team_slave_0 added
[  311.012668][T14513] team0: Port device team_slave_1 added
[  311.136952][T14513] batman_adv: batadv0: Adding interface: batadv_slave_0
[  311.150969][T14513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.215791][T14513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.243657][T14607] netlink: 'syz.3.3059': attribute type 1 has an invalid length.
[  311.258042][T14513] batman_adv: batadv0: Adding interface: batadv_slave_1
[  311.270163][T14513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.304518][T14513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.352333][T14607] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3059'.
[  311.395247][T14611] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  311.555708][T14513] hsr_slave_0: entered promiscuous mode
[  311.570742][T14513] hsr_slave_1: entered promiscuous mode
[  311.577899][T14513] debugfs: 'hsr0' already exists in 'hsr'
[  311.583669][T14513] Cannot create hsr debugfs directory
[  311.618524][T14618] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3062'.
[  311.677993][ T5867] Bluetooth: hci1: command tx timeout
[  311.800708][T14620] netlink: 9896 bytes leftover after parsing attributes in process `syz.4.3063'.
[  311.866860][T14622] FAULT_INJECTION: forcing a failure.
[  311.866860][T14622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.917100][T14622] CPU: 1 UID: 0 PID: 14622 Comm: syz.0.3064 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  311.917130][T14622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.917143][T14622] Call Trace:
[  311.917150][T14622]  <TASK>
[  311.917164][T14622]  dump_stack_lvl+0x189/0x250
[  311.917214][T14622]  ? __pfx____ratelimit+0x10/0x10
[  311.917243][T14622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.917268][T14622]  ? __pfx__printk+0x10/0x10
[  311.917310][T14622]  should_fail_ex+0x414/0x560
[  311.917343][T14622]  _copy_to_user+0x31/0xb0
[  311.917369][T14622]  simple_read_from_buffer+0xe1/0x170
[  311.917404][T14622]  proc_fail_nth_read+0x1b3/0x220
[  311.917431][T14622]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  311.917458][T14622]  ? rw_verify_area+0x2a6/0x4d0
[  311.917483][T14622]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  311.917508][T14622]  vfs_read+0x1fd/0xa30
[  311.917540][T14622]  ? do_raw_spin_unlock+0x122/0x240
[  311.917568][T14622]  ? __pfx_vfs_read+0x10/0x10
[  311.917594][T14622]  ? __udp_disconnect+0x3a2/0x570
[  311.917627][T14622]  ? __sys_connect+0x339/0x440
[  311.917660][T14622]  ? __pfx___sys_connect+0x10/0x10
[  311.917697][T14622]  ksys_read+0x145/0x250
[  311.917727][T14622]  ? __pfx_ksys_read+0x10/0x10
[  311.917750][T14622]  ? rcu_is_watching+0x15/0xb0
[  311.917777][T14622]  ? do_syscall_64+0xbe/0x3b0
[  311.917811][T14622]  do_syscall_64+0xfa/0x3b0
[  311.917845][T14622]  ? lockdep_hardirqs_on+0x9c/0x150
[  311.917873][T14622]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.917893][T14622]  ? clear_bhb_loop+0x60/0xb0
[  311.917918][T14622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.917938][T14622] RIP: 0033:0x7fdba878d5fc
[  311.917956][T14622] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  311.917974][T14622] RSP: 002b:00007fdba9574030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  311.917995][T14622] RAX: ffffffffffffffda RBX: 00007fdba89b5fa0 RCX: 00007fdba878d5fc
[  311.918011][T14622] RDX: 000000000000000f RSI: 00007fdba95740a0 RDI: 0000000000000005
[  311.918024][T14622] RBP: 00007fdba9574090 R08: 0000000000000000 R09: 0000000000000000
[  311.918037][T14622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.918049][T14622] R13: 00007fdba89b6038 R14: 00007fdba89b5fa0 R15: 00007ffdda6114b8
[  311.918082][T14622]  </TASK>
[  312.258467][T14626] netlink: 'syz.2.3066': attribute type 22 has an invalid length.
[  312.278686][T14626] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3066'.
[  312.391206][T14632] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3069'.
[  312.422535][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a37d000: rx timeout, send abort
[  312.656075][T14643] syz.3.3074 uses old SIOCAX25GETINFO
[  312.767967][T14513] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  312.785383][T14513] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  312.802819][T14513] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  312.827218][T14645] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  312.847405][T14645] syzkaller0: entered promiscuous mode
[  312.853230][T14645] syzkaller0: entered allmulticast mode
[  312.915806][T14513] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  312.922598][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a37cc00: rx timeout, send abort
[  312.932095][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a37d000: abort rx timeout. Force session deactivation
[  313.008596][T14644] tipc: Resetting bearer <eth:syzkaller0>
[  313.080394][T14644] tipc: Disabling bearer <eth:syzkaller0>
[  313.206365][T14655] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3077'.
[  313.230933][T14655] FAULT_INJECTION: forcing a failure.
[  313.230933][T14655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.280743][T14655] CPU: 1 UID: 0 PID: 14655 Comm: syz.2.3077 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  313.280774][T14655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  313.280787][T14655] Call Trace:
[  313.280795][T14655]  <TASK>
[  313.280805][T14655]  dump_stack_lvl+0x189/0x250
[  313.280835][T14655]  ? __pfx____ratelimit+0x10/0x10
[  313.280864][T14655]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.280889][T14655]  ? __pfx__printk+0x10/0x10
[  313.280918][T14655]  ? __might_fault+0xb0/0x130
[  313.280960][T14655]  should_fail_ex+0x414/0x560
[  313.280993][T14655]  _copy_from_iter+0x1db/0x16f0
[  313.281026][T14655]  ? policy_nodemask+0x27c/0x720
[  313.281055][T14655]  ? __pfx__copy_from_iter+0x10/0x10
[  313.281083][T14655]  ? set_page_refcounted+0xa0/0x1e0
[  313.281112][T14655]  ? page_copy_sane+0x4e/0x280
[  313.281134][T14655]  copy_page_from_iter+0xdd/0x170
[  313.281161][T14655]  tun_get_user+0x1d7b/0x3e20
[  313.281199][T14655]  ? tun_get_user+0x6f6/0x3e20
[  313.281230][T14655]  ? aa_file_perm+0x44d/0x1550
[  313.281251][T14655]  ? __pfx_tun_get_user+0x10/0x10
[  313.281270][T14655]  ? _parse_integer_limit+0x1ae/0x1f0
[  313.281310][T14655]  ? __lock_acquire+0xab9/0xd20
[  313.281347][T14655]  ? ref_tracker_alloc+0x318/0x460
[  313.281374][T14655]  ? __lock_acquire+0xab9/0xd20
[  313.281406][T14655]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  313.281442][T14655]  ? tun_get+0x1c/0x2f0
[  313.281468][T14655]  ? tun_get+0x1c/0x2f0
[  313.281487][T14655]  ? tun_get+0x1c/0x2f0
[  313.281512][T14655]  tun_chr_write_iter+0x113/0x200
[  313.281547][T14655]  vfs_write+0x5c6/0xb30
[  313.281581][T14655]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  313.281619][T14655]  ? __pfx_vfs_write+0x10/0x10
[  313.281658][T14655]  ? __fget_files+0x2a/0x420
[  313.281690][T14655]  ksys_write+0x145/0x250
[  313.281729][T14655]  ? __pfx_ksys_write+0x10/0x10
[  313.281752][T14655]  ? rcu_is_watching+0x15/0xb0
[  313.281778][T14655]  ? do_syscall_64+0xbe/0x3b0
[  313.281813][T14655]  do_syscall_64+0xfa/0x3b0
[  313.281845][T14655]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.281864][T14655]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  313.281885][T14655]  ? clear_bhb_loop+0x60/0xb0
[  313.281911][T14655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.281931][T14655] RIP: 0033:0x7fe07018d69f
[  313.281950][T14655] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  313.281968][T14655] RSP: 002b:00007fe070f3a000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  313.281989][T14655] RAX: ffffffffffffffda RBX: 00007fe0703b5fa0 RCX: 00007fe07018d69f
[  313.282004][T14655] RDX: 0000000000000046 RSI: 0000200000000080 RDI: 00000000000000c8
[  313.282016][T14655] RBP: 00007fe070f3a090 R08: 0000000000000000 R09: 0000000000000000
[  313.282028][T14655] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[  313.282039][T14655] R13: 00007fe0703b6038 R14: 00007fe0703b5fa0 R15: 00007ffe3c841bf8
[  313.282073][T14655]  </TASK>
[  313.577195][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a37cc00: abort rx timeout. Force session deactivation
[  313.648721][T14513] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.673429][T14513] 8021q: adding VLAN 0 to HW filter on device team0
[  313.724435][T14665] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3078'.
[  313.792627][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.799924][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.854978][ T5867] Bluetooth: hci1: command tx timeout
[  313.907449][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.914745][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.193398][T14677] FAULT_INJECTION: forcing a failure.
[  314.193398][T14677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.222908][T14677] CPU: 1 UID: 0 PID: 14677 Comm: syz.2.3082 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  314.222941][T14677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  314.222954][T14677] Call Trace:
[  314.222962][T14677]  <TASK>
[  314.222971][T14677]  dump_stack_lvl+0x189/0x250
[  314.223002][T14677]  ? __pfx____ratelimit+0x10/0x10
[  314.223030][T14677]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.223054][T14677]  ? __pfx__printk+0x10/0x10
[  314.223083][T14677]  ? __might_fault+0xb0/0x130
[  314.223124][T14677]  should_fail_ex+0x414/0x560
[  314.223157][T14677]  _copy_from_iter+0x1db/0x16f0
[  314.223189][T14677]  ? policy_nodemask+0x27c/0x720
[  314.223217][T14677]  ? __pfx__copy_from_iter+0x10/0x10
[  314.223244][T14677]  ? set_page_refcounted+0xa0/0x1e0
[  314.223274][T14677]  ? page_copy_sane+0x4e/0x280
[  314.223296][T14677]  copy_page_from_iter+0xdd/0x170
[  314.223321][T14677]  tun_get_user+0x1d7b/0x3e20
[  314.223349][T14677]  ? tun_get_user+0x6f6/0x3e20
[  314.223377][T14677]  ? aa_file_perm+0x44d/0x1550
[  314.223398][T14677]  ? __pfx_tun_get_user+0x10/0x10
[  314.223416][T14677]  ? _parse_integer_limit+0x1ae/0x1f0
[  314.223455][T14677]  ? __lock_acquire+0xab9/0xd20
[  314.223492][T14677]  ? ref_tracker_alloc+0x318/0x460
[  314.223518][T14677]  ? __lock_acquire+0xab9/0xd20
[  314.223550][T14677]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  314.223585][T14677]  ? tun_get+0x1c/0x2f0
[  314.223610][T14677]  ? tun_get+0x1c/0x2f0
[  314.223636][T14677]  ? tun_get+0x1c/0x2f0
[  314.223672][T14677]  tun_chr_write_iter+0x113/0x200
[  314.223706][T14677]  vfs_write+0x5c6/0xb30
[  314.223737][T14677]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  314.223769][T14677]  ? __pfx_vfs_write+0x10/0x10
[  314.223806][T14677]  ? __fget_files+0x2a/0x420
[  314.223833][T14677]  ksys_write+0x145/0x250
[  314.223863][T14677]  ? __pfx_ksys_write+0x10/0x10
[  314.223889][T14677]  ? rcu_is_watching+0x15/0xb0
[  314.223916][T14677]  ? do_syscall_64+0xbe/0x3b0
[  314.223948][T14677]  do_syscall_64+0xfa/0x3b0
[  314.223974][T14677]  ? lockdep_hardirqs_on+0x9c/0x150
[  314.223999][T14677]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.224018][T14677]  ? clear_bhb_loop+0x60/0xb0
[  314.224043][T14677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.224061][T14677] RIP: 0033:0x7fe07018d69f
[  314.224078][T14677] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  314.224095][T14677] RSP: 002b:00007fe070f3a000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  314.224115][T14677] RAX: ffffffffffffffda RBX: 00007fe0703b5fa0 RCX: 00007fe07018d69f
[  314.224130][T14677] RDX: 000000000000003e RSI: 00002000000006c0 RDI: 00000000000000c8
[  314.224142][T14677] RBP: 00007fe070f3a090 R08: 0000000000000000 R09: 0000000000000000
[  314.224154][T14677] R10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001
[  314.224165][T14677] R13: 00007fe0703b6038 R14: 00007fe0703b5fa0 R15: 00007ffe3c841bf8
[  314.224196][T14677]  </TASK>
[  314.312962][T14682] FAULT_INJECTION: forcing a failure.
[  314.312962][T14682] name failslab, interval 1, probability 0, space 0, times 0
[  314.552451][T14682] CPU: 0 UID: 0 PID: 14682 Comm: syz.4.3083 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  314.552483][T14682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  314.552495][T14682] Call Trace:
[  314.552502][T14682]  <TASK>
[  314.552511][T14682]  dump_stack_lvl+0x189/0x250
[  314.552542][T14682]  ? __pfx____ratelimit+0x10/0x10
[  314.552570][T14682]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.552595][T14682]  ? __pfx__printk+0x10/0x10
[  314.552631][T14682]  ? __pfx___might_resched+0x10/0x10
[  314.552657][T14682]  should_fail_ex+0x414/0x560
[  314.552689][T14682]  should_failslab+0xa8/0x100
[  314.552721][T14682]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  314.552752][T14682]  ? __alloc_skb+0x112/0x2d0
[  314.552787][T14682]  __alloc_skb+0x112/0x2d0
[  314.552823][T14682]  netlink_sendmsg+0x5c6/0xb30
[  314.552865][T14682]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.552899][T14682]  ? aa_sock_msg_perm+0xf1/0x1d0
[  314.552933][T14682]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  314.552956][T14682]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.552987][T14682]  __sock_sendmsg+0x219/0x270
[  314.553017][T14682]  ____sys_sendmsg+0x505/0x830
[  314.553045][T14682]  ? __pfx_____sys_sendmsg+0x10/0x10
[  314.553077][T14682]  ? import_iovec+0x74/0xa0
[  314.553105][T14682]  ___sys_sendmsg+0x21f/0x2a0
[  314.553130][T14682]  ? __pfx____sys_sendmsg+0x10/0x10
[  314.553191][T14682]  ? __fget_files+0x2a/0x420
[  314.553209][T14682]  ? __fget_files+0x3a0/0x420
[  314.553239][T14682]  __x64_sys_sendmsg+0x19b/0x260
[  314.553263][T14682]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  314.553295][T14682]  ? __pfx_ksys_write+0x10/0x10
[  314.553329][T14682]  ? do_syscall_64+0xbe/0x3b0
[  314.553367][T14682]  do_syscall_64+0xfa/0x3b0
[  314.553404][T14682]  ? lockdep_hardirqs_on+0x9c/0x150
[  314.553432][T14682]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.553452][T14682]  ? clear_bhb_loop+0x60/0xb0
[  314.553477][T14682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.553496][T14682] RIP: 0033:0x7ff91918ebe9
[  314.553515][T14682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.553532][T14682] RSP: 002b:00007ff919fbe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.553554][T14682] RAX: ffffffffffffffda RBX: 00007ff9193b6090 RCX: 00007ff91918ebe9
[  314.553569][T14682] RDX: 0000000024000054 RSI: 0000200000000480 RDI: 0000000000000003
[  314.553583][T14682] RBP: 00007ff919fbe090 R08: 0000000000000000 R09: 0000000000000000
[  314.553596][T14682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.553608][T14682] R13: 00007ff9193b6128 R14: 00007ff9193b6090 R15: 00007ffc2e46e508
[  314.553642][T14682]  </TASK>
[  314.899544][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bc2b800: rx timeout, send abort
[  314.945951][T14692] net_ratelimit: 42 callbacks suppressed
[  314.945973][T14692] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  315.030446][T14513] 8021q: adding VLAN 0 to HW filter on device batadv0
[  315.231796][T14701] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3088'.
[  315.241514][T14701] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3088'.
[  315.252962][T14701] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  315.272877][T14702] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  315.311673][T14513] veth0_vlan: entered promiscuous mode
[  315.343242][T14513] veth1_vlan: entered promiscuous mode
[  315.399682][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bc2bc00: rx timeout, send abort
[  315.408101][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bc2b800: abort rx timeout. Force session deactivation
[  315.416455][T14513] veth0_macvtap: entered promiscuous mode
[  315.478575][T14513] veth1_macvtap: entered promiscuous mode
[  315.523671][T14513] batman_adv: batadv0: Interface activated: batadv_slave_0
[  315.531491][T14709] netlink: 'syz.4.3093': attribute type 1 has an invalid length.
[  315.550450][T14513] batman_adv: batadv0: Interface activated: batadv_slave_1
[  315.622949][T14715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3092'.
[  315.666314][T14713] bond8: (slave veth7): Enslaving as an active interface with a down link
[  315.692290][   T59] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.708220][   T59] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.719496][   T59] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.778890][   T59] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.908129][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bc2bc00: abort rx timeout. Force session deactivation
[  315.914872][ T5867] Bluetooth: hci1: command tx timeout
[  315.972579][T14724] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  316.012878][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.026270][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.077273][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.086137][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.261340][T14731] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  316.511212][T14739] FAULT_INJECTION: forcing a failure.
[  316.511212][T14739] name failslab, interval 1, probability 0, space 0, times 0
[  316.549964][T14739] CPU: 1 UID: 0 PID: 14739 Comm: syz.1.3102 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  316.549997][T14739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  316.550010][T14739] Call Trace:
[  316.550017][T14739]  <TASK>
[  316.550026][T14739]  dump_stack_lvl+0x189/0x250
[  316.550055][T14739]  ? __pfx____ratelimit+0x10/0x10
[  316.550084][T14739]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.550108][T14739]  ? __pfx__printk+0x10/0x10
[  316.550143][T14739]  ? __pfx___might_resched+0x10/0x10
[  316.550168][T14739]  should_fail_ex+0x414/0x560
[  316.550202][T14739]  should_failslab+0xa8/0x100
[  316.550239][T14739]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  316.550269][T14739]  ? __alloc_skb+0x112/0x2d0
[  316.550304][T14739]  __alloc_skb+0x112/0x2d0
[  316.550339][T14739]  netlink_sendmsg+0x5c6/0xb30
[  316.550380][T14739]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.550415][T14739]  ? aa_sock_msg_perm+0xf1/0x1d0
[  316.550454][T14739]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  316.550476][T14739]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.550507][T14739]  __sock_sendmsg+0x219/0x270
[  316.550537][T14739]  ____sys_sendmsg+0x505/0x830
[  316.550564][T14739]  ? __pfx_____sys_sendmsg+0x10/0x10
[  316.550596][T14739]  ? import_iovec+0x74/0xa0
[  316.550624][T14739]  ___sys_sendmsg+0x21f/0x2a0
[  316.550648][T14739]  ? __pfx____sys_sendmsg+0x10/0x10
[  316.550711][T14739]  ? __fget_files+0x2a/0x420
[  316.550728][T14739]  ? __fget_files+0x3a0/0x420
[  316.550758][T14739]  __x64_sys_sendmsg+0x19b/0x260
[  316.550783][T14739]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  316.550816][T14739]  ? __pfx_ksys_write+0x10/0x10
[  316.550841][T14739]  ? rcu_is_watching+0x15/0xb0
[  316.550868][T14739]  ? do_syscall_64+0xbe/0x3b0
[  316.550901][T14739]  do_syscall_64+0xfa/0x3b0
[  316.550933][T14739]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.550960][T14739]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.550980][T14739]  ? clear_bhb_loop+0x60/0xb0
[  316.551005][T14739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.551025][T14739] RIP: 0033:0x7fccdd98ebe9
[  316.551042][T14739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.551061][T14739] RSP: 002b:00007fccde840038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.551082][T14739] RAX: ffffffffffffffda RBX: 00007fccddbb5fa0 RCX: 00007fccdd98ebe9
[  316.551096][T14739] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  316.551109][T14739] RBP: 00007fccde840090 R08: 0000000000000000 R09: 0000000000000000
[  316.551121][T14739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.551133][T14739] R13: 00007fccddbb6038 R14: 00007fccddbb5fa0 R15: 00007ffc46e31df8
[  316.551166][T14739]  </TASK>
[  317.108850][ T5860] syz_tun (unregistering): left allmulticast mode
[  317.148202][ T5870] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  317.161998][ T5870] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  317.171047][ T5870] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  317.180878][ T5870] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  317.225208][ T5870] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  317.282140][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  317.288591][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  317.509204][T14761] netlink: 'syz.4.3109': attribute type 1 has an invalid length.
[  317.725561][T14761] 8021q: adding VLAN 0 to HW filter on device bond9
[  317.978657][T14766] __nla_validate_parse: 2 callbacks suppressed
[  317.978679][T14766] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3110'.
[  318.343318][T14776] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3112'.
[  318.422672][T14781] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  318.493033][T14748] chnl_net:caif_netlink_parms(): no params data found
[  318.655959][T14788] bond0: (slave wlan1): Releasing backup interface
[  318.735279][T14748] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.744400][T14748] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.752154][T14748] bridge_slave_0: entered allmulticast mode
[  318.760474][T14748] bridge_slave_0: entered promiscuous mode
[  318.770298][T14748] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.777967][T14748] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.785528][T14748] bridge_slave_1: entered allmulticast mode
[  318.793799][T14748] bridge_slave_1: entered promiscuous mode
[  318.821831][T14793] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  318.928250][T14748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  318.942538][T14748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  318.979665][T14798] tipc: Started in network mode
[  318.987103][T14798] tipc: Node identity eaf5e01c9779, cluster identity 4711
[  318.994629][T14798] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  319.035957][T14748] team0: Port device team_slave_0 added
[  319.048565][T14798] syzkaller0: entered promiscuous mode
[  319.058369][T14798] syzkaller0: entered allmulticast mode
[  319.072402][T14748] team0: Port device team_slave_1 added
[  319.083810][T14798] tipc: Resetting bearer <eth:syzkaller0>
[  319.098130][T14797] tipc: Resetting bearer <eth:syzkaller0>
[  319.154215][T14797] tipc: Disabling bearer <eth:syzkaller0>
[  319.276462][ T5870] Bluetooth: hci0: command tx timeout
[  319.290143][T14748] batman_adv: batadv0: Adding interface: batadv_slave_0
[  319.310109][T14748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.359077][T14748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  319.372081][T14748] batman_adv: batadv0: Adding interface: batadv_slave_1
[  319.379209][T14748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.411240][T14748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  319.432875][T14813] FAULT_INJECTION: forcing a failure.
[  319.432875][T14813] name failslab, interval 1, probability 0, space 0, times 0
[  319.457527][T14813] CPU: 1 UID: 0 PID: 14813 Comm: syz.3.3123 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  319.457558][T14813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  319.457571][T14813] Call Trace:
[  319.457579][T14813]  <TASK>
[  319.457587][T14813]  dump_stack_lvl+0x189/0x250
[  319.457617][T14813]  ? __pfx____ratelimit+0x10/0x10
[  319.457646][T14813]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.457671][T14813]  ? __pfx__printk+0x10/0x10
[  319.457707][T14813]  ? __pfx___might_resched+0x10/0x10
[  319.457732][T14813]  should_fail_ex+0x414/0x560
[  319.457765][T14813]  should_failslab+0xa8/0x100
[  319.457798][T14813]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  319.457827][T14813]  ? __alloc_skb+0x112/0x2d0
[  319.457863][T14813]  __alloc_skb+0x112/0x2d0
[  319.457897][T14813]  netlink_sendmsg+0x5c6/0xb30
[  319.457939][T14813]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.457974][T14813]  ? aa_sock_msg_perm+0xf1/0x1d0
[  319.458017][T14813]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  319.458040][T14813]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.458071][T14813]  __sock_sendmsg+0x219/0x270
[  319.458101][T14813]  ____sys_sendmsg+0x505/0x830
[  319.458130][T14813]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.458162][T14813]  ? import_iovec+0x74/0xa0
[  319.458189][T14813]  ___sys_sendmsg+0x21f/0x2a0
[  319.458213][T14813]  ? __pfx____sys_sendmsg+0x10/0x10
[  319.458275][T14813]  ? __fget_files+0x2a/0x420
[  319.458292][T14813]  ? __fget_files+0x3a0/0x420
[  319.458322][T14813]  __x64_sys_sendmsg+0x19b/0x260
[  319.458346][T14813]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  319.458379][T14813]  ? __pfx_ksys_write+0x10/0x10
[  319.458404][T14813]  ? rcu_is_watching+0x15/0xb0
[  319.458431][T14813]  ? do_syscall_64+0xbe/0x3b0
[  319.458465][T14813]  do_syscall_64+0xfa/0x3b0
[  319.458493][T14813]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.458521][T14813]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.458541][T14813]  ? clear_bhb_loop+0x60/0xb0
[  319.458567][T14813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.458587][T14813] RIP: 0033:0x7f5d3418ebe9
[  319.458605][T14813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.458622][T14813] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.458643][T14813] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  319.458657][T14813] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  319.458669][T14813] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  319.458681][T14813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.458692][T14813] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  319.458724][T14813]  </TASK>
[  319.745712][T14809] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  319.772162][T14811] syzkaller0: entered promiscuous mode
[  319.787727][T14811] syzkaller0: entered allmulticast mode
[  319.884059][T14809] tipc: Resetting bearer <eth:syzkaller0>
[  319.898309][T14808] tipc: Resetting bearer <eth:syzkaller0>
[  319.929401][T14808] tipc: Disabling bearer <eth:syzkaller0>
[  320.007937][T14748] hsr_slave_0: entered promiscuous mode
[  320.058381][T14748] hsr_slave_1: entered promiscuous mode
[  320.095923][T14748] debugfs: 'hsr0' already exists in 'hsr'
[  320.111208][T14748] Cannot create hsr debugfs directory
[  320.273464][T14821] tipc: Started in network mode
[  320.278522][T14821] tipc: Node identity 6e00aaa9cb86, cluster identity 4711
[  320.302244][T14821] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  320.373956][T14834] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  320.412226][T14821] tipc: Resetting bearer <eth:syzkaller0>
[  320.498332][T14820] tipc: Disabling bearer <eth:syzkaller0>
[  320.576891][T14840] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  320.710122][T14748] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  320.721233][T14748] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.789749][T14846] netlink: 136 bytes leftover after parsing attributes in process `syz.2.3134'.
[  320.803905][T14849] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3136'.
[  320.813557][T14846] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  320.832843][T14847] lo: entered allmulticast mode
[  320.869983][T14748] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  320.889571][T14748] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.981923][T14748] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.009543][T14748] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.051442][T14851] netlink: 'syz.3.3137': attribute type 9 has an invalid length.
[  321.059344][T14851] netlink: 'syz.3.3137': attribute type 6 has an invalid length.
[  321.151838][T14748] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.164367][T14748] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.355398][ T5870] Bluetooth: hci0: command tx timeout
[  321.432696][T14748] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  321.451180][T14748] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  321.470677][T14748] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  321.498421][T14748] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  321.758583][T14885] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  321.787939][T14748] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.963302][T14884] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.972171][T14884] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.175967][T14899] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3146'.
[  322.225388][T14899] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3146'.
[  322.367221][T14884] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.374233][T14907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3148'.
[  322.397956][T14884] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.435809][T14909] netlink: 'syz.3.3148': attribute type 1 has an invalid length.
[  322.626708][ T7994] syz1: Port: 1 Link DOWN
[  322.688181][T14907] 8021q: adding VLAN 0 to HW filter on device bond1
[  322.727685][ T6976] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.776669][  T970] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.792383][  T970] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.831706][  T970] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.852694][T14915] netlink: 'syz.1.3149': attribute type 9 has an invalid length.
[  322.870191][T14915] netlink: 'syz.1.3149': attribute type 6 has an invalid length.
[  322.916992][T14748] 8021q: adding VLAN 0 to HW filter on device team0
[  322.959732][ T6976] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.966988][ T6976] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.024140][ T3012] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.031395][ T3012] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.033625][T14921] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  323.197502][T14928] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3155'.
[  323.368692][T14933] FAULT_INJECTION: forcing a failure.
[  323.368692][T14933] name failslab, interval 1, probability 0, space 0, times 0
[  323.411259][T14933] CPU: 0 UID: 0 PID: 14933 Comm: syz.3.3156 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  323.411289][T14933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  323.411301][T14933] Call Trace:
[  323.411309][T14933]  <TASK>
[  323.411318][T14933]  dump_stack_lvl+0x189/0x250
[  323.411347][T14933]  ? __pfx____ratelimit+0x10/0x10
[  323.411374][T14933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.411397][T14933]  ? __pfx__printk+0x10/0x10
[  323.411431][T14933]  ? __pfx___might_resched+0x10/0x10
[  323.411456][T14933]  should_fail_ex+0x414/0x560
[  323.411487][T14933]  should_failslab+0xa8/0x100
[  323.411519][T14933]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  323.411547][T14933]  ? __alloc_skb+0x112/0x2d0
[  323.411581][T14933]  __alloc_skb+0x112/0x2d0
[  323.411614][T14933]  netlink_sendmsg+0x5c6/0xb30
[  323.411653][T14933]  ? __pfx_netlink_sendmsg+0x10/0x10
[  323.411686][T14933]  ? aa_sock_msg_perm+0xf1/0x1d0
[  323.411727][T14933]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  323.411749][T14933]  ? __pfx_netlink_sendmsg+0x10/0x10
[  323.411778][T14933]  __sock_sendmsg+0x219/0x270
[  323.411808][T14933]  ____sys_sendmsg+0x505/0x830
[  323.411834][T14933]  ? __pfx_____sys_sendmsg+0x10/0x10
[  323.411865][T14933]  ? import_iovec+0x74/0xa0
[  323.411891][T14933]  ___sys_sendmsg+0x21f/0x2a0
[  323.411914][T14933]  ? __pfx____sys_sendmsg+0x10/0x10
[  323.411974][T14933]  ? __fget_files+0x2a/0x420
[  323.411992][T14933]  ? __fget_files+0x3a0/0x420
[  323.412019][T14933]  __x64_sys_sendmsg+0x19b/0x260
[  323.412043][T14933]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  323.412073][T14933]  ? __pfx_ksys_write+0x10/0x10
[  323.412098][T14933]  ? rcu_is_watching+0x15/0xb0
[  323.412123][T14933]  ? do_syscall_64+0xbe/0x3b0
[  323.412157][T14933]  do_syscall_64+0xfa/0x3b0
[  323.412183][T14933]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.412209][T14933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.412228][T14933]  ? clear_bhb_loop+0x60/0xb0
[  323.412253][T14933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.412272][T14933] RIP: 0033:0x7f5d3418ebe9
[  323.412289][T14933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.412306][T14933] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  323.412327][T14933] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  323.412341][T14933] RDX: 0000000000000000 RSI: 0000200000000880 RDI: 0000000000000003
[  323.412353][T14933] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  323.412364][T14933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.412375][T14933] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  323.412407][T14933]  </TASK>
[  323.749117][ T5870] Bluetooth: hci0: command tx timeout
[  323.938435][T14748] 8021q: adding VLAN 0 to HW filter on device batadv0
[  323.967917][T14952] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3163'.
[  323.980970][T14952] mac80211_hwsim hwsim13 wlan0: entered promiscuous mode
[  323.988743][T14952] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  324.011824][T14953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3165'.
[  324.127743][T14748] veth0_vlan: entered promiscuous mode
[  324.162696][T14748] veth1_vlan: entered promiscuous mode
[  324.289862][T14748] veth0_macvtap: entered promiscuous mode
[  324.338188][T14748] veth1_macvtap: entered promiscuous mode
[  324.417763][T14748] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.459491][T14968] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3169'.
[  324.475790][T14748] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.509363][   T59] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.531219][   T59] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.561579][   T59] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.578888][ T6976] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.602096][T14975] netlink: del zone limit has 4 unknown bytes
[  324.626673][T14975] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3172'.
[  324.671051][T14975] 8021q: adding VLAN 0 to HW filter on device bond2
[  324.711776][T14946] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  324.721068][T14979] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  324.741108][T14975] bond2: (slave veth3): Enslaving as an active interface with an up link
[  324.812003][ T6976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.833851][ T6976] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.869445][ T6976] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.886617][ T6976] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.912628][T14981] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3174'.
[  324.930712][T14983] netlink: 'syz.3.3175': attribute type 3 has an invalid length.
[  325.332378][T15003] tipc: Started in network mode
[  325.337820][T15003] tipc: Node identity b2327179fc03, cluster identity 4711
[  325.346116][T15003] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  325.354183][T15003] syzkaller0: entered promiscuous mode
[  325.379739][T15003] syzkaller0: entered allmulticast mode
[  325.430578][T15003] tipc: Resetting bearer <eth:syzkaller0>
[  325.486161][T15002] tipc: Resetting bearer <eth:syzkaller0>
[  325.556293][T15002] tipc: Disabling bearer <eth:syzkaller0>
[  325.969274][T15013] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3186'.
[  326.103592][ T5863] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  326.115629][ T5863] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  326.124839][ T5863] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  326.133929][ T5863] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  326.144201][ T5863] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  326.357107][T15027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3190'.
[  326.411324][T15027] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3190'.
[  326.571866][T15034] tipc: Started in network mode
[  326.582600][T15034] tipc: Node identity daf0e9947bc2, cluster identity 4711
[  326.599534][T15034] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  326.618120][T15034] syzkaller0: entered promiscuous mode
[  326.630689][T15034] syzkaller0: entered allmulticast mode
[  326.661931][T15034] tipc: Resetting bearer <eth:syzkaller0>
[  326.707196][T15033] tipc: Resetting bearer <eth:syzkaller0>
[  326.734012][T15033] tipc: Disabling bearer <eth:syzkaller0>
[  327.037964][T15040] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3194'.
[  327.378856][T15018] chnl_net:caif_netlink_parms(): no params data found
[  327.751645][T15051] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  327.790788][T15044] tipc: Resetting bearer <eth:syzkaller0>
[  328.237052][ T5867] Bluetooth: hci2: command tx timeout
[  328.789709][ T5936] tipc: Node number set to 1311863161
[  330.269973][T15044] tipc: Disabling bearer <eth:syzkaller0>
[  330.315378][ T5867] Bluetooth: hci2: command tx timeout
[  330.630844][T15018] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.668106][T15018] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.678999][T15018] bridge_slave_0: entered allmulticast mode
[  330.686329][T15085] Bluetooth: MGMT ver 1.23
[  330.692444][T15018] bridge_slave_0: entered promiscuous mode
[  330.727517][T15018] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.757672][T15018] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.796447][T15018] bridge_slave_1: entered allmulticast mode
[  330.818350][T15018] bridge_slave_1: entered promiscuous mode
[  330.978629][T15095] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  331.288890][T15018] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.356436][T15102] __nla_validate_parse: 1 callbacks suppressed
[  331.356458][T15102] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3212'.
[  331.389911][T15018] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.565836][T15104] netlink: del zone limit has 4 unknown bytes
[  331.574288][T15108] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3213'.
[  331.597978][T15018] team0: Port device team_slave_0 added
[  331.603996][T15107] netlink: 'syz.0.3214': attribute type 11 has an invalid length.
[  331.798355][T15108] 8021q: adding VLAN 0 to HW filter on device bond3
[  331.862553][T15018] team0: Port device team_slave_1 added
[  331.947641][T15104] bond3: (slave veth3): Enslaving as an active interface with an up link
[  332.190613][T15018] batman_adv: batadv0: Adding interface: batadv_slave_0
[  332.203525][T15018] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.249846][T15018] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.279583][T15018] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.293222][T15018] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.302971][T15136] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3224'.
[  332.324474][T15018] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.328806][T15134] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3223'.
[  332.369356][T15134] netlink: 'syz.0.3223': attribute type 10 has an invalid length.
[  332.394626][ T5863] Bluetooth: hci2: command tx timeout
[  332.456599][T15134] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  332.561290][T15018] hsr_slave_0: entered promiscuous mode
[  332.585651][T15018] hsr_slave_1: entered promiscuous mode
[  332.592148][T15018] debugfs: 'hsr0' already exists in 'hsr'
[  332.627238][T15018] Cannot create hsr debugfs directory
[  332.644822][T15147] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3227'.
[  332.896241][T15154] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3229'.
[  332.928062][T15154] openvswitch: netlink: Flow key attr not present in new flow.
[  333.014341][T15157] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3227'.
[  333.646739][T15166] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  333.669741][T15167] mac80211_hwsim hwsim18 syzkaller0: entered promiscuous mode
[  333.693350][T15167] mac80211_hwsim hwsim18 syzkaller0: entered allmulticast mode
[  333.718359][T15174] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3231'.
[  333.765102][T15166] tipc: Resetting bearer <eth:syzkaller0>
[  333.781868][T15174] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3231'.
[  334.093555][T15189] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3236'.
[  334.119230][T15018] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.195108][T15193] ieee802154 phy0 wpan0: encryption failed: -22
[  334.206688][T15191] bridge0: entered promiscuous mode
[  334.212041][T15191] vlan2: entered promiscuous mode
[  334.241021][T15195] netlink: 'syz.2.3240': attribute type 1 has an invalid length.
[  334.282044][T15018] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.374213][T15200] FAULT_INJECTION: forcing a failure.
[  334.374213][T15200] name failslab, interval 1, probability 0, space 0, times 0
[  334.404270][T15200] CPU: 0 UID: 0 PID: 15200 Comm: syz.0.3241 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  334.404300][T15200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  334.404312][T15200] Call Trace:
[  334.404320][T15200]  <TASK>
[  334.404329][T15200]  dump_stack_lvl+0x189/0x250
[  334.404357][T15200]  ? __pfx____ratelimit+0x10/0x10
[  334.404386][T15200]  ? __pfx_dump_stack_lvl+0x10/0x10
[  334.404410][T15200]  ? __pfx__printk+0x10/0x10
[  334.404449][T15200]  ? __pfx___might_resched+0x10/0x10
[  334.404466][T15200]  ? fs_reclaim_acquire+0x7d/0x100
[  334.404502][T15200]  should_fail_ex+0x414/0x560
[  334.404534][T15200]  should_failslab+0xa8/0x100
[  334.404565][T15200]  kmem_cache_alloc_noprof+0x73/0x3c0
[  334.404592][T15200]  ? security_inode_alloc+0x39/0x330
[  334.404617][T15200]  security_inode_alloc+0x39/0x330
[  334.404639][T15200]  inode_init_always_gfp+0x9ed/0xdc0
[  334.404675][T15200]  ? __pfx_sock_alloc_inode+0x10/0x10
[  334.404699][T15200]  alloc_inode+0x82/0x1b0
[  334.404729][T15200]  __sock_create+0x12d/0x9f0
[  334.404774][T15200]  mptcp_subflow_create_socket+0xfd/0xb40
[  334.404805][T15200]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  334.404829][T15200]  ? tomoyo_check_inet_address+0x275/0x8c0
[  334.404855][T15200]  __mptcp_nmpc_sk+0x150/0x720
[  334.404879][T15200]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  334.404900][T15200]  ? look_up_lock_class+0x74/0x170
[  334.404934][T15200]  mptcp_connect+0x71/0x830
[  334.404966][T15200]  __inet_stream_connect+0x2ae/0xe80
[  334.405002][T15200]  ? __local_bh_enable_ip+0x12d/0x1c0
[  334.405023][T15200]  ? __pfx___inet_stream_connect+0x10/0x10
[  334.405048][T15200]  ? __local_bh_enable_ip+0x12d/0x1c0
[  334.405067][T15200]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  334.405100][T15200]  inet_stream_connect+0x66/0xa0
[  334.405128][T15200]  __sys_connect+0x313/0x440
[  334.405156][T15200]  ? __fget_files+0x3a0/0x420
[  334.405174][T15200]  ? __pfx___sys_connect+0x10/0x10
[  334.405219][T15200]  ? __pfx_ksys_write+0x10/0x10
[  334.405243][T15200]  ? rcu_is_watching+0x15/0xb0
[  334.405272][T15200]  __x64_sys_connect+0x7a/0x90
[  334.405303][T15200]  do_syscall_64+0xfa/0x3b0
[  334.405330][T15200]  ? lockdep_hardirqs_on+0x9c/0x150
[  334.405356][T15200]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.405376][T15200]  ? clear_bhb_loop+0x60/0xb0
[  334.405401][T15200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.405420][T15200] RIP: 0033:0x7fcaf438ebe9
[  334.405438][T15200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.405454][T15200] RSP: 002b:00007fcaf5196038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  334.405475][T15200] RAX: ffffffffffffffda RBX: 00007fcaf45b5fa0 RCX: 00007fcaf438ebe9
[  334.405489][T15200] RDX: 000000000000001c RSI: 0000200000000180 RDI: 0000000000000004
[  334.405501][T15200] RBP: 00007fcaf5196090 R08: 0000000000000000 R09: 0000000000000000
[  334.405513][T15200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.405525][T15200] R13: 00007fcaf45b6038 R14: 00007fcaf45b5fa0 R15: 00007ffe0957be58
[  334.405558][T15200]  </TASK>
[  334.519560][ T5863] Bluetooth: hci2: command 0x0419 tx timeout
[  334.524330][T15200] socket: no more sockets
[  334.641745][T15205] openvswitch: netlink: Flow key attr not present in new flow.
[  334.737508][ T5950] tipc: Node number set to 2777066153
[  334.758667][T15196] bond4: (slave veth5): Enslaving as an active interface with a down link
[  334.783379][T15018] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.898472][T15018] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.320278][T15018] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  335.388384][T15018] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  335.423998][T15230] FAULT_INJECTION: forcing a failure.
[  335.423998][T15230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.464175][T15018] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  335.487983][T15230] CPU: 0 UID: 0 PID: 15230 Comm: syz.3.3252 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  335.488015][T15230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  335.488028][T15230] Call Trace:
[  335.488037][T15230]  <TASK>
[  335.488045][T15230]  dump_stack_lvl+0x189/0x250
[  335.488075][T15230]  ? __pfx____ratelimit+0x10/0x10
[  335.488104][T15230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.488129][T15230]  ? __pfx__printk+0x10/0x10
[  335.488159][T15230]  ? __might_fault+0xb0/0x130
[  335.488199][T15230]  should_fail_ex+0x414/0x560
[  335.488232][T15230]  _copy_from_user+0x2d/0xb0
[  335.488257][T15230]  ____sys_sendmsg+0x2fe/0x830
[  335.488284][T15230]  ? __pfx_____sys_sendmsg+0x10/0x10
[  335.488313][T15230]  ? import_iovec+0x74/0xa0
[  335.488339][T15230]  ___sys_sendmsg+0x21f/0x2a0
[  335.488362][T15230]  ? __pfx____sys_sendmsg+0x10/0x10
[  335.488420][T15230]  ? __fget_files+0x2a/0x420
[  335.488438][T15230]  ? __fget_files+0x3a0/0x420
[  335.488467][T15230]  __x64_sys_sendmsg+0x19b/0x260
[  335.488492][T15230]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  335.488525][T15230]  ? __pfx_ksys_write+0x10/0x10
[  335.488549][T15230]  ? rcu_is_watching+0x15/0xb0
[  335.488576][T15230]  ? do_syscall_64+0xbe/0x3b0
[  335.488609][T15230]  do_syscall_64+0xfa/0x3b0
[  335.488648][T15230]  ? lockdep_hardirqs_on+0x9c/0x150
[  335.488675][T15230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.488695][T15230]  ? clear_bhb_loop+0x60/0xb0
[  335.488717][T15230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.488735][T15230] RIP: 0033:0x7f5d3418ebe9
[  335.488751][T15230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.488767][T15230] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  335.488787][T15230] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  335.488801][T15230] RDX: 0000000020008009 RSI: 00002000000008c0 RDI: 0000000000000003
[  335.488812][T15230] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  335.488824][T15230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.488835][T15230] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  335.488869][T15230]  </TASK>
[  335.489285][T15234] netlink: 'syz.1.3251': attribute type 1 has an invalid length.
[  335.676229][T15233] netlink: 'syz.2.3253': attribute type 1 has an invalid length.
[  335.750127][T15018] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  336.032288][T15242] bond5: (slave veth7): Enslaving as an active interface with a down link
[  336.520244][T15270] FAULT_INJECTION: forcing a failure.
[  336.520244][T15270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.555287][ T5863] Bluetooth: hci2: command 0x0419 tx timeout
[  336.614913][T15270] CPU: 0 UID: 0 PID: 15270 Comm: syz.1.3259 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  336.614945][T15270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  336.614957][T15270] Call Trace:
[  336.614965][T15270]  <TASK>
[  336.614974][T15270]  dump_stack_lvl+0x189/0x250
[  336.615002][T15270]  ? __pfx____ratelimit+0x10/0x10
[  336.615030][T15270]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.615053][T15270]  ? __pfx__printk+0x10/0x10
[  336.615081][T15270]  ? __might_fault+0xb0/0x130
[  336.615120][T15270]  should_fail_ex+0x414/0x560
[  336.615152][T15270]  _copy_from_user+0x2d/0xb0
[  336.615175][T15270]  ___sys_sendmsg+0x158/0x2a0
[  336.615200][T15270]  ? __pfx____sys_sendmsg+0x10/0x10
[  336.615261][T15270]  ? __fget_files+0x2a/0x420
[  336.615278][T15270]  ? __fget_files+0x3a0/0x420
[  336.615306][T15270]  __x64_sys_sendmsg+0x19b/0x260
[  336.615330][T15270]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  336.615361][T15270]  ? __pfx_ksys_write+0x10/0x10
[  336.615386][T15270]  ? rcu_is_watching+0x15/0xb0
[  336.615411][T15270]  ? do_syscall_64+0xbe/0x3b0
[  336.615444][T15270]  do_syscall_64+0xfa/0x3b0
[  336.615470][T15270]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.615496][T15270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.615515][T15270]  ? clear_bhb_loop+0x60/0xb0
[  336.615540][T15270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.615559][T15270] RIP: 0033:0x7fccdd98ebe9
[  336.615575][T15270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.615592][T15270] RSP: 002b:00007fccde840038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.615613][T15270] RAX: ffffffffffffffda RBX: 00007fccddbb5fa0 RCX: 00007fccdd98ebe9
[  336.615627][T15270] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  336.615640][T15270] RBP: 00007fccde840090 R08: 0000000000000000 R09: 0000000000000000
[  336.615651][T15270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.615662][T15270] R13: 00007fccddbb6038 R14: 00007fccddbb5fa0 R15: 00007ffc46e31df8
[  336.615694][T15270]  </TASK>
[  336.845221][T15018] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.882728][T15018] 8021q: adding VLAN 0 to HW filter on device team0
[  336.900605][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.907821][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.929410][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.936666][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  337.009316][T15277] FAULT_INJECTION: forcing a failure.
[  337.009316][T15277] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.022511][T15277] CPU: 0 UID: 0 PID: 15277 Comm: syz.1.3266 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  337.022539][T15277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  337.022551][T15277] Call Trace:
[  337.022559][T15277]  <TASK>
[  337.022567][T15277]  dump_stack_lvl+0x189/0x250
[  337.022595][T15277]  ? __pfx____ratelimit+0x10/0x10
[  337.022622][T15277]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.022645][T15277]  ? __pfx__printk+0x10/0x10
[  337.022672][T15277]  ? __might_fault+0xb0/0x130
[  337.022712][T15277]  should_fail_ex+0x414/0x560
[  337.022744][T15277]  _copy_from_iter+0x1db/0x16f0
[  337.022765][T15277]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  337.022789][T15277]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  337.022831][T15277]  ? __pfx__copy_from_iter+0x10/0x10
[  337.022854][T15277]  ? skb_set_owner_w+0x25b/0x3a0
[  337.022877][T15277]  ? skb_put+0x11b/0x210
[  337.022899][T15277]  pppol2tp_sendmsg+0x3cd/0x5f0
[  337.022925][T15277]  ? __pfx_pppol2tp_sendmsg+0x10/0x10
[  337.022946][T15277]  __sock_sendmsg+0x219/0x270
[  337.022974][T15277]  sock_write_iter+0x258/0x330
[  337.023001][T15277]  ? __pfx_sock_write_iter+0x10/0x10
[  337.023049][T15277]  do_iter_readv_writev+0x61c/0x8b0
[  337.023085][T15277]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  337.023110][T15277]  ? common_file_perm+0x1b5/0x230
[  337.023146][T15277]  ? bpf_lsm_file_permission+0x9/0x20
[  337.023169][T15277]  ? security_file_permission+0x75/0x290
[  337.023196][T15277]  ? rw_verify_area+0x255/0x4d0
[  337.023225][T15277]  vfs_writev+0x31a/0x960
[  337.023249][T15277]  ? __lock_acquire+0xab9/0xd20
[  337.023280][T15277]  ? __pfx_vfs_writev+0x10/0x10
[  337.023335][T15277]  ? __fget_files+0x2a/0x420
[  337.023371][T15277]  ? __fget_files+0x3a0/0x420
[  337.023386][T15277]  ? __fget_files+0x2a/0x420
[  337.023412][T15277]  do_writev+0x14d/0x2d0
[  337.023435][T15277]  ? __pfx_do_writev+0x10/0x10
[  337.023451][T15277]  ? rcu_is_watching+0x15/0xb0
[  337.023477][T15277]  ? do_syscall_64+0xbe/0x3b0
[  337.023510][T15277]  do_syscall_64+0xfa/0x3b0
[  337.023536][T15277]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.023568][T15277]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.023588][T15277]  ? clear_bhb_loop+0x60/0xb0
[  337.023613][T15277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.023631][T15277] RIP: 0033:0x7fccdd98ebe9
[  337.023649][T15277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.023666][T15277] RSP: 002b:00007fccde840038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  337.023687][T15277] RAX: ffffffffffffffda RBX: 00007fccddbb5fa0 RCX: 00007fccdd98ebe9
[  337.023720][T15277] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003
[  337.023733][T15277] RBP: 00007fccde840090 R08: 0000000000000000 R09: 0000000000000000
[  337.023745][T15277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.023757][T15277] R13: 00007fccddbb6038 R14: 00007fccddbb5fa0 R15: 00007ffc46e31df8
[  337.023791][T15277]  </TASK>
[  337.364642][T15018] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  337.382787][T15018] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  337.655411][T15289] netlink: del zone limit has 4 unknown bytes
[  337.668939][T15289] __nla_validate_parse: 2 callbacks suppressed
[  337.668959][T15289] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3271'.
[  337.881604][T15289] 8021q: adding VLAN 0 to HW filter on device bond3
[  338.090431][T15296] bond3: (slave veth5): Enslaving as an active interface with an up link
[  338.642018][T15018] 8021q: adding VLAN 0 to HW filter on device batadv0
[  338.868793][T15322] syzkaller1: entered promiscuous mode
[  338.882909][T15322] syzkaller1: entered allmulticast mode
[  338.911689][T15322] FAULT_INJECTION: forcing a failure.
[  338.911689][T15322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.952689][T15322] CPU: 1 UID: 0 PID: 15322 Comm: syz.3.3280 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  338.952720][T15322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  338.952733][T15322] Call Trace:
[  338.952741][T15322]  <TASK>
[  338.952750][T15322]  dump_stack_lvl+0x189/0x250
[  338.952780][T15322]  ? __pfx____ratelimit+0x10/0x10
[  338.952808][T15322]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.952831][T15322]  ? __pfx__printk+0x10/0x10
[  338.952860][T15322]  ? __might_fault+0xb0/0x130
[  338.952900][T15322]  should_fail_ex+0x414/0x560
[  338.952952][T15322]  _copy_from_iter+0x1db/0x16f0
[  338.952976][T15322]  ? __lock_acquire+0xab9/0xd20
[  338.953014][T15322]  ? __pfx__copy_from_iter+0x10/0x10
[  338.953054][T15322]  tun_get_user+0x219/0x3e20
[  338.953098][T15322]  ? aa_file_perm+0x44d/0x1550
[  338.953119][T15322]  ? __pfx_tun_get_user+0x10/0x10
[  338.953138][T15322]  ? _parse_integer_limit+0x1ae/0x1f0
[  338.953178][T15322]  ? __lock_acquire+0xab9/0xd20
[  338.953215][T15322]  ? ref_tracker_alloc+0x318/0x460
[  338.953240][T15322]  ? __lock_acquire+0xab9/0xd20
[  338.953285][T15322]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  338.953318][T15322]  ? tun_get+0x1c/0x2f0
[  338.953344][T15322]  ? tun_get+0x1c/0x2f0
[  338.953362][T15322]  ? tun_get+0x1c/0x2f0
[  338.953403][T15322]  tun_chr_write_iter+0x113/0x200
[  338.953439][T15322]  vfs_write+0x5c6/0xb30
[  338.953477][T15322]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  338.953511][T15322]  ? __pfx_vfs_write+0x10/0x10
[  338.953550][T15322]  ? __fget_files+0x2a/0x420
[  338.953580][T15322]  ksys_write+0x145/0x250
[  338.953610][T15322]  ? __pfx_ksys_write+0x10/0x10
[  338.953642][T15322]  ? rcu_is_watching+0x15/0xb0
[  338.953669][T15322]  ? do_syscall_64+0xbe/0x3b0
[  338.953703][T15322]  do_syscall_64+0xfa/0x3b0
[  338.953735][T15322]  ? lockdep_hardirqs_on+0x9c/0x150
[  338.953762][T15322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.953783][T15322]  ? clear_bhb_loop+0x60/0xb0
[  338.953808][T15322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.953827][T15322] RIP: 0033:0x7f5d3418ebe9
[  338.953846][T15322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.953863][T15322] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  338.953884][T15322] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  338.953898][T15322] RDX: 0000000000000fca RSI: 0000200000001700 RDI: 0000000000000003
[  338.953910][T15322] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  338.953922][T15322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.953934][T15322] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  338.953967][T15322]  </TASK>
[  339.503265][T15018] veth0_vlan: entered promiscuous mode
[  339.590154][T15018] veth1_vlan: entered promiscuous mode
[  339.718597][T15018] veth0_macvtap: entered promiscuous mode
[  339.741354][T15018] veth1_macvtap: entered promiscuous mode
[  339.831292][T15018] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.868995][T15018] batman_adv: batadv0: Interface activated: batadv_slave_1
[  339.920041][   T59] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.998424][   T59] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.028093][   T59] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.065572][   T59] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.203864][T15358] netlink: 'syz.1.3292': attribute type 1 has an invalid length.
[  340.278855][T15358] 8021q: adding VLAN 0 to HW filter on device bond1
[  340.343714][T15363] vlan2: entered allmulticast mode
[  340.349067][T15363] veth1: entered allmulticast mode
[  340.412335][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.441881][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.577543][T15376] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  340.597502][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.627001][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.749791][T15384] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3301'.
[  340.789325][T15384] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3301'.
[  340.806080][T15384] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3301'.
[  340.862810][T15391] netlink: 'syz.0.3303': attribute type 1 has an invalid length.
[  341.038434][T15396] bond1: (slave veth3): Enslaving as an active interface with a down link
[  341.068776][T15400] FAULT_INJECTION: forcing a failure.
[  341.068776][T15400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.082505][T15400] CPU: 1 UID: 0 PID: 15400 Comm: syz.2.3306 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  341.082536][T15400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  341.082549][T15400] Call Trace:
[  341.082557][T15400]  <TASK>
[  341.082566][T15400]  dump_stack_lvl+0x189/0x250
[  341.082596][T15400]  ? __pfx____ratelimit+0x10/0x10
[  341.082624][T15400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.082649][T15400]  ? __pfx__printk+0x10/0x10
[  341.082678][T15400]  ? __might_fault+0xb0/0x130
[  341.082719][T15400]  should_fail_ex+0x414/0x560
[  341.082751][T15400]  _copy_from_user+0x2d/0xb0
[  341.082776][T15400]  ___sys_sendmsg+0x158/0x2a0
[  341.082801][T15400]  ? __pfx____sys_sendmsg+0x10/0x10
[  341.082863][T15400]  ? __fget_files+0x2a/0x420
[  341.082881][T15400]  ? __fget_files+0x3a0/0x420
[  341.082910][T15400]  __x64_sys_sendmsg+0x19b/0x260
[  341.082935][T15400]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  341.082967][T15400]  ? __pfx_ksys_write+0x10/0x10
[  341.082992][T15400]  ? rcu_is_watching+0x15/0xb0
[  341.083019][T15400]  ? do_syscall_64+0xbe/0x3b0
[  341.083053][T15400]  do_syscall_64+0xfa/0x3b0
[  341.083081][T15400]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.083107][T15400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.083127][T15400]  ? clear_bhb_loop+0x60/0xb0
[  341.083152][T15400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.083172][T15400] RIP: 0033:0x7fe07018ebe9
[  341.083200][T15400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.083217][T15400] RSP: 002b:00007fe070f3a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  341.083238][T15400] RAX: ffffffffffffffda RBX: 00007fe0703b5fa0 RCX: 00007fe07018ebe9
[  341.083252][T15400] RDX: 000000000000c8d0 RSI: 00002000000003c0 RDI: 0000000000000003
[  341.083265][T15400] RBP: 00007fe070f3a090 R08: 0000000000000000 R09: 0000000000000000
[  341.083278][T15400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.083290][T15400] R13: 00007fe0703b6038 R14: 00007fe0703b5fa0 R15: 00007ffe3c841bf8
[  341.083324][T15400]  </TASK>
[  341.622056][T15412] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  341.732479][T15417] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3311'.
[  341.922107][T15426] netlink: 'syz.2.3316': attribute type 1 has an invalid length.
[  341.941229][T15420] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  341.985301][T15426] netlink: 'syz.2.3316': attribute type 4 has an invalid length.
[  342.023154][T15426] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3316'.
[  342.071742][T15433] FAULT_INJECTION: forcing a failure.
[  342.071742][T15433] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.114722][T15437] FAULT_INJECTION: forcing a failure.
[  342.114722][T15437] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.136123][T15437] CPU: 0 UID: 0 PID: 15437 Comm: syz.3.3320 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  342.136154][T15437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  342.136167][T15437] Call Trace:
[  342.136186][T15437]  <TASK>
[  342.136195][T15437]  dump_stack_lvl+0x189/0x250
[  342.136225][T15437]  ? __pfx____ratelimit+0x10/0x10
[  342.136254][T15437]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.136279][T15437]  ? __pfx__printk+0x10/0x10
[  342.136307][T15437]  ? __might_fault+0xb0/0x130
[  342.136349][T15437]  should_fail_ex+0x414/0x560
[  342.136382][T15437]  _copy_from_iter+0x1db/0x16f0
[  342.136408][T15437]  ? rcu_is_watching+0x15/0xb0
[  342.136430][T15437]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  342.136460][T15437]  ? __pfx__copy_from_iter+0x10/0x10
[  342.136482][T15437]  ? __build_skb_around+0x257/0x3e0
[  342.136516][T15437]  ? netlink_sendmsg+0x642/0xb30
[  342.136542][T15437]  ? skb_put+0x11b/0x210
[  342.136561][T15437]  netlink_sendmsg+0x6b2/0xb30
[  342.136596][T15437]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.136624][T15437]  ? __lock_acquire+0xab9/0xd20
[  342.136649][T15437]  ? aa_sock_msg_perm+0xf1/0x1d0
[  342.136679][T15437]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  342.136698][T15437]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.136724][T15437]  __sock_sendmsg+0x219/0x270
[  342.136750][T15437]  sock_write_iter+0x258/0x330
[  342.136774][T15437]  ? __pfx_sock_write_iter+0x10/0x10
[  342.136805][T15437]  ? bpf_lsm_file_permission+0x9/0x20
[  342.136826][T15437]  ? security_file_permission+0x75/0x290
[  342.136856][T15437]  vfs_write+0x5c6/0xb30
[  342.136885][T15437]  ? __pfx_sock_write_iter+0x10/0x10
[  342.136906][T15437]  ? __pfx_vfs_write+0x10/0x10
[  342.136939][T15437]  ? __fget_files+0x2a/0x420
[  342.136963][T15437]  ksys_write+0x145/0x250
[  342.136989][T15437]  ? __pfx_ksys_write+0x10/0x10
[  342.137009][T15437]  ? rcu_is_watching+0x15/0xb0
[  342.137031][T15437]  ? do_syscall_64+0xbe/0x3b0
[  342.137060][T15437]  do_syscall_64+0xfa/0x3b0
[  342.137089][T15437]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.137112][T15437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.137129][T15437]  ? clear_bhb_loop+0x60/0xb0
[  342.137151][T15437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.137167][T15437] RIP: 0033:0x7f5d3418ebe9
[  342.137190][T15437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.137205][T15437] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  342.137223][T15437] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  342.137235][T15437] RDX: 0000000000000024 RSI: 0000200000000000 RDI: 0000000000000003
[  342.137247][T15437] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  342.137258][T15437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.137268][T15437] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  342.137296][T15437]  </TASK>
[  342.137307][T15433] CPU: 1 UID: 0 PID: 15433 Comm: syz.4.3319 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  342.137332][T15433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  342.137345][T15433] Call Trace:
[  342.137353][T15433]  <TASK>
[  342.137361][T15433]  dump_stack_lvl+0x189/0x250
[  342.137387][T15433]  ? __pfx____ratelimit+0x10/0x10
[  342.137414][T15433]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.137443][T15433]  ? __pfx__printk+0x10/0x10
[  342.137470][T15433]  ? __might_fault+0xb0/0x130
[  342.137509][T15433]  should_fail_ex+0x414/0x560
[  342.137539][T15433]  _copy_from_iter+0x1db/0x16f0
[  342.137570][T15433]  ? policy_nodemask+0x27c/0x720
[  342.137598][T15433]  ? __pfx__copy_from_iter+0x10/0x10
[  342.137625][T15433]  ? set_page_refcounted+0xa0/0x1e0
[  342.137653][T15433]  ? page_copy_sane+0x4e/0x280
[  342.137675][T15433]  copy_page_from_iter+0xdd/0x170
[  342.137698][T15433]  tun_get_user+0x1d7b/0x3e20
[  342.137726][T15433]  ? tun_get_user+0x6f6/0x3e20
[  342.137754][T15433]  ? aa_file_perm+0x44d/0x1550
[  342.137774][T15433]  ? __pfx_tun_get_user+0x10/0x10
[  342.137793][T15433]  ? _parse_integer_limit+0x1ae/0x1f0
[  342.137831][T15433]  ? __lock_acquire+0xab9/0xd20
[  342.137866][T15433]  ? ref_tracker_alloc+0x318/0x460
[  342.137890][T15433]  ? __lock_acquire+0xab9/0xd20
[  342.137919][T15433]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  342.137952][T15433]  ? tun_get+0x1c/0x2f0
[  342.137976][T15433]  ? tun_get+0x1c/0x2f0
[  342.137993][T15433]  ? tun_get+0x1c/0x2f0
[  342.138018][T15433]  tun_chr_write_iter+0x113/0x200
[  342.138052][T15433]  vfs_write+0x5c6/0xb30
[  342.138084][T15433]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  342.138156][T15433]  ? __pfx_vfs_write+0x10/0x10
[  342.138194][T15433]  ? __fget_files+0x2a/0x420
[  342.138221][T15433]  ksys_write+0x145/0x250
[  342.138249][T15433]  ? __pfx_ksys_write+0x10/0x10
[  342.138272][T15433]  ? rcu_is_watching+0x15/0xb0
[  342.138298][T15433]  ? do_syscall_64+0xbe/0x3b0
[  342.138336][T15433]  do_syscall_64+0xfa/0x3b0
[  342.138364][T15433]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.138391][T15433]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.138412][T15433]  ? clear_bhb_loop+0x60/0xb0
[  342.138443][T15433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.138463][T15433] RIP: 0033:0x7f80ec58d69f
[  342.138481][T15433] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  342.138499][T15433] RSP: 002b:00007f80ed402000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  342.138520][T15433] RAX: ffffffffffffffda RBX: 00007f80ec7b5fa0 RCX: 00007f80ec58d69f
[  342.138533][T15433] RDX: 0000000000000083 RSI: 0000200000000040 RDI: 00000000000000c8
[  342.138546][T15433] RBP: 00007f80ed402090 R08: 0000000000000000 R09: 0000000000000000
[  342.138559][T15433] R10: 0000000000000083 R11: 0000000000000293 R12: 0000000000000001
[  342.138571][T15433] R13: 00007f80ec7b6038 R14: 00007f80ec7b5fa0 R15: 00007ffd39ac2d98
[  342.138605][T15433]  </TASK>
[  342.757432][T15440] netlink: 'syz.2.3321': attribute type 5 has an invalid length.
[  342.913710][T15446] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  343.130671][T15455] bridge_slave_0: left allmulticast mode
[  343.153482][T15455] bridge_slave_0: left promiscuous mode
[  343.159488][T15455] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.223229][T15463] FAULT_INJECTION: forcing a failure.
[  343.223229][T15463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.251624][T15463] CPU: 1 UID: 0 PID: 15463 Comm: syz.3.3328 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  343.251656][T15463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  343.251669][T15463] Call Trace:
[  343.251677][T15463]  <TASK>
[  343.251687][T15463]  dump_stack_lvl+0x189/0x250
[  343.251716][T15463]  ? __pfx____ratelimit+0x10/0x10
[  343.251744][T15463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.251769][T15463]  ? __pfx__printk+0x10/0x10
[  343.251798][T15463]  ? __might_fault+0xb0/0x130
[  343.251840][T15463]  should_fail_ex+0x414/0x560
[  343.251872][T15463]  _copy_from_user+0x2d/0xb0
[  343.251896][T15463]  ___sys_sendmsg+0x158/0x2a0
[  343.251921][T15463]  ? __pfx____sys_sendmsg+0x10/0x10
[  343.251985][T15463]  ? __fget_files+0x2a/0x420
[  343.252003][T15463]  ? __fget_files+0x3a0/0x420
[  343.252033][T15463]  __x64_sys_sendmsg+0x19b/0x260
[  343.252058][T15463]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  343.252090][T15463]  ? __pfx_ksys_write+0x10/0x10
[  343.252116][T15463]  ? rcu_is_watching+0x15/0xb0
[  343.252151][T15463]  ? do_syscall_64+0xbe/0x3b0
[  343.252185][T15463]  do_syscall_64+0xfa/0x3b0
[  343.252213][T15463]  ? lockdep_hardirqs_on+0x9c/0x150
[  343.252240][T15463]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.252261][T15463]  ? clear_bhb_loop+0x60/0xb0
[  343.252286][T15463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.252306][T15463] RIP: 0033:0x7f5d3418ebe9
[  343.252325][T15463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.252342][T15463] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  343.252364][T15463] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  343.252379][T15463] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  343.252393][T15463] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  343.252406][T15463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.252418][T15463] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  343.252452][T15463]  </TASK>
[  343.489742][T15470] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3331'.
[  343.500745][T15455] bridge_slave_1: left allmulticast mode
[  343.509562][T15455] bridge_slave_1: left promiscuous mode
[  343.515775][T15455] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.568645][T15455] bond0: (slave bond_slave_0): Releasing backup interface
[  343.607141][T15478] netlink: 'syz.4.3323': attribute type 10 has an invalid length.
[  343.657272][T15455] bond0: (slave bond_slave_1): Releasing backup interface
[  343.705238][T15455] team0: Port device team_slave_0 removed
[  343.729532][T15455] team0: Port device team_slave_1 removed
[  343.736848][T15455] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.744276][T15455] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.763128][T15455] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.772105][T15455] batman_adv: batadv0: Removing interface: batadv_slave_1
[  343.902386][T15478] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  343.948343][T15487] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  344.049230][T15481] tipc: Resetting bearer <eth:syzkaller0>
[  344.106781][T15493] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  344.136093][T15489] syzkaller0: entered promiscuous mode
[  344.159895][T15489] syzkaller0: entered allmulticast mode
[  344.227701][T15480] tipc: Resetting bearer <eth:syzkaller0>
[  344.295504][T15480] tipc: Disabling bearer <eth:syzkaller0>
[  344.349788][T15502] bridge0: port 3(macsec1) entered blocking state
[  344.360605][T15502] bridge0: port 3(macsec1) entered disabled state
[  344.378768][T15502] macsec1: entered allmulticast mode
[  344.400034][T15502] macsec1: entered promiscuous mode
[  344.415252][T15502] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  344.437992][T15502] bridge0: port 3(macsec1) entered blocking state
[  344.445051][T15502] bridge0: port 3(macsec1) entered forwarding state
[  344.720093][T15523] netlink: 'syz.3.3344': attribute type 1 has an invalid length.
[  344.764791][T15522] tipc: Started in network mode
[  344.772812][T15522] tipc: Node identity 567d8df4a7b1, cluster identity 4711
[  344.780830][T15522] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  344.826634][T15527] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3344'.
[  344.831268][T15523] bond4: (slave veth7): Enslaving as an active interface with a down link
[  344.849168][T15522] syzkaller0: entered promiscuous mode
[  344.858330][T15522] syzkaller0: entered allmulticast mode
[  344.983784][T15522] tipc: Resetting bearer <eth:syzkaller0>
[  345.027128][T15525] : entered promiscuous mode
[  345.038617][T15521] tipc: Resetting bearer <eth:syzkaller0>
[  345.071610][T15521] tipc: Disabling bearer <eth:syzkaller0>
[  345.083464][ T6976] bridge0: port 3(macsec1) entered disabled state
[  345.393156][T15542] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3350'.
[  345.424582][T15542] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3350'.
[  345.434305][T15542] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3350'.
[  345.476127][T15542] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3350'.
[  345.535411][T15542] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3350'.
[  345.639766][T15542] netlink: 'syz.0.3350': attribute type 1 has an invalid length.
[  345.688104][T15542] netlink: 5624 bytes leftover after parsing attributes in process `syz.0.3350'.
[  345.881423][T15559] netlink: 148 bytes leftover after parsing attributes in process `syz.4.3354'.
[  345.915903][T15559] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  346.132883][T15571] netlink: 'syz.1.3357': attribute type 12 has an invalid length.
[  346.268794][T15573] netlink: 'syz.3.3358': attribute type 1 has an invalid length.
[  346.418622][T15573] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3358'.
[  346.499808][T15578] bond5: (slave veth9): Enslaving as an active interface with a down link
[  346.613902][T15582] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  346.642182][T15582] tipc: Resetting bearer <eth:syzkaller0>
[  346.663528][T15581] tipc: Disabling bearer <eth:syzkaller0>
[  346.764275][T15584] netlink: 'syz.3.3361': attribute type 1 has an invalid length.
[  346.891123][T15584] 8021q: adding VLAN 0 to HW filter on device bond6
[  346.986610][T15586] vlan2: entered allmulticast mode
[  346.991800][T15586] veth1: entered allmulticast mode
[  347.011710][T15588] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  347.211569][T15594] syzkaller1: entered promiscuous mode
[  347.235711][T15594] syzkaller1: entered allmulticast mode
[  347.350167][T15600] netlink: 'syz.4.3367': attribute type 1 has an invalid length.
[  347.948313][T15624] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  348.085129][T15630] netlink: 'syz.4.3377': attribute type 1 has an invalid length.
[  348.156182][T15630] vlan2: entered allmulticast mode
[  348.171737][T15630] veth1: entered allmulticast mode
[  348.402381][T15649] TCP: tcp_parse_options: Illegal window scaling value 236 > 14 received
[  348.413902][T15646] geneve2: entered allmulticast mode
[  348.645206][T15661] __nla_validate_parse: 1 callbacks suppressed
[  348.645228][T15661] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3392'.
[  348.731471][T15663] vti0: entered promiscuous mode
[  349.016166][T15682] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3396'.
[  349.494040][T15697] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3402'.
[  349.984158][T15711] netlink: 84 bytes leftover after parsing attributes in process `syz.2.3406'.
[  350.035473][T15711] netlink: 84 bytes leftover after parsing attributes in process `syz.2.3406'.
[  350.104259][T15713] FAULT_INJECTION: forcing a failure.
[  350.104259][T15713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.143458][T15713] CPU: 1 UID: 0 PID: 15713 Comm: syz.3.3407 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  350.143496][T15713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  350.143509][T15713] Call Trace:
[  350.143517][T15713]  <TASK>
[  350.143526][T15713]  dump_stack_lvl+0x189/0x250
[  350.143555][T15713]  ? __pfx____ratelimit+0x10/0x10
[  350.143584][T15713]  ? __pfx_dump_stack_lvl+0x10/0x10
[  350.143608][T15713]  ? __pfx__printk+0x10/0x10
[  350.143650][T15713]  should_fail_ex+0x414/0x560
[  350.143683][T15713]  _copy_to_user+0x31/0xb0
[  350.143709][T15713]  simple_read_from_buffer+0xe1/0x170
[  350.143745][T15713]  proc_fail_nth_read+0x1b3/0x220
[  350.143773][T15713]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  350.143799][T15713]  ? rw_verify_area+0x2a6/0x4d0
[  350.143825][T15713]  ? __lock_acquire+0xab9/0xd20
[  350.143853][T15713]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  350.143878][T15713]  vfs_read+0x1fd/0xa30
[  350.143903][T15713]  ? fdget_pos+0x247/0x320
[  350.143927][T15713]  ? __pfx___mutex_lock+0x10/0x10
[  350.143958][T15713]  ? __pfx_vfs_read+0x10/0x10
[  350.143986][T15713]  ? __fget_files+0x2a/0x420
[  350.144009][T15713]  ? __fget_files+0x3a0/0x420
[  350.144026][T15713]  ? __fget_files+0x2a/0x420
[  350.144055][T15713]  ksys_read+0x145/0x250
[  350.144085][T15713]  ? __pfx_ksys_read+0x10/0x10
[  350.144108][T15713]  ? rcu_is_watching+0x15/0xb0
[  350.144136][T15713]  ? do_syscall_64+0xbe/0x3b0
[  350.144170][T15713]  do_syscall_64+0xfa/0x3b0
[  350.144198][T15713]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.144225][T15713]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.144246][T15713]  ? clear_bhb_loop+0x60/0xb0
[  350.144272][T15713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.144291][T15713] RIP: 0033:0x7f5d3418d5fc
[  350.144310][T15713] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  350.144327][T15713] RSP: 002b:00007f5d35064030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  350.144348][T15713] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418d5fc
[  350.144362][T15713] RDX: 000000000000000f RSI: 00007f5d350640a0 RDI: 0000000000000008
[  350.144374][T15713] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  350.144387][T15713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.144398][T15713] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  350.144434][T15713]  </TASK>
[  350.903288][T15745] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  352.055618][T15774] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  352.245836][T15775] netlink: 'syz.1.3429': attribute type 1 has an invalid length.
[  352.253839][T15775] netlink: 'syz.1.3429': attribute type 2 has an invalid length.
[  352.272391][T15778] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  352.283414][T15778] tipc: Resetting bearer <eth:syzkaller0>
[  352.346410][T15777] tipc: Disabling bearer <eth:syzkaller0>
[  352.629259][T15792] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  352.647877][T15792] syzkaller0: entered promiscuous mode
[  352.654300][T15792] syzkaller0: entered allmulticast mode
[  352.844777][T15790] tipc: Resetting bearer <eth:syzkaller0>
[  352.936839][T15790] tipc: Disabling bearer <eth:syzkaller0>
[  352.980931][T15809] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3440'.
[  353.399141][T15824] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3444'.
[  353.670237][T15832] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  353.701964][T15832] tipc: Resetting bearer <eth:syzkaller0>
[  353.721387][T15830] tipc: Disabling bearer <eth:syzkaller0>
[  353.978030][T15849] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3454'.
[  354.019573][T15852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3456'.
[  354.120332][T15857] Bluetooth: MGMT ver 1.23
[  354.165945][T15857] FAULT_INJECTION: forcing a failure.
[  354.165945][T15857] name failslab, interval 1, probability 0, space 0, times 0
[  354.232731][T15857] CPU: 1 UID: 0 PID: 15857 Comm: syz.3.3457 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  354.232763][T15857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  354.232777][T15857] Call Trace:
[  354.232785][T15857]  <TASK>
[  354.232794][T15857]  dump_stack_lvl+0x189/0x250
[  354.232826][T15857]  ? __pfx____ratelimit+0x10/0x10
[  354.232855][T15857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  354.232880][T15857]  ? __pfx__printk+0x10/0x10
[  354.232915][T15857]  ? __pfx___might_resched+0x10/0x10
[  354.232934][T15857]  ? fs_reclaim_acquire+0x7d/0x100
[  354.232972][T15857]  should_fail_ex+0x414/0x560
[  354.233006][T15857]  should_failslab+0xa8/0x100
[  354.233038][T15857]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  354.233067][T15857]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  354.233092][T15857]  ? __alloc_skb+0x112/0x2d0
[  354.233127][T15857]  __alloc_skb+0x112/0x2d0
[  354.233171][T15857]  mgmt_cmd_status+0x41/0x4c0
[  354.233210][T15857]  hci_mgmt_cmd+0x9c6/0xef0
[  354.233245][T15857]  hci_sock_sendmsg+0x6ca/0xef0
[  354.233284][T15857]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  354.233316][T15857]  ? aa_sock_msg_perm+0xf1/0x1d0
[  354.233350][T15857]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  354.233373][T15857]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  354.233406][T15857]  __sock_sendmsg+0x219/0x270
[  354.233436][T15857]  sock_write_iter+0x258/0x330
[  354.233465][T15857]  ? __pfx_sock_write_iter+0x10/0x10
[  354.233503][T15857]  ? bpf_lsm_file_permission+0x9/0x20
[  354.233526][T15857]  ? security_file_permission+0x75/0x290
[  354.233563][T15857]  vfs_write+0x5c6/0xb30
[  354.233597][T15857]  ? __pfx_sock_write_iter+0x10/0x10
[  354.233623][T15857]  ? __pfx_vfs_write+0x10/0x10
[  354.233663][T15857]  ? __fget_files+0x2a/0x420
[  354.233693][T15857]  ksys_write+0x145/0x250
[  354.233723][T15857]  ? __pfx_ksys_write+0x10/0x10
[  354.233751][T15857]  ? rcu_is_watching+0x15/0xb0
[  354.233778][T15857]  ? do_syscall_64+0xbe/0x3b0
[  354.233813][T15857]  do_syscall_64+0xfa/0x3b0
[  354.233842][T15857]  ? lockdep_hardirqs_on+0x9c/0x150
[  354.233869][T15857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.233889][T15857]  ? clear_bhb_loop+0x60/0xb0
[  354.233915][T15857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.233934][T15857] RIP: 0033:0x7f5d3418ebe9
[  354.233953][T15857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.233970][T15857] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  354.233991][T15857] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  354.234006][T15857] RDX: 0000000000000008 RSI: 0000200000000500 RDI: 0000000000000004
[  354.234019][T15857] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  354.234031][T15857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.234042][T15857] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  354.234076][T15857]  </TASK>
[  354.622036][ T5863] Bluetooth: hci2: command 0x0419 tx timeout
[  354.705063][T15869] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  354.750675][T15871] raw_sendmsg: syz.0.3461 forgot to set AF_INET. Fix it!
[  354.813376][T15871] netlink: 'syz.0.3461': attribute type 16 has an invalid length.
[  354.852120][T15871] netlink: 'syz.0.3461': attribute type 17 has an invalid length.
[  355.032302][T15882] tipc: New replicast peer: 255.255.255.255
[  355.059436][T15882] tipc: Enabled bearer <udp:s>, priority 10
[  355.095462][T15889] mac80211_hwsim hwsim17 wlan0: entered promiscuous mode
[  355.103396][T15889] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  355.241946][T15893] lo: entered allmulticast mode
[  355.251339][T15893] FAULT_INJECTION: forcing a failure.
[  355.251339][T15893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.270938][T15893] CPU: 0 UID: 0 PID: 15893 Comm: syz.0.3471 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  355.270967][T15893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  355.270979][T15893] Call Trace:
[  355.270988][T15893]  <TASK>
[  355.270996][T15893]  dump_stack_lvl+0x189/0x250
[  355.271026][T15893]  ? __pfx____ratelimit+0x10/0x10
[  355.271055][T15893]  ? __pfx_dump_stack_lvl+0x10/0x10
[  355.271081][T15893]  ? __pfx__printk+0x10/0x10
[  355.271124][T15893]  should_fail_ex+0x414/0x560
[  355.271157][T15893]  _copy_to_user+0x31/0xb0
[  355.271183][T15893]  simple_read_from_buffer+0xe1/0x170
[  355.271219][T15893]  proc_fail_nth_read+0x1b3/0x220
[  355.271245][T15893]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  355.271273][T15893]  ? rw_verify_area+0x2a6/0x4d0
[  355.271298][T15893]  ? __lock_acquire+0xab9/0xd20
[  355.271326][T15893]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  355.271350][T15893]  vfs_read+0x1fd/0xa30
[  355.271374][T15893]  ? fdget_pos+0x247/0x320
[  355.271405][T15893]  ? __pfx___mutex_lock+0x10/0x10
[  355.271436][T15893]  ? __pfx_vfs_read+0x10/0x10
[  355.271465][T15893]  ? __fget_files+0x2a/0x420
[  355.271487][T15893]  ? __fget_files+0x3a0/0x420
[  355.271503][T15893]  ? __fget_files+0x2a/0x420
[  355.271531][T15893]  ksys_read+0x145/0x250
[  355.271556][T15893]  ? __pfx_ksys_read+0x10/0x10
[  355.271576][T15893]  ? rcu_is_watching+0x15/0xb0
[  355.271597][T15893]  ? do_syscall_64+0xbe/0x3b0
[  355.271625][T15893]  do_syscall_64+0xfa/0x3b0
[  355.271651][T15893]  ? lockdep_hardirqs_on+0x9c/0x150
[  355.271673][T15893]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.271690][T15893]  ? clear_bhb_loop+0x60/0xb0
[  355.271710][T15893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.271726][T15893] RIP: 0033:0x7fcaf438d5fc
[  355.271741][T15893] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  355.271755][T15893] RSP: 002b:00007fcaf5196030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  355.271773][T15893] RAX: ffffffffffffffda RBX: 00007fcaf45b5fa0 RCX: 00007fcaf438d5fc
[  355.271785][T15893] RDX: 000000000000000f RSI: 00007fcaf51960a0 RDI: 0000000000000006
[  355.271795][T15893] RBP: 00007fcaf5196090 R08: 0000000000000000 R09: 0000000000000000
[  355.271805][T15893] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.271816][T15893] R13: 00007fcaf45b6038 R14: 00007fcaf45b5fa0 R15: 00007ffe0957be58
[  355.271842][T15893]  </TASK>
[  355.781638][ T6976] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x7
[  355.784004][T15900] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  355.822623][T15900] tipc: Resetting bearer <eth:syzkaller0>
[  355.870922][T15916] FAULT_INJECTION: forcing a failure.
[  355.870922][T15916] name failslab, interval 1, probability 0, space 0, times 0
[  355.883943][T15916] CPU: 1 UID: 0 PID: 15916 Comm: syz.0.3478 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  355.883972][T15916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  355.883985][T15916] Call Trace:
[  355.883993][T15916]  <TASK>
[  355.884002][T15916]  dump_stack_lvl+0x189/0x250
[  355.884033][T15916]  ? __pfx____ratelimit+0x10/0x10
[  355.884061][T15916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  355.884087][T15916]  ? __pfx__printk+0x10/0x10
[  355.884117][T15916]  ? rcu_is_watching+0x15/0xb0
[  355.884139][T15916]  ? trace_fib_table_lookup+0x85/0x200
[  355.884176][T15916]  ? fib_table_lookup+0x11ba/0x16e0
[  355.884212][T15916]  should_fail_ex+0x414/0x560
[  355.884245][T15916]  should_failslab+0xa8/0x100
[  355.884279][T15916]  kmem_cache_alloc_noprof+0x73/0x3c0
[  355.884306][T15916]  ? dst_alloc+0x105/0x170
[  355.884326][T15916]  ? fib_lookup+0x76/0x440
[  355.884358][T15916]  dst_alloc+0x105/0x170
[  355.884386][T15916]  ip_route_output_key_hash_rcu+0x14e1/0x23d0
[  355.884426][T15916]  ? ip_route_output_key_hash+0xde/0x2e0
[  355.884452][T15916]  ip_route_output_key_hash+0x1b9/0x2e0
[  355.884473][T15916]  ? __lock_acquire+0xab9/0xd20
[  355.884507][T15916]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  355.884538][T15916]  ? inet_csk_route_req+0x57/0xe00
[  355.884570][T15916]  ip_route_output_flow+0x2a/0x150
[  355.884589][T15916]  ? security_req_classify_flow+0x70/0x170
[  355.884619][T15916]  inet_csk_route_req+0x63a/0xe00
[  355.884646][T15916]  ? inet_csk_route_req+0x57/0xe00
[  355.884673][T15916]  tcp_v4_send_synack+0xcd/0xa50
[  355.884701][T15916]  ? get_random_u32+0x155/0x940
[  355.884724][T15916]  ? tun_chr_write_iter+0x113/0x200
[  355.884761][T15916]  ? __pfx_tcp_v4_send_synack+0x10/0x10
[  355.884824][T15916]  tcp_rtx_synack+0x173/0x610
[  355.884852][T15916]  ? __pfx_tcp_rtx_synack+0x10/0x10
[  355.884871][T15916]  ? tcp_parse_options+0x12ad/0x1370
[  355.884911][T15916]  ? tcp_oow_rate_limited+0x223/0x390
[  355.884939][T15916]  tcp_check_req+0x4dd/0x1800
[  355.884979][T15916]  ? __pfx_tcp_check_req+0x10/0x10
[  355.884999][T15916]  ? sk_filter_trim_cap+0x1d0/0x9d0
[  355.885023][T15916]  ? tcp_v4_fill_cb+0x3d/0x4c0
[  355.885055][T15916]  ? __asan_memset+0x50/0x50
[  355.885079][T15916]  ? tcp_v4_fill_cb+0x1e0/0x4c0
[  355.885117][T15916]  tcp_v4_rcv+0x1896/0x2f40
[  355.885197][T15916]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  355.885238][T15916]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  355.885269][T15916]  ip_protocol_deliver_rcu+0x221/0x440
[  355.885301][T15916]  ? ip_local_deliver_finish+0x2ae/0x6f0
[  355.885333][T15916]  ip_local_deliver_finish+0x3bb/0x6f0
[  355.885383][T15916]  NF_HOOK+0x309/0x3a0
[  355.885414][T15916]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  355.885443][T15916]  ? NF_HOOK+0x9a/0x3a0
[  355.885470][T15916]  ? __pfx_NF_HOOK+0x10/0x10
[  355.885502][T15916]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  355.885533][T15916]  ? skb_dst+0x71/0xd0
[  355.885564][T15916]  ? ip_local_deliver+0x12a/0x1b0
[  355.885597][T15916]  NF_HOOK+0x309/0x3a0
[  355.885627][T15916]  ? __pfx_ip_rcv_finish+0x10/0x10
[  355.885655][T15916]  ? NF_HOOK+0x9a/0x3a0
[  355.885681][T15916]  ? __pfx_NF_HOOK+0x10/0x10
[  355.885706][T15916]  ? ip_rcv_core+0x7f7/0xd00
[  355.885737][T15916]  ? __pfx_ip_rcv_finish+0x10/0x10
[  355.885778][T15916]  ? __pfx_ip_rcv+0x10/0x10
[  355.885804][T15916]  __netif_receive_skb+0x143/0x380
[  355.885832][T15916]  ? read_tsc+0x9/0x20
[  355.885865][T15916]  ? netif_receive_skb+0x115/0x790
[  355.885890][T15916]  netif_receive_skb+0x1cb/0x790
[  355.885920][T15916]  ? __pfx_netif_receive_skb+0x10/0x10
[  355.885953][T15916]  ? tun_rx_batched+0x160/0x730
[  355.885976][T15916]  tun_rx_batched+0x1b9/0x730
[  355.885995][T15916]  ? __lock_acquire+0xab9/0xd20
[  355.886030][T15916]  ? __pfx_tun_rx_batched+0x10/0x10
[  355.886055][T15916]  ? tun_get_user+0x266c/0x3e20
[  355.886092][T15916]  tun_get_user+0x2aa2/0x3e20
[  355.886120][T15916]  ? tun_get_user+0x6f6/0x3e20
[  355.886142][T15916]  ? tun_get_user+0x266c/0x3e20
[  355.886167][T15916]  ? aa_file_perm+0x44d/0x1550
[  355.886187][T15916]  ? __pfx_tun_get_user+0x10/0x10
[  355.886221][T15916]  ? __lock_acquire+0xab9/0xd20
[  355.886259][T15916]  ? ref_tracker_alloc+0x318/0x460
[  355.886285][T15916]  ? __lock_acquire+0xab9/0xd20
[  355.886317][T15916]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  355.886358][T15916]  ? tun_get+0x1c/0x2f0
[  355.886385][T15916]  ? tun_get+0x1c/0x2f0
[  355.886404][T15916]  ? tun_get+0x1c/0x2f0
[  355.886429][T15916]  tun_chr_write_iter+0x113/0x200
[  355.886465][T15916]  vfs_write+0x5c6/0xb30
[  355.886500][T15916]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  355.886534][T15916]  ? __pfx_vfs_write+0x10/0x10
[  355.886576][T15916]  ? __fget_files+0x2a/0x420
[  355.886606][T15916]  ksys_write+0x145/0x250
[  355.886638][T15916]  ? __pfx_ksys_write+0x10/0x10
[  355.886662][T15916]  ? rcu_is_watching+0x15/0xb0
[  355.886690][T15916]  ? do_syscall_64+0xbe/0x3b0
[  355.886725][T15916]  do_syscall_64+0xfa/0x3b0
[  355.886753][T15916]  ? lockdep_hardirqs_on+0x9c/0x150
[  355.886781][T15916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.886802][T15916]  ? clear_bhb_loop+0x60/0xb0
[  355.886829][T15916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.886849][T15916] RIP: 0033:0x7fcaf438d69f
[  355.886869][T15916] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  355.886886][T15916] RSP: 002b:00007fcaf5196000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  355.886908][T15916] RAX: ffffffffffffffda RBX: 00007fcaf45b5fa0 RCX: 00007fcaf438d69f
[  355.886924][T15916] RDX: 0000000000000042 RSI: 0000200000000140 RDI: 00000000000000c8
[  355.886937][T15916] RBP: 00007fcaf5196090 R08: 0000000000000000 R09: 0000000000000000
[  355.886950][T15916] R10: 0000000000000042 R11: 0000000000000293 R12: 0000000000000001
[  355.886962][T15916] R13: 00007fcaf45b6038 R14: 00007fcaf45b5fa0 R15: 00007ffe0957be58
[  355.886998][T15916]  </TASK>
[  356.486555][T15898] tipc: Disabling bearer <eth:syzkaller0>
[  356.886383][T15933] FAULT_INJECTION: forcing a failure.
[  356.886383][T15933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.899592][T15933] CPU: 1 UID: 0 PID: 15933 Comm: syz.1.3483 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  356.899623][T15933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  356.899636][T15933] Call Trace:
[  356.899645][T15933]  <TASK>
[  356.899655][T15933]  dump_stack_lvl+0x189/0x250
[  356.899686][T15933]  ? __pfx____ratelimit+0x10/0x10
[  356.899715][T15933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  356.899740][T15933]  ? __pfx__printk+0x10/0x10
[  356.899784][T15933]  should_fail_ex+0x414/0x560
[  356.899817][T15933]  _copy_to_user+0x31/0xb0
[  356.899845][T15933]  simple_read_from_buffer+0xe1/0x170
[  356.899881][T15933]  proc_fail_nth_read+0x1b3/0x220
[  356.899909][T15933]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  356.899936][T15933]  ? rw_verify_area+0x2a6/0x4d0
[  356.899961][T15933]  ? __lock_acquire+0xab9/0xd20
[  356.899990][T15933]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  356.900016][T15933]  vfs_read+0x1fd/0xa30
[  356.900042][T15933]  ? fdget_pos+0x247/0x320
[  356.900066][T15933]  ? __pfx___mutex_lock+0x10/0x10
[  356.900097][T15933]  ? __pfx_vfs_read+0x10/0x10
[  356.900126][T15933]  ? __fget_files+0x2a/0x420
[  356.900150][T15933]  ? __fget_files+0x3a0/0x420
[  356.900167][T15933]  ? __fget_files+0x2a/0x420
[  356.900196][T15933]  ksys_read+0x145/0x250
[  356.900227][T15933]  ? __pfx_ksys_read+0x10/0x10
[  356.900258][T15933]  ? rcu_is_watching+0x15/0xb0
[  356.900286][T15933]  ? do_syscall_64+0xbe/0x3b0
[  356.900321][T15933]  do_syscall_64+0xfa/0x3b0
[  356.900348][T15933]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.900376][T15933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.900397][T15933]  ? clear_bhb_loop+0x60/0xb0
[  356.900423][T15933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.900444][T15933] RIP: 0033:0x7fccdd98d5fc
[  356.900462][T15933] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  356.900480][T15933] RSP: 002b:00007fccde840030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  356.900502][T15933] RAX: ffffffffffffffda RBX: 00007fccddbb5fa0 RCX: 00007fccdd98d5fc
[  356.900517][T15933] RDX: 000000000000000f RSI: 00007fccde8400a0 RDI: 0000000000000004
[  356.900531][T15933] RBP: 00007fccde840090 R08: 0000000000000000 R09: 0000000000000000
[  356.900545][T15933] R10: 00000000000000d2 R11: 0000000000000246 R12: 0000000000000001
[  356.900558][T15933] R13: 00007fccddbb6038 R14: 00007fccddbb5fa0 R15: 00007ffc46e31df8
[  356.900594][T15933]  </TASK>
[  357.179095][T15931] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3485'.
[  357.282829][T15940] openvswitch: netlink: Geneve opt len 11 is not a multiple of 4.
[  357.422264][T15939] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3487'.
[  357.432494][T15950] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3491'.
[  357.606568][T15939] 8021q: adding VLAN 0 to HW filter on device bond2
[  357.856928][    T9] IPVS: starting estimator thread 0...
[  357.950015][T15965] IPVS: using max 25 ests per chain, 60000 per kthread
[  358.687765][T16002] netlink: 'syz.3.3511': attribute type 1 has an invalid length.
[  358.733043][T16002] 8021q: adding VLAN 0 to HW filter on device bond7
[  358.751819][T16002] netlink: 'syz.3.3511': attribute type 16 has an invalid length.
[  358.780364][T16002] netlink: 'syz.3.3511': attribute type 17 has an invalid length.
[  359.407779][T15980] netlink: 248 bytes leftover after parsing attributes in process `syz.4.3503'.
[  360.379480][ T6976] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  360.598550][T16071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3532'.
[  360.640704][T16071] 8021q: adding VLAN 0 to HW filter on device bond2
[  360.686219][T16071] bond2: (slave veth5): Enslaving as an active interface with an up link
[  361.902644][T16111] netlink: del zone limit has 4 unknown bytes
[  361.934741][T16111] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3548'.
[  361.969569][T16111] 8021q: adding VLAN 0 to HW filter on device bond8
[  362.002950][T16116] FAULT_INJECTION: forcing a failure.
[  362.002950][T16116] name failslab, interval 1, probability 0, space 0, times 0
[  362.019300][T16116] CPU: 1 UID: 0 PID: 16116 Comm: syz.1.3550 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  362.019330][T16116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  362.019344][T16116] Call Trace:
[  362.019353][T16116]  <TASK>
[  362.019362][T16116]  dump_stack_lvl+0x189/0x250
[  362.019393][T16116]  ? __pfx____ratelimit+0x10/0x10
[  362.019422][T16116]  ? __pfx_dump_stack_lvl+0x10/0x10
[  362.019448][T16116]  ? __pfx__printk+0x10/0x10
[  362.019484][T16116]  ? __pfx___might_resched+0x10/0x10
[  362.019502][T16116]  ? fs_reclaim_acquire+0x7d/0x100
[  362.019541][T16116]  should_fail_ex+0x414/0x560
[  362.019574][T16116]  should_failslab+0xa8/0x100
[  362.019607][T16116]  __kmalloc_noprof+0xcb/0x4f0
[  362.019634][T16116]  ? bpf_test_init+0xc2/0x170
[  362.019668][T16116]  bpf_test_init+0xc2/0x170
[  362.019702][T16116]  bpf_prog_test_run_xdp+0x37c/0x1000
[  362.019751][T16116]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  362.019795][T16116]  ? __fget_files+0x2a/0x420
[  362.019820][T16116]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  362.019851][T16116]  bpf_prog_test_run+0x2c4/0x340
[  362.019887][T16116]  __sys_bpf+0x581/0x870
[  362.019916][T16116]  ? __pfx___sys_bpf+0x10/0x10
[  362.019959][T16116]  ? ksys_write+0x22a/0x250
[  362.019990][T16116]  ? __pfx_ksys_write+0x10/0x10
[  362.020014][T16116]  ? rcu_is_watching+0x15/0xb0
[  362.020044][T16116]  __x64_sys_bpf+0x7c/0x90
[  362.020070][T16116]  do_syscall_64+0xfa/0x3b0
[  362.020099][T16116]  ? lockdep_hardirqs_on+0x9c/0x150
[  362.020127][T16116]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.020148][T16116]  ? clear_bhb_loop+0x60/0xb0
[  362.020174][T16116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.020194][T16116] RIP: 0033:0x7fccdd98ebe9
[  362.020213][T16116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.020231][T16116] RSP: 002b:00007fccde840038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  362.020253][T16116] RAX: ffffffffffffffda RBX: 00007fccddbb5fa0 RCX: 00007fccdd98ebe9
[  362.020268][T16116] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a
[  362.020281][T16116] RBP: 00007fccde840090 R08: 0000000000000000 R09: 0000000000000000
[  362.020295][T16116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.020307][T16116] R13: 00007fccddbb6038 R14: 00007fccddbb5fa0 R15: 00007ffc46e31df8
[  362.020342][T16116]  </TASK>
[  362.273674][T16111] bond8: (slave veth11): Enslaving as an active interface with an up link
[  362.501357][T16126] FAULT_INJECTION: forcing a failure.
[  362.501357][T16126] name failslab, interval 1, probability 0, space 0, times 0
[  362.514287][T16126] CPU: 1 UID: 0 PID: 16126 Comm: syz.4.3555 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  362.514316][T16126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  362.514329][T16126] Call Trace:
[  362.514337][T16126]  <TASK>
[  362.514347][T16126]  dump_stack_lvl+0x189/0x250
[  362.514377][T16126]  ? __pfx____ratelimit+0x10/0x10
[  362.514422][T16126]  ? __pfx_dump_stack_lvl+0x10/0x10
[  362.514446][T16126]  ? __pfx__printk+0x10/0x10
[  362.514481][T16126]  ? __pfx___might_resched+0x10/0x10
[  362.514507][T16126]  should_fail_ex+0x414/0x560
[  362.514539][T16126]  should_failslab+0xa8/0x100
[  362.514577][T16126]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  362.514607][T16126]  ? __alloc_skb+0x112/0x2d0
[  362.514633][T16126]  ? __pfx___mutex_trylock_common+0x10/0x10
[  362.514660][T16126]  __alloc_skb+0x112/0x2d0
[  362.514695][T16126]  netlink_dump+0x1b7/0xe90
[  362.514749][T16126]  ? __netlink_lookup+0xbd/0x810
[  362.514785][T16126]  ? __pfx_netlink_dump+0x10/0x10
[  362.514811][T16126]  ? __netlink_lookup+0x752/0x810
[  362.514860][T16126]  ? netlink_lookup+0x30/0x200
[  362.514888][T16126]  ? netlink_lookup+0x30/0x200
[  362.514913][T16126]  ? netlink_lookup+0x30/0x200
[  362.514948][T16126]  __netlink_dump_start+0x5cb/0x7e0
[  362.514987][T16126]  rtnetlink_rcv_msg+0x9eb/0xb70
[  362.515018][T16126]  ? __pfx_inet6_dump_ifinfo+0x10/0x10
[  362.515047][T16126]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  362.515076][T16126]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.515104][T16126]  ? ref_tracker_free+0x63a/0x7d0
[  362.515131][T16126]  ? __pfx_inet6_dump_ifinfo+0x10/0x10
[  362.515177][T16126]  netlink_rcv_skb+0x205/0x470
[  362.515208][T16126]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  362.515241][T16126]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  362.515283][T16126]  ? netlink_deliver_tap+0x2e/0x1b0
[  362.515323][T16126]  netlink_unicast+0x82c/0x9e0
[  362.515361][T16126]  ? __pfx_netlink_unicast+0x10/0x10
[  362.515390][T16126]  ? netlink_sendmsg+0x642/0xb30
[  362.515418][T16126]  ? skb_put+0x11b/0x210
[  362.515441][T16126]  netlink_sendmsg+0x805/0xb30
[  362.515482][T16126]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.515514][T16126]  ? __lock_acquire+0xab9/0xd20
[  362.515543][T16126]  ? aa_sock_msg_perm+0xf1/0x1d0
[  362.515586][T16126]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  362.515609][T16126]  ? __pfx_netlink_sendmsg+0x10/0x10
[  362.515641][T16126]  __sock_sendmsg+0x219/0x270
[  362.515673][T16126]  sock_write_iter+0x258/0x330
[  362.515702][T16126]  ? __pfx_sock_write_iter+0x10/0x10
[  362.515740][T16126]  ? bpf_lsm_file_permission+0x9/0x20
[  362.515765][T16126]  ? security_file_permission+0x75/0x290
[  362.515802][T16126]  vfs_write+0x5c6/0xb30
[  362.515836][T16126]  ? __pfx_sock_write_iter+0x10/0x10
[  362.515863][T16126]  ? __pfx_vfs_write+0x10/0x10
[  362.515904][T16126]  ? __fget_files+0x2a/0x420
[  362.515946][T16126]  ksys_write+0x145/0x250
[  362.515977][T16126]  ? __pfx_ksys_write+0x10/0x10
[  362.516018][T16126]  ? rcu_is_watching+0x15/0xb0
[  362.516046][T16126]  ? do_syscall_64+0xbe/0x3b0
[  362.516083][T16126]  do_syscall_64+0xfa/0x3b0
[  362.516112][T16126]  ? lockdep_hardirqs_on+0x9c/0x150
[  362.516140][T16126]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.516161][T16126]  ? clear_bhb_loop+0x60/0xb0
[  362.516187][T16126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.516208][T16126] RIP: 0033:0x7f80ec58ebe9
[  362.516228][T16126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.516246][T16126] RSP: 002b:00007f80ed402038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  362.516269][T16126] RAX: ffffffffffffffda RBX: 00007f80ec7b5fa0 RCX: 00007f80ec58ebe9
[  362.516284][T16126] RDX: 000000000000041d RSI: 0000200000000180 RDI: 0000000000000003
[  362.516298][T16126] RBP: 00007f80ed402090 R08: 0000000000000000 R09: 0000000000000000
[  362.516311][T16126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.516324][T16126] R13: 00007f80ec7b6038 R14: 00007f80ec7b5fa0 R15: 00007ffd39ac2d98
[  362.516360][T16126]  </TASK>
[  363.162554][T16142] netlink: 'syz.3.3560': attribute type 1 has an invalid length.
[  363.265979][T16148] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3562'.
[  363.343991][T16142] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3560'.
[  363.391845][T16146] bond9: (slave veth13): Enslaving as an active interface with a down link
[  363.699030][T16168] netlink: 'syz.0.3572': attribute type 1 has an invalid length.
[  363.764106][T16173] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3572'.
[  363.773600][T16173] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3572'.
[  363.775012][T16168] 8021q: adding VLAN 0 to HW filter on device bond3
[  363.790554][T16170] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3573'.
[  363.841271][T16170] 8021q: adding VLAN 0 to HW filter on device bond3
[  363.850588][T16170] bond0: (slave bond3): Enslaving as an active interface with an up link
[  364.089525][T16186] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3577'.
[  364.157177][T16186] FAULT_INJECTION: forcing a failure.
[  364.157177][T16186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.176968][T16186] CPU: 1 UID: 0 PID: 16186 Comm: syz.1.3577 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  364.176998][T16186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  364.177012][T16186] Call Trace:
[  364.177021][T16186]  <TASK>
[  364.177030][T16186]  dump_stack_lvl+0x189/0x250
[  364.177061][T16186]  ? __pfx____ratelimit+0x10/0x10
[  364.177092][T16186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  364.177118][T16186]  ? __pfx__printk+0x10/0x10
[  364.177147][T16186]  ? __might_fault+0xb0/0x130
[  364.177190][T16186]  should_fail_ex+0x414/0x560
[  364.177223][T16186]  _copy_from_user+0x2d/0xb0
[  364.177249][T16186]  __sys_sendto+0x25c/0x520
[  364.177284][T16186]  ? __pfx___sys_sendto+0x10/0x10
[  364.177314][T16186]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  364.177370][T16186]  ? __fget_files+0x3a0/0x420
[  364.177402][T16186]  ? ksys_write+0x22a/0x250
[  364.177432][T16186]  ? __pfx_ksys_write+0x10/0x10
[  364.177457][T16186]  ? rcu_is_watching+0x15/0xb0
[  364.177483][T16186]  __x64_sys_sendto+0xde/0x100
[  364.177520][T16186]  do_syscall_64+0xfa/0x3b0
[  364.177550][T16186]  ? lockdep_hardirqs_on+0x9c/0x150
[  364.177577][T16186]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.177600][T16186]  ? clear_bhb_loop+0x60/0xb0
[  364.177626][T16186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.177647][T16186] RIP: 0033:0x7fccdd98ebe9
[  364.177666][T16186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.177684][T16186] RSP: 002b:00007fccde840038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  364.177708][T16186] RAX: ffffffffffffffda RBX: 00007fccddbb5fa0 RCX: 00007fccdd98ebe9
[  364.177723][T16186] RDX: 000000000000000e RSI: 00002000000002c0 RDI: 0000000000000003
[  364.177735][T16186] RBP: 00007fccde840090 R08: 0000200000000440 R09: 0000000000000014
[  364.177749][T16186] R10: 0000000000000870 R11: 0000000000000246 R12: 0000000000000001
[  364.177762][T16186] R13: 00007fccddbb6038 R14: 00007fccddbb5fa0 R15: 00007ffc46e31df8
[  364.177795][T16186]  </TASK>
[  364.178798][T16188] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  364.400566][T16193] syzkaller0: entered promiscuous mode
[  364.447381][T16193] syzkaller0: entered allmulticast mode
[  364.481796][T16188] tipc: Resetting bearer <eth:syzkaller0>
[  364.545268][T16187] tipc: Resetting bearer <eth:syzkaller0>
[  364.587789][T16187] tipc: Disabling bearer <eth:syzkaller0>
[  364.628287][T16206] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.3586'.
[  364.677280][T16206] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3586'.
[  364.753964][T16212] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3587'.
[  364.973201][T16219] netlink: 'syz.4.3591': attribute type 10 has an invalid length.
[  364.982547][T16220] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  365.025934][T16219] team0: Cannot enslave team device to itself
[  365.072534][T16226] FAULT_INJECTION: forcing a failure.
[  365.072534][T16226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  365.087304][T16226] CPU: 1 UID: 0 PID: 16226 Comm: syz.3.3594 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  365.087335][T16226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  365.087348][T16226] Call Trace:
[  365.087357][T16226]  <TASK>
[  365.087366][T16226]  dump_stack_lvl+0x189/0x250
[  365.087397][T16226]  ? __pfx____ratelimit+0x10/0x10
[  365.087426][T16226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  365.087451][T16226]  ? __pfx__printk+0x10/0x10
[  365.087482][T16226]  ? __might_fault+0xb0/0x130
[  365.087524][T16226]  should_fail_ex+0x414/0x560
[  365.087558][T16226]  _copy_from_user+0x2d/0xb0
[  365.087584][T16226]  br_dev_siocdevprivate+0xf5/0x1580
[  365.087606][T16226]  ? __pfx___mutex_trylock_common+0x10/0x10
[  365.087635][T16226]  ? __pfx_br_dev_siocdevprivate+0x10/0x10
[  365.087654][T16226]  ? rcu_is_watching+0x15/0xb0
[  365.087676][T16226]  ? trace_contention_end+0x39/0x120
[  365.087711][T16226]  ? __lock_acquire+0xab9/0xd20
[  365.087745][T16226]  ? dev_ioctl+0x83c/0x1150
[  365.087775][T16226]  ? full_name_hash+0x92/0xe0
[  365.087801][T16226]  ? netdev_name_node_lookup+0xdf/0x120
[  365.087832][T16226]  dev_ifsioc+0xb57/0xf00
[  365.087872][T16226]  dev_ioctl+0x84c/0x1150
[  365.087904][T16226]  sock_ioctl+0x719/0x790
[  365.087932][T16226]  ? __pfx_sock_ioctl+0x10/0x10
[  365.087961][T16226]  ? __fget_files+0x3a0/0x420
[  365.087978][T16226]  ? __fget_files+0x2a/0x420
[  365.088001][T16226]  ? bpf_lsm_file_ioctl+0x9/0x20
[  365.088028][T16226]  ? __pfx_sock_ioctl+0x10/0x10
[  365.088052][T16226]  __se_sys_ioctl+0xf9/0x170
[  365.088081][T16226]  do_syscall_64+0xfa/0x3b0
[  365.088110][T16226]  ? lockdep_hardirqs_on+0x9c/0x150
[  365.088137][T16226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.088158][T16226]  ? clear_bhb_loop+0x60/0xb0
[  365.088185][T16226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.088205][T16226] RIP: 0033:0x7f5d3418ebe9
[  365.088224][T16226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.088242][T16226] RSP: 002b:00007f5d35064038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  365.088264][T16226] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418ebe9
[  365.088278][T16226] RDX: 0000200000001440 RSI: 00000000000089f6 RDI: 0000000000000003
[  365.088297][T16226] RBP: 00007f5d35064090 R08: 0000000000000000 R09: 0000000000000000
[  365.088310][T16226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.088323][T16226] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  365.088358][T16226]  </TASK>
[  365.464731][T16236] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  365.472437][T16236] syzkaller0: entered promiscuous mode
[  365.477988][T16236] syzkaller0: entered allmulticast mode
[  365.489345][T16236] tipc: Resetting bearer <eth:syzkaller0>
[  365.497142][T16235] tipc: Resetting bearer <eth:syzkaller0>
[  365.522377][T16235] tipc: Disabling bearer <eth:syzkaller0>
[  365.656913][T16245] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3601'.
[  365.666366][T16245] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  365.673633][T16245] IPv6: NLM_F_CREATE should be set when creating new route
[  365.869704][T16254] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3605'.
[  366.207822][T16264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3609'.
[  366.219170][T16264] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3609'.
[  366.228541][T16264] netlink: 'syz.1.3609': attribute type 19 has an invalid length.
[  366.259856][T16264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3609'.
[  366.268667][   T12] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  366.273977][T16264] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3609'.
[  366.290039][   T12] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  366.309558][   T12] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  366.337619][T16264] netlink: 'syz.1.3609': attribute type 19 has an invalid length.
[  366.350102][   T12] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  366.552141][T16275] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3613'.
[  366.597130][T16275] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  366.604464][T16275] IPv6: NLM_F_CREATE should be set when creating new route
[  366.644652][T16280] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  366.903099][T16295] FAULT_INJECTION: forcing a failure.
[  366.903099][T16295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.919627][T16295] CPU: 1 UID: 0 PID: 16295 Comm: syz.1.3623 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  366.919656][T16295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  366.919673][T16295] Call Trace:
[  366.919682][T16295]  <TASK>
[  366.919691][T16295]  dump_stack_lvl+0x189/0x250
[  366.919721][T16295]  ? __pfx____ratelimit+0x10/0x10
[  366.919750][T16295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.919774][T16295]  ? __pfx__printk+0x10/0x10
[  366.919817][T16295]  should_fail_ex+0x414/0x560
[  366.919850][T16295]  _copy_to_user+0x31/0xb0
[  366.919876][T16295]  simple_read_from_buffer+0xe1/0x170
[  366.919911][T16295]  proc_fail_nth_read+0x1b3/0x220
[  366.919937][T16295]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  366.919964][T16295]  ? rw_verify_area+0x2a6/0x4d0
[  366.919988][T16295]  ? __lock_acquire+0xab9/0xd20
[  366.920015][T16295]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  366.920040][T16295]  vfs_read+0x1fd/0xa30
[  366.920064][T16295]  ? fdget_pos+0x247/0x320
[  366.920087][T16295]  ? __pfx___mutex_lock+0x10/0x10
[  366.920116][T16295]  ? __pfx_vfs_read+0x10/0x10
[  366.920150][T16295]  ? __fget_files+0x2a/0x420
[  366.920173][T16295]  ? __fget_files+0x3a0/0x420
[  366.920190][T16295]  ? __fget_files+0x2a/0x420
[  366.920218][T16295]  ksys_read+0x145/0x250
[  366.920247][T16295]  ? __pfx_ksys_read+0x10/0x10
[  366.920270][T16295]  ? fput+0xa0/0xd0
[  366.920297][T16295]  ? do_syscall_64+0xbe/0x3b0
[  366.920330][T16295]  do_syscall_64+0xfa/0x3b0
[  366.920357][T16295]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.920384][T16295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.920405][T16295]  ? clear_bhb_loop+0x60/0xb0
[  366.920430][T16295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.920454][T16295] RIP: 0033:0x7fccdd98d5fc
[  366.920473][T16295] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  366.920489][T16295] RSP: 002b:00007fccde840030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  366.920510][T16295] RAX: ffffffffffffffda RBX: 00007fccddbb5fa0 RCX: 00007fccdd98d5fc
[  366.920525][T16295] RDX: 000000000000000f RSI: 00007fccde8400a0 RDI: 0000000000000004
[  366.920537][T16295] RBP: 00007fccde840090 R08: 0000000000000000 R09: 0000000000000000
[  366.920549][T16295] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001
[  366.920561][T16295] R13: 00007fccddbb6038 R14: 00007fccddbb5fa0 R15: 00007ffc46e31df8
[  366.920595][T16295]  </TASK>
[  367.452021][T16310] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  367.602620][T16317] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  367.603874][T16318] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  367.627265][T16317] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  367.647409][T16318] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  367.802073][T16325] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  368.363522][T16355] tipc: Can't bind to reserved service type 1
[  368.389104][T16356] netlink: del zone limit has 4 unknown bytes
[  368.401846][T16355] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  368.423234][T16359] ------------[ cut here ]------------
[  368.429222][T16359] WARNING: CPU: 1 PID: 16359 at net/ipv4/route.c:1269 ip_rt_bug+0x2c/0x110
[  368.438042][T16359] Modules linked in:
[  368.442302][T16359] CPU: 1 UID: 0 PID: 16359 Comm: syz.3.3652 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  368.454467][T16359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  368.464586][T16359] RIP: 0010:ip_rt_bug+0x2c/0x110
[  368.469599][T16359] Code: 1e fa 41 57 41 56 41 55 41 54 53 48 89 d3 e8 3b ab d5 f7 66 90 e8 34 ab d5 f7 31 ff 48 89 de ba 02 00 00 00 e8 b5 9b 70 ff 90 <0f> 0b 90 31 c0 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc f3 0f
[  368.489464][T16359] RSP: 0018:ffffc9000dfb7180 EFLAGS: 00010286
[  368.495640][T16359] RAX: 030284d47e144100 RBX: ffff888024c63dc0 RCX: 030284d47e144100
[  368.503661][T16359] RDX: 0000000000000002 RSI: ffffffff8d9b6ea2 RDI: ffffffff8be33400
[  368.511720][T16359] RBP: 0000000000000001 R08: ffffffff8fa37f37 R09: 1ffffffff1f46fe6
[  368.519973][T16359] R10: dffffc0000000000 R11: fffffbfff1f46fe7 R12: dffffc0000000000
[  368.528039][T16359] R13: dffffc0000000000 R14: ffff888024c63dc0 R15: ffff888022ae21c0
[  368.536081][T16359] FS:  00007f5d350646c0(0000) GS:ffff888125d1c000(0000) knlGS:0000000000000000
[  368.545093][T16359] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  368.551714][T16359] CR2: 0000001b2e917ff8 CR3: 000000005197c000 CR4: 00000000003526f0
[  368.559770][T16359] Call Trace:
[  368.563081][T16359]  <TASK>
[  368.566094][T16359]  ip_push_pending_frames+0xbe/0x150
[  368.571434][T16359]  __icmp_send+0xf87/0x12d0
[  368.576048][T16359]  ? __pfx___inet_dev_addr_type+0x10/0x10
[  368.581819][T16359]  ? __icmp_send+0x1b9/0x12d0
[  368.586579][T16359]  ? __pfx___icmp_send+0x10/0x10
[  368.591601][T16359]  ? tcp_v4_early_demux+0x4e1/0x9d0
[  368.596878][T16359]  ? tcp_v4_early_demux+0x5ec/0x9d0
[  368.602218][T16359]  ip_options_compile+0x80/0xb0
[  368.607145][T16359]  ip_rcv_finish_core+0xaa2/0x1c00
[  368.612330][T16359]  ip_rcv_finish+0x14c/0x2f0
[  368.617080][T16359]  NF_HOOK+0x309/0x3a0
[  368.621218][T16359]  ? __pfx_ip_rcv_finish+0x10/0x10
[  368.621973][T16356] 8021q: adding VLAN 0 to HW filter on device bond1
[  368.626499][T16359]  ? NF_HOOK+0x9a/0x3a0
[  368.626584][T16359]  ? __pfx_NF_HOOK+0x10/0x10
[  368.626614][T16359]  ? ip_rcv_core+0x7f7/0xd00
[  368.626650][T16359]  ? __pfx_ip_rcv_finish+0x10/0x10
[  368.626695][T16359]  ? __pfx_ip_rcv+0x10/0x10
[  368.626726][T16359]  __netif_receive_skb+0x143/0x380
[  368.626757][T16359]  ? read_tsc+0x9/0x20
[  368.626795][T16359]  ? netif_receive_skb+0x115/0x790
[  368.670801][T16359]  netif_receive_skb+0x1cb/0x790
[  368.675841][T16359]  ? __pfx_netif_receive_skb+0x10/0x10
[  368.681444][T16359]  ? tun_rx_batched+0x160/0x730
[  368.686368][T16359]  tun_rx_batched+0x1b9/0x730
[  368.691078][T16359]  ? __lock_acquire+0xab9/0xd20
[  368.696026][T16359]  ? __pfx_tun_rx_batched+0x10/0x10
[  368.701276][T16359]  ? tun_get_user+0x266c/0x3e20
[  368.706210][T16359]  tun_get_user+0x2aa2/0x3e20
[  368.710939][T16359]  ? tun_get_user+0x6f6/0x3e20
[  368.715776][T16359]  ? tun_get_user+0x266c/0x3e20
[  368.720672][T16359]  ? aa_file_perm+0x44d/0x1550
[  368.725512][T16359]  ? __pfx_tun_get_user+0x10/0x10
[  368.730578][T16359]  ? __futex_wait+0x34f/0x3e0
[  368.735341][T16359]  ? __pfx___futex_wait+0x10/0x10
[  368.740425][T16359]  ? ref_tracker_alloc+0x318/0x460
[  368.745614][T16359]  ? __lock_acquire+0xab9/0xd20
[  368.750514][T16359]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  368.756056][T16359]  ? tun_get+0x1c/0x2f0
[  368.760271][T16359]  ? tun_get+0x1c/0x2f0
[  368.764491][T16359]  ? tun_get+0x1c/0x2f0
[  368.768687][T16359]  tun_chr_write_iter+0x113/0x200
[  368.773764][T16359]  vfs_write+0x5c6/0xb30
[  368.778102][T16359]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  368.783701][T16359]  ? __pfx_vfs_write+0x10/0x10
[  368.788562][T16359]  ? __fget_files+0x2a/0x420
[  368.793200][T16359]  ksys_write+0x145/0x250
[  368.797619][T16359]  ? __pfx_ksys_write+0x10/0x10
[  368.802510][T16359]  ? rcu_is_watching+0x15/0xb0
[  368.807351][T16359]  ? do_syscall_64+0xbe/0x3b0
[  368.812085][T16359]  do_syscall_64+0xfa/0x3b0
[  368.816672][T16359]  ? lockdep_hardirqs_on+0x9c/0x150
[  368.821921][T16359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.828066][T16359]  ? clear_bhb_loop+0x60/0xb0
[  368.832790][T16359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.838759][T16359] RIP: 0033:0x7f5d3418d69f
[  368.843219][T16359] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  368.862900][T16359] RSP: 002b:00007f5d35064000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  368.871408][T16359] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418d69f
[  368.879464][T16359] RDX: 0000000000000056 RSI: 0000200000000400 RDI: 00000000000000c8
[  368.887507][T16359] RBP: 00007f5d34211e19 R08: 0000000000000000 R09: 0000000000000000
[  368.895551][T16359] R10: 0000000000000056 R11: 0000000000000293 R12: 0000000000000000
[  368.903648][T16359] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  368.912142][T16359]  </TASK>
[  368.915235][T16359] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  368.922552][T16359] CPU: 1 UID: 0 PID: 16359 Comm: syz.3.3652 Not tainted 6.17.0-rc1-syzkaller-00202-g7de0eebbb4c3 #0 PREEMPT(full) 
[  368.934644][T16359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  368.944749][T16359] Call Trace:
[  368.948069][T16359]  <TASK>
[  368.951024][T16359]  dump_stack_lvl+0x99/0x250
[  368.955656][T16359]  ? __asan_memcpy+0x40/0x70
[  368.960740][T16359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  368.965994][T16359]  ? __pfx__printk+0x10/0x10
[  368.970670][T16359]  vpanic+0x281/0x750
[  368.974695][T16359]  ? __pfx__printk+0x10/0x10
[  368.979321][T16359]  ? __pfx_vpanic+0x10/0x10
[  368.983866][T16359]  ? is_bpf_text_address+0x26/0x2b0
[  368.989115][T16359]  panic+0xb9/0xc0
[  368.992878][T16359]  ? __pfx_panic+0x10/0x10
[  368.997348][T16359]  __warn+0x31b/0x4b0
[  369.001363][T16359]  ? ip_rt_bug+0x2c/0x110
[  369.005760][T16359]  ? ip_rt_bug+0x2c/0x110
[  369.010126][T16359]  report_bug+0x2be/0x4f0
[  369.014501][T16359]  ? ip_rt_bug+0x2c/0x110
[  369.018861][T16359]  ? ip_rt_bug+0x2c/0x110
[  369.023203][T16359]  ? ip_rt_bug+0x2e/0x110
[  369.027542][T16359]  handle_bug+0x84/0x160
[  369.031793][T16359]  exc_invalid_op+0x1a/0x50
[  369.036300][T16359]  asm_exc_invalid_op+0x1a/0x20
[  369.041260][T16359] RIP: 0010:ip_rt_bug+0x2c/0x110
[  369.046212][T16359] Code: 1e fa 41 57 41 56 41 55 41 54 53 48 89 d3 e8 3b ab d5 f7 66 90 e8 34 ab d5 f7 31 ff 48 89 de ba 02 00 00 00 e8 b5 9b 70 ff 90 <0f> 0b 90 31 c0 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc f3 0f
[  369.065914][T16359] RSP: 0018:ffffc9000dfb7180 EFLAGS: 00010286
[  369.072009][T16359] RAX: 030284d47e144100 RBX: ffff888024c63dc0 RCX: 030284d47e144100
[  369.079986][T16359] RDX: 0000000000000002 RSI: ffffffff8d9b6ea2 RDI: ffffffff8be33400
[  369.087981][T16359] RBP: 0000000000000001 R08: ffffffff8fa37f37 R09: 1ffffffff1f46fe6
[  369.095991][T16359] R10: dffffc0000000000 R11: fffffbfff1f46fe7 R12: dffffc0000000000
[  369.103979][T16359] R13: dffffc0000000000 R14: ffff888024c63dc0 R15: ffff888022ae21c0
[  369.111994][T16359]  ip_push_pending_frames+0xbe/0x150
[  369.117391][T16359]  __icmp_send+0xf87/0x12d0
[  369.121921][T16359]  ? __pfx___inet_dev_addr_type+0x10/0x10
[  369.127669][T16359]  ? __icmp_send+0x1b9/0x12d0
[  369.132370][T16359]  ? __pfx___icmp_send+0x10/0x10
[  369.137361][T16359]  ? tcp_v4_early_demux+0x4e1/0x9d0
[  369.142577][T16359]  ? tcp_v4_early_demux+0x5ec/0x9d0
[  369.147817][T16359]  ip_options_compile+0x80/0xb0
[  369.152684][T16359]  ip_rcv_finish_core+0xaa2/0x1c00
[  369.157825][T16359]  ip_rcv_finish+0x14c/0x2f0
[  369.162449][T16359]  NF_HOOK+0x309/0x3a0
[  369.166534][T16359]  ? __pfx_ip_rcv_finish+0x10/0x10
[  369.171681][T16359]  ? NF_HOOK+0x9a/0x3a0
[  369.175918][T16359]  ? __pfx_NF_HOOK+0x10/0x10
[  369.180545][T16359]  ? ip_rcv_core+0x7f7/0xd00
[  369.185164][T16359]  ? __pfx_ip_rcv_finish+0x10/0x10
[  369.190312][T16359]  ? __pfx_ip_rcv+0x10/0x10
[  369.194837][T16359]  __netif_receive_skb+0x143/0x380
[  369.199969][T16359]  ? read_tsc+0x9/0x20
[  369.204062][T16359]  ? netif_receive_skb+0x115/0x790
[  369.209186][T16359]  netif_receive_skb+0x1cb/0x790
[  369.214143][T16359]  ? __pfx_netif_receive_skb+0x10/0x10
[  369.219622][T16359]  ? tun_rx_batched+0x160/0x730
[  369.224495][T16359]  tun_rx_batched+0x1b9/0x730
[  369.229274][T16359]  ? __lock_acquire+0xab9/0xd20
[  369.234147][T16359]  ? __pfx_tun_rx_batched+0x10/0x10
[  369.239355][T16359]  ? tun_get_user+0x266c/0x3e20
[  369.244228][T16359]  tun_get_user+0x2aa2/0x3e20
[  369.248921][T16359]  ? tun_get_user+0x6f6/0x3e20
[  369.253699][T16359]  ? tun_get_user+0x266c/0x3e20
[  369.258560][T16359]  ? aa_file_perm+0x44d/0x1550
[  369.263336][T16359]  ? __pfx_tun_get_user+0x10/0x10
[  369.268361][T16359]  ? __futex_wait+0x34f/0x3e0
[  369.273076][T16359]  ? __pfx___futex_wait+0x10/0x10
[  369.278144][T16359]  ? ref_tracker_alloc+0x318/0x460
[  369.283287][T16359]  ? __lock_acquire+0xab9/0xd20
[  369.288170][T16359]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  369.293659][T16359]  ? tun_get+0x1c/0x2f0
[  369.297834][T16359]  ? tun_get+0x1c/0x2f0
[  369.302002][T16359]  ? tun_get+0x1c/0x2f0
[  369.306180][T16359]  tun_chr_write_iter+0x113/0x200
[  369.311240][T16359]  vfs_write+0x5c6/0xb30
[  369.315508][T16359]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  369.321074][T16359]  ? __pfx_vfs_write+0x10/0x10
[  369.325866][T16359]  ? __fget_files+0x2a/0x420
[  369.330468][T16359]  ksys_write+0x145/0x250
[  369.334825][T16359]  ? __pfx_ksys_write+0x10/0x10
[  369.339695][T16359]  ? rcu_is_watching+0x15/0xb0
[  369.344472][T16359]  ? do_syscall_64+0xbe/0x3b0
[  369.349168][T16359]  do_syscall_64+0xfa/0x3b0
[  369.353685][T16359]  ? lockdep_hardirqs_on+0x9c/0x150
[  369.358897][T16359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.364983][T16359]  ? clear_bhb_loop+0x60/0xb0
[  369.369681][T16359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.375590][T16359] RIP: 0033:0x7f5d3418d69f
[  369.380009][T16359] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  369.399617][T16359] RSP: 002b:00007f5d35064000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  369.408045][T16359] RAX: ffffffffffffffda RBX: 00007f5d343b5fa0 RCX: 00007f5d3418d69f
[  369.416022][T16359] RDX: 0000000000000056 RSI: 0000200000000400 RDI: 00000000000000c8
[  369.423998][T16359] RBP: 00007f5d34211e19 R08: 0000000000000000 R09: 0000000000000000
[  369.431973][T16359] R10: 0000000000000056 R11: 0000000000000293 R12: 0000000000000000
[  369.439950][T16359] R13: 00007f5d343b6038 R14: 00007f5d343b5fa0 R15: 00007ffd913a3d08
[  369.447966][T16359]  </TASK>
[  369.451382][T16359] Kernel Offset: disabled
[  369.455706][T16359] Rebooting in 86400 seconds..