last executing test programs:

7.803488364s ago: executing program 4 (id=3024):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_WIPHY(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0x31, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x200, 0x70bd25, 0x25dfdbfd}, 0x82}, 0x1, 0x0, 0x0, 0x44081}, 0x4001)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x4c, r1, 0x2, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)

7.647876073s ago: executing program 4 (id=3025):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580050019"], 0x4c}}, 0x0) (fail_nth: 8)

7.109069283s ago: executing program 4 (id=3028):
socket$packet(0x11, 0x2, 0x300)
unshare(0x20000400)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x18)
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x21, 0x2, 0x2)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

6.901918642s ago: executing program 4 (id=3031):
syz_emit_ethernet(0x82, &(0x7f0000000140)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x31, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x8, @local, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@rand_addr=0x64010184}, {@private}, {@local}, {@private=0xa010102}, {@private}, {@dev={0xac, 0x14, 0x14, 0x1}}, {@private}]}]}}}}}}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@getnexthop={0x20, 0x6a, 0xb96d9575618e95b9, 0x70bd26, 0x25dfdbfc, {}, [@NHA_MASTER={0x8, 0xa, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000048}, 0x0)

6.269114791s ago: executing program 4 (id=3035):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000300)={<r1=>0x0, 0x5}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r2=>r1, 0x1c, &(0x7f0000000780)=[@in6={0xa, 0x4e21, 0xf430, @ipv4={'\x00', '\xff\xff', @remote}, 0x3a}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x18, &(0x7f0000000080)={r2}, 0x8)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000cc0)={{0x0, 0x5, 0x1, 0x3, 0xfffffffffffffffc, 0x3, 0x9, 0x8, 0x0, 0xffffffff, 0x2a5, 0x3, 0x5, 0x4, 0x8}})
unshare(0x2020600)
r3 = socket$igmp(0x2, 0x3, 0x2)
connect$inet(r3, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000040)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a0b04000000000000000002000008400004803c000180080001006c6f670030000280060004400001000008000340fffffffa0a0002407d5def2e21000000080003400000000406000140000100000900010073797a30000000000900020073797a320000000008000b400000000314000000110001"], 0x9c}}, 0x0)
close(r5)
sendmsg$NFNL_MSG_CTHELPER_NEW(r5, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="d0000000000901010000000000000000010000020c0000800800014000000048080005400000000b08000340000000090900010073797a300000000008000540000000050c00c09925470bbf82ba34f50480080001400000007f"], 0x50}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r7 = accept4(r4, 0x0, 0x0, 0x800)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000800)={'ip6_vti0\x00', &(0x7f0000000880)={'syztnl1\x00', 0x0, 0x29, 0xeb, 0x8, 0x700000, 0x17, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x43}}, @private1, 0x40, 0x7800, 0x5, 0x9}})
sendmsg$nl_route_sched(r7, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f00000007c0)=@newtaction={0x4f8, 0x30, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [{0x4e4, 0x1, [@m_connmark={0xec, 0xe, 0x0, 0x0, {{0xd}, {0x90, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x10, 0x5, 0x20000000, 0x3, 0x4}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1000, 0xfffffff8, 0x10000000, 0x7, 0x7}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x6, 0x1, 0x3, 0x10000}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8, 0xfffffe01, 0x6, 0x2, 0x2}, 0x5a7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x5, 0x20000000, 0x800005, 0x4}, 0x2}}]}, {0x2e, 0x6, "0e10fedd707fcf6d01e110e5c3ee71e31bdffe513db75b497a3389e1a6f94abea3bbeb59d30f6f1be622"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_skbedit={0x164, 0xa, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x5dfa}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x9, 0x7, 0x4, 0x9, 0xfffffc01}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x2}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xa, 0xb}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xa}}]}, {0xfe, 0x6, "f16d744cf4d1ec833860ed4511b2fbf44b4894d58459b0481b5fd8ffe2e4216f420870c25c2e7be93068ccbd69cb200d354155e9c8d6202e818eb30fb21c40397fc132795fc417e7cdf26ad03e6aa7ed0683a4678ebc7d6236c7e55508ee6ec12fb2711557d601c0ce7fcd690fa6e59566ff0a7757e38f2e174586e8bcc0e942c361f0b61cf645c396eecd564e9c02164bb3ccd5e347f8cbcf09163b224186be9768a9911b05f556dc45c93701ecdcfc8bfac2b2acc50e5cc39008229a5b99f638329e150428b402d163260dfe0f38ed681b22459755b98956c92e277a403e1507f8ad835a87a337fc893401c96b50d1ee1749ec77deb53c7e20"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x7}}}}, @m_ct={0xc4, 0x13, 0x0, 0x0, {{0x7}, {0x58, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @multicast2}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e24}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e23}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @local}, @TCA_CT_PARMS={0x18, 0x1, {0x5, 0x6, 0x4, 0x7, 0xe}}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @private2={0xfc, 0x2, '\x00', 0x1}}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x3}]}, {0x48, 0x6, "0af7f17fea2403a1a17e2be127aba279c1de3a660f8884c35e945cc59ce0e6b2bbe304e5a9fa17273900b2068d046a8aa100c8e3c8bf60a93653299458d475f63b8e6c08"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_csum={0x1cc, 0x17, 0x0, 0x0, {{0x9}, {0xac, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0x9, 0x8, 0x3}, 0x4a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3ff, 0x23bde0b6, 0x1, 0x4573, 0x6}, 0x26}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x9, 0x3, 0x75a8, 0x9}, 0x7c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x1, 0x17, 0x4, 0x6}, 0x63}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x9, 0x20000000, 0x5, 0xd1}, 0x7}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x10000, 0x74f, 0x4, 0xfffffff5, 0x3}, 0x13}}]}, {0xf6, 0x6, "0a560935b7ba8bba41c6bf5bf0d79e4f7fd0f17dc0b1394bb067e607113daf7b16716d35a41492bb3fb1a66c6d9bdd5a2ef0e5da0dfa50b1888bbfad680c7d9f442e02f1a58fcd08d9161f6d77d6491bdae51e13cb255bb248adea2a3dd5ad5560a732dd393ebbb64870ceb5525327a12ae9a96c07bea8394b5f595102895a74b7bd69869a869db657fc39ed983b617fb7a4bfdbeb7e866f7184918de58c0d88750920cfda7a51ed81a28bd43552e109a71736d01b2f5354db10718ba30a24529b7a71785e9ce7daa4b4c31a030c073929bce73a1b6fbca5eca4fe086859d5262597c542ffd3b7a32f4b706f9a593e41d457"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x4f8}, 0x1, 0x0, 0x0, 0x20000004}, 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={r2, 0x2c, &(0x7f0000000040)=[@in={0x2, 0x4e21, @empty}, @in6={0xa, 0x4e24, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8001}]}, &(0x7f0000000100)=0x10)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x398, 0x1c0, 0x111, 0x4b4, 0x1c0, 0xd4feffff, 0x2c8, 0x20a, 0x278, 0x2c8, 0x278, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x80}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00', {}, {}, 0x8}, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@devgroup={{0x38}, {0x4, 0x6, 0x3, 0x1, 0x400}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0xf2eaaf407c114bfd, 0x0, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
r9 = socket$can_bcm(0x1d, 0x2, 0x2)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000180)=0x14)
sendmsg$can_bcm(r9, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1d, r10}, 0x10, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="0400000020020000f60b200000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0400000001000000000000c005020000efbf7e2d88ffde5e"], 0x48}, 0x1, 0x0, 0x0, 0x40004}, 0x4040010)

6.015824182s ago: executing program 4 (id=3038):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@getchain={0x54, 0x66, 0xfcd66a900070b359, 0x0, 0x0, {}, [{0x4}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}, 0x54}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000380)="f257a8ea7b87ba018b4c99733d4a", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.822976984s ago: executing program 1 (id=3065):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000ff7f0000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket(0x10, 0x80002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6e, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000140012800b0001006d6163736563000078ff028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n'], 0x44}}, 0x0)

2.796431303s ago: executing program 3 (id=3066):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000002c00)=@buf={0x500, &(0x7f0000002bc0)})

2.701242949s ago: executing program 2 (id=3067):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d0", 0x6e}, {&(0x7f00000001c0)="66f7", 0x2}, {&(0x7f00000008c0)="6cdda56209f79743cff4b74a9fdeb7ac61391431657cf685dac73cee733c7294bf27b732568095ab5c7d32c2467a3d9b2a867fbf878257b36cc30fa9a6ec734710f1a268a14ba1d63a3c9dbebc865fafcafa8aed4909123555f707e6f6c79170b7d37e13fcb038b59f83e3e6ff7eecf916efbbd85f6b23787b16b2d1057a93b548", 0x81}], 0x3}], 0x1, 0x0)

2.591889068s ago: executing program 2 (id=3068):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x400, 0x2004, 0x6, 0x3}, 0x8)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="20000000021401002abd700001dcdf25080021"], 0x20}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x7f, 0x221, 0x203, 0xa5, 0x45ae, 0x4, 0xfffffffd, 0xa2f}, 0x20)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x1, 0x40048c4, &(0x7f0000000400)={0x2, 0x4e22, @local}, 0x10)

2.193360178s ago: executing program 3 (id=3069):
r0 = socket$igmp6(0xa, 0x3, 0x2)
recvmsg(r0, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040800}, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000200100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000000000010000000000000000000000000a20000000000a00000000000000020000070000000500010073797a300000000060000000090a010400000000000000000700000008000a40000000000c000b4000007b6a312d00020900010073797a30000000000800054000000021000007400000003b140000001000010000000000000000000384000a"], 0xa8}}, 0x20049080)
socketpair(0x6, 0x1, 0x1, &(0x7f0000000000))
socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=ANY=[@ANYBLOB="040100001a00010000000000fddbdf25fc0100000000000000000000000000017f0000010000000000000000000000004e240020fffd0000000020a032e000f2", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000000000002b000000ac14141200000000000000000000000000000000000000000000000000000000fefffffffffffffffcffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003350000020004fd2c0000000000000014000e"], 0x104}, 0x1, 0x0, 0x0, 0x50}, 0x4000)
socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001b40)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r3, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)

2.191899523s ago: executing program 2 (id=3078):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x4, 0x0}}]}, &(0x7f0000000540)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r1, 0x4, 0x0, 0x80000001}, 0x10)
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00\b@', 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "00001c050000000026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8675b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x22, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "b8a3e100908f61640000000200fff500000000000000000000008879e66485201a0015ca83747357a02745000400"/55}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)

2.14850157s ago: executing program 1 (id=3070):
socket(0x9, 0x80806, 0x0)
r0 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="2561020000000000140012800c0001006d8001000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1], 0x44}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
r5 = accept4(r3, &(0x7f0000000200)=@vsock={0x28, 0x0, 0x0, @hyper}, &(0x7f0000000280)=0x80, 0x800)
sendmsg$NFNL_MSG_CTHELPER_NEW(r5, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x9, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x8004044)
sendmsg$TIPC_NL_MON_GET(r3, &(0x7f0000000180)={0x0, 0x40000000, &(0x7f0000000040)={&(0x7f00000002c0)={0x14, r4, 0x701}, 0x14}}, 0x0)
sendmsg(r3, &(0x7f0000000480)={&(0x7f0000000700)=@nfc_llcp={0x27, 0x0, 0x0, 0x7, 0x0, 0x1, "4c216e0dcdaa2c74898ddabe72becdb343d9a76d9df77157b7c2c102136eba5d994b3b7d08a43eea6e23b12b6567778224fb3e5b649305f177a827bd26f0b2", 0xc}, 0x80, &(0x7f0000000400)=[{&(0x7f00000007c0)="3bea0e38db3c8ec4cbf4edac63f72f2e52c3373155ecc920e35c34bcd58ef8184b17b8bc93740c7155257b158b182dd438c511c5a6ccf56e0de92d2115fc9b2ca21381a99f03424e2460545ae41dd1307c3ac849aa72ebb5a35b71e6012ba2805e9f627abe5306130f94006d9550ec9e948725d6fabded355cc22a04063aee0a33cb513f88e3824c7ac6a0905b412a99cd8b33e60cd588d651a9a4878574795a6eb7c20983334995e151c13f5bc40445865d5bfd7a6a72d339ac9d7ea210b05c484870f6bd06b2d0110ceffb1fa7e65aba2604d4ff3f2700f58c47344acd73eaa5ffbc9d8e10ab53ee14f4a3df44b47be0b03b4b6d15423e6e0270e338", 0xfd}, {&(0x7f00000008c0)="99109b78ff5a9c467517ff3fd6b769ae95959de8a0148c2a0f174ae0544ee2107195a1f30034014a6c21816f6a26bfb83e79ed34a654725b3dce67a0655d4f2707e317c84d8017ced7ea6f87c0c7c72894aeb614970311d00c9e2fa433484d6e44e09cac0570da0dff940af5cf247976af7177190ace92fb8fbc5d1401f4b45ec7ce68cfc88e62701030f79143fd359032d8dd3caf2e3d27af60f00efae33741ec53543d73ee3a3ec8bf14f4d9013ee2ff014c8852a245aa5ca8761b279e39eed8991d8015908e6e6e300e4b0a572504e35a204a20c0b617fd01e46380063b2e75c714db5677669e5c13735264e67f3d5f18b2aa9c53fbd18106", 0xfa}, {&(0x7f0000000a80)="70fb930ae742c81f9c1b954fa6076dceaedea1a7931e04934b7b0b5343c22bb36045446d07546b9be3ed3397ac0fbc380c10a31284045b5199803dc774c5c05ad94a70e3a3e165b7cb50b0b7a2616d91dc0676e42dd3ca0e90394037e65398d491c50213a3e6915025c8ddc5f94a939b6276a0317c11f299ce90be6a3450e084c73dc58e672d0b8d163fe8200ad1e82d2fc9ed23d9930f9bbefc6f5a3d510c8edf29", 0xa2}], 0x3, &(0x7f0000001040)=[{0xe8, 0x3a, 0x7, "2bcc14b47bb49dffb05ea3dd9939a515207b819c81617b0adc59b6543e5c160b6c133dce75fd70173d02c6ea3198351486f96158d03499a92da30d30dd9d913fa4aa9f08b9a9ae21b1de4db848009bf9c7de41edf5222135dde5e8dc2343451970a7b681f066e5bd32926f5441ec24a97d7f0a27ea188adc0b451b8c18423ee1d299bb006a71dc54aac3e4e3bfdee15989abf7b6a3cf22926cfced6f51bc17a5040e542b211eef4e7afa09bfb327859a3108d7a08680a6d224abd6af5836262a503e3f5a98b08c87a6dc4fd8f40fda9fe17e72e735"}, {0xb8, 0x1, 0x1, "bb0743807b3f7c9cd46000727db688aa37467c56d0d03ba2e190b38dd359c9c512d35508be865ac8198051c28900b8a7ee1d783b58941861a2708b6ca272a42f753a99f2310df87b85d86e5445119b7118002071049cdecc38a5a073d71b282a7912bc899431ad7049d86bcbbc91cdab8c23dceb8c5c0ee6210feb1d16785cf575fb05c040ee41ab74d822904585995f6db8aa958e1a0ee6fa4dc100dd8550382f01a283"}, {0xa0, 0x113, 0x6, "fca5bee70dc831c87f4d33cb116140f73331464008e956ce5579bee568cd6f750f68ba15ffa15f1263e70feb958f5865ba9554480faa7f34a585391da0b62af31a62da8b9682ac62ec1c276b9310e68504cb13abf121856b392fc1aba7d8e171a5abfe9451b3631f20e1539fb0b12a1f18f63c134df23bfea306b071caf3c4baad6199a398571b616dec183f482e"}, {0x110, 0x113, 0x2e3, "710049d6d7c285b33d785f81993b03099c1857754fe3849e47c90d95de30ed67f7a20fcd156c34b8583b952d48b32ab03c55ce53bf4ca2d75937906740f90e977fb3c8b7501e7215f17ca241a2694b87cd8e77cea29ca5cb80f6780b8b8b2624fd14ac3176ba65bf2862fb54221bb4904eaaf239b61f3b4969871682da76a0fe1219caaa41922cf82481f5de79ef8b56a4ce45f1b2bb29d861cc8092c5f72019a15aead0458a6412d353379598be82917f392dce6c31fb34734696ed1e3f40c7eb4f77cfc5665d54bfa3a8c4548dcc9bbd9916299d894ab00ce97cd4820f6f5c4da96f6552a5b32745ebed79bca4752b5c487a4bfbe0d8b1d8e2"}, {0x38, 0x10f, 0x9, "975eea2cc1c37b4e4045b831958afe28c27b7e8cf6bdf39efd360f630a0e950dfefa1a"}, {0x88, 0x10d, 0x200, "6997da7f080d61f91b8810cdaa01fedfcf0b673bbf5094902580a19c7e22eb563a5b7f93adafe3aeaf3a1eef23f522d3886a13b4a5ebf2fa15e958c4ccc471ecc75aa033777bb1f62c0192658dfc1967840762ab5e2554137291c198b0ea2f304207360727fee4c2e41f246463793413cb8a1229e2"}, {0x80, 0x117, 0x7, "217eb965b55641b9a0fa6a1f52db52bbcb11f0e3423c775f6c6b720cd94d8f6e02f7ac9e5da8fa761acd4cb1048b098c39054360afae488f38691e5af2dd01d520e7f9fb37ef6b211f42de93cc13726d655dba63475a8f55dde81560260575a5276271961ee348e688700664d96d6c"}, {0xd0, 0x114, 0x6, "df8aae14bb39b526f5362e180dda9880d73182480e492f17f87422a1647c5b8975290cf33086631a56aa8b53680165cb8b9c0d7f6bc22dfde032d0250e6448eb3d288b3c4d97236cefb2fc6ff987d845d7c0bb6ed43f01348e588cb310df3fe02c42a1e3ca6c27d0aa3a0596b5bc546c9f581863b2e680607a4bf8a4a025654d6bab32f1f103b5672fdda9d8fb02e627c7d1ef8387d4ae29863de2c8b0aa63d5558bb8ca451509db075b596a58bf52d60d6a8426a3f7d0002ff0d01f538673"}, {0x78, 0x113, 0x3, "dda52c30400e865983c0b4ddad476085f9cd4f6f8503e0a1d35dccf9e2de9f60922eaade48ad941db000af9dd53b0c85b73039c6a89c74540bc4feef9709f9171e85fc5b7ea4222e3cd85784218b5bd91c7b1a0587973df6028dcbc3594410efaa4c05"}], 0x5d8}, 0x20040001)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
socket(0x2a, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r8, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r8], 0x40c}}, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r9, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4)
setsockopt$MRT_ADD_VIF(r9, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x3f, 0x3202, @vifc_lcl_addr=@private=0xa010101, @private=0xa010101}, 0x10)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f00000000c0)={r6, r6, 0x206, 0x0, 0x0, 0x2, 0xc4, 0x8, 0x3, 0x801, 0x0, 0x8, 'syz1\x00'})
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000006c0)=ANY=[@ANYBLOB="780200002400010026bd7000fedbdf25670200800c00010002"], 0x278}], 0x1}, 0x0)
socket$inet(0x2, 0x4, 0x2)
vmsplice(0xffffffffffffffff, &(0x7f00000022c0)=[{&(0x7f0000001dc0)="a0", 0x1}, {&(0x7f0000000580)='|', 0x1}, {&(0x7f0000000540)="27b7", 0x2}, {&(0x7f0000001f80)="4135dae4b494a8a5c0d8a49cfa8adaa7fe6ee3ced175b56ec890979e8f0609e9bb2a6da629565f307cd798b282e0eb6c6243612354e9a6708eb326898bf082c980000039059093c8fadc1c4b75e96f7c712a3b7c82dbe905e1cd0ea8e212ab4f5397363d7682095fe3f91761b48f47f3e6e7967a4cc20d755ed314434b2b313366", 0x81}, {&(0x7f0000002040)='b', 0x1}, {&(0x7f0000002100)='P', 0x1}, {&(0x7f0000000780)='j', 0x1}], 0x7, 0x0)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x7400}, 0x0)

2.0131798s ago: executing program 2 (id=3071):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100ffffffff"})
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r0, 0x0, 0x0, 0x80800)
writev(r2, &(0x7f0000000280)=[{&(0x7f0000000000)="2b28f0c57e9ac37eaec1b65bd99458ebb725ea113bf9b549eeebdf2d0ceff995644839b4cb157fa9131ac0db84d5835aecaa9801501d6e4fa5498259e44ac75dc7df3c8438c97ffa7edadf1af97b02ffd1f28784502b796a2b60ec2624363fdbf0ed470fd8933fe72f17591e3cd3bb4accee911c611f95aee9c3", 0x7a}, {&(0x7f0000000080)="b3f588a7abe50af0b6968125cc76d1debb3d28722b87f9a89c0fc1d61e5f654cba0558f6a067da6f28e5aa65ae0aa856b6a23c28ab9d26b06296ace7188d85464bd274c3ad9fe61dabd680003463d78149c761e35dd984bcc599488bba", 0x5d}, {&(0x7f0000001640)="3649672e4418adef2c271b3f1aad63b33656ba7d55e853a91640db785ce2236e0474b3386442b34bbb0581", 0x2b}], 0x3)
recvmmsg(r2, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000440)}, 0x4}], 0x1, 0x40000002, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f0000000080)={0x84, @private=0xa010100, 0x4e20, 0x220004, 'sh\x00', 0x0, 0x4, 0x1f}, 0x2c)

1.978109962s ago: executing program 0 (id=3072):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000ff7f0000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket(0x10, 0x80002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6e, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000140012800b0001006d6163736563000078ff028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n'], 0x44}}, 0x0)

1.833436948s ago: executing program 2 (id=3073):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000380)={0x0, 0xa801, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x70bd28, 0x0, {{@in6=@private2, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x80004}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in=@multicast2, @in6=@local, 0x3c, 0x4, 0x0, 0x2, 0x2, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40180}, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r6=>0x0]}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={r6, 0x3bce}, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f0000000f40)=[{&(0x7f00000002c0)=@in6={0xa, 0x4e22, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, 0x687}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000540)="278c4c8f5ff62feb65ea9522b2888c7e703e12a0bb4f86fd4e14a46941542cf3a67be97804875b3013565a7e7ee7210cc9977eb96d7c49a7892e3b4751ec81ca0a279126291f83addbb89117c44323af245efdcb85fe66e1c7aee5ce99", 0x5d}, {&(0x7f00000006c0)="0840dc743d461c426af7c19522f091c269cc4abcd1b7b5c7879120114d7aa1d4b12c03f1e345181d967eb6cb7dd640a33e879a266cc43745cfc3172e43e1d2aa00e5a05a67a111f4d33ec232070fb6d3f244d5fb539ae77d6d66517a1dbc52e7b3f4fcd89744eb9c52c8f56ce91a8f2970cabd4edc24ae4ebf8caa4f555b7a9cacada321e4f06154b4e8c273071a8af9d858c2f7ffcecf6aec13e84354e238fc507da2619d1c99107ed5ddfe0c0b9a5f9ad2aa1fbb6643d0837b8cf98e493d545b", 0xc1}, {&(0x7f00000007c0)="a76828b530373f80fe45c946b0e3888bb36dc52179d44793ce1c22124bac482b0c1a0aa9e6279b46f91495ab62acaac91aab23ff96caabe0e9e5f713797dedc7136ee7217465255c77ed38cb90543013aa5c8c6dcd769d5b8e6de46cfb8a744c89baee799083fdb59a3bb06184c558b92ef151abca575e1807cbcf31331b7dac2420fab9c8500f38f995616c344c5c908355b22dbc3b75640e59621572f411214bc1d88be6d3b0ebc7c367461bc857bbb7e2c85c2be7ed1656c349c60f4bb4aa2e21337a2407be92b3fa2549", 0xcc}, {0x0}], 0x4, 0x0, 0x0, 0x20000000}, {&(0x7f0000000600)=@in6={0xa, 0x4e23, 0xc76f, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1f3}, 0x1c, &(0x7f0000000c80)=[{&(0x7f00000009c0)="3a01cf005fdbe1b36bec9666884ea971216f6567033e3c36017485a5262efb2228115ce4253e4cde99fcda4d6cf4461abfc9c01d40de5a29596d3ca6af0a0d8085ae35188eb49f53dda729bbdab8faa01406227b6c41dc9a40d2ca102df43075999bb62d79c4b2900eb5f362a1a0e0ccbfbd33e061ae680db773af7f5477552c6248ae91450fe182a106efed0c8fe2cef670021a1a0476257ba7a7cabfcb7258c4113e4f9d6c7599cdac7aea90c2d00580a35f2806740bbac437", 0xba}, {&(0x7f0000000a80)="5a4da64ffcd37d489e4212c46337c7696732de062cfcb034f70f3d5808533ef5707df8f97291ac76278e0a9696b3d9e7bedc246cf6630e6593c2d96005390c1756560a3a9cc77919e41abc803917c91cdecbd7e82b537bcab639faba36bbc89aa3cc559642691f30544e752f96d5f1d9738b8ba67ec38aa061b3b1edf25ef0c06106686581a24b04148f46f11cd583c17861c9376777924376a1b5aaa0f1efcb256ca5ce353a9ca074ff6f4d3af8136bf5b6a0c08aedb5b725569fb38830a4d3c00c0fa55f", 0xc5}, {&(0x7f0000000b80)="10ea1af77670c590fd65bf76de84993a2c036e1b3370dd2a5dc6c442231eb64d64efed74ef27ee57127f1eac9ed61a3eb97311023774c2086682bf68f718faa8d0d79d31473c6074901e78bbcfc30d80cc333d6752d4f4ff18a23c9d50c3859a61e56da6ce6cbc90818e250e93dec7e28ff6f5bb3a779220618a12bf728403d28c89dd1c0f80e610919938d30dfe3e21e5af695d9c40d25232ca4db199ca80df27255c56e5b2ae58cb8acf0021442b88de72f7f13ded3e9eeb3426624716e0ae1e334b068c0e2ad27d12e841660902670bfa8dac5ab4edf6e0329ccb0767d66d25290ca24107793d75", 0xe9}, {&(0x7f0000000640)="349d3ddaddab00e3d3df1e426618deb11d6e13f3", 0x14}], 0x4, &(0x7f0000001000)=ANY=[@ANYBLOB="180800000000e40084000000070000ffffffff0000000018000000ec41bc5289e200000000880000000500000020000000030000001800000000000000840000000000000080000a0001000500"], 0x48, 0x20048050}, {&(0x7f0000000d40)=@in6={0xa, 0x4c20, 0xffff, @loopback, 0x2}, 0x1c, &(0x7f0000000e40)=[{&(0x7f0000000d80)="d77aa910dd8e10e0c791d8c9bc81c16a61081c614ed444573fe084e2e699ad9f6bdd8a108660144d992b8703d952364de27b335828c3a136250855f1660bb51e9a8b78de474d1482d245415d38e835a78a46dd64f873cc9564a9398511d07aad4aff78ef647e64a924a71fd5c3844292cdba5316e9098ea516d5fd7b0fa01dc6557b7470f893513f98258029874c8509df22e682c77ac6c324d1cc", 0x9b}], 0x1, &(0x7f0000000e80)=ANY=[@ANYBLOB="20000000000000008400000008000000fc01000000000000000000000000000118000000000000008400000000000000ff7f0500020004003000000000000000840000000100000080008fc801000000080000000600000001800000ff0f000008000000", @ANYRES32=r6, @ANYBLOB="18000000000000008400000000000000ff07500d0600f3001800000000000000840c0000070000000a01010000000000"], 0x98, 0x20044804}], 0x3, 0x800)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r7 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[], 0xb8}}, 0x4004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c000280050001000000090024000280"], 0xa8}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00', @ANYBLOB="010000000000000000004400000008000300", @ANYRES32, @ANYBLOB="08002700851600000a00180000000000000000001c005a801800018014"], 0x4c}}, 0x4000804)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r8, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r9, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.146687562s ago: executing program 2 (id=3074):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r0, 0xff, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000", @ANYRES32, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000060c9efe5e210b3d33b3a1185d4ed9c3ffc87212b5e00bf70f0e6c0d502f97a140a15433b5527ca51efd8c142d25195ffbc3beb2fe74aa991d1c1c837469f80c0c21677d9e21fc9572fac7db32f7385d58224ee996fbb1b3a3f7096274f27a1b3ed916468273939e3815111f2d7d808d9ee33251eb4d60e9a7e46917b909ae15eaec576e056cb6c20e195cd42"], 0x50)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000001c0)=0x14)
shutdown(r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0xfffffff4, 0x4, 0x0, @void, @value}, 0x28)
unshare(0x40020000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='rcu_utilization\x00', r1, 0x0, 0x2}, 0x18)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x50)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblcr\x00', 0x10, 0x8, 0x11}, 0x2c)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x1e010000, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00', 0x3a, 0x0, 0x7f}, 0x2c)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000340))
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x4004)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="20000000760021070000000000000000080000007f00000105000d"], 0x20}], 0x1}, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f00000000c0)={r4, r4, 0x206, 0x0, 0x0, 0x2, 0x84, 0x8, 0x3, 0x801, 0x0, 0xffffffc0, 'syz1\x00'})
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000200), &(0x7f00000003c0)=0x4)

1.135614924s ago: executing program 3 (id=3075):
socket$packet(0x11, 0x2, 0x300)
unshare(0x20000400)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x18)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x21, 0x2, 0x2)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)

876.088454ms ago: executing program 3 (id=3076):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="680000001400010000000000fbdbdf25e000000100000000000000000000000000000000000000000000000000000001000000004e210000000080a000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000c00080008000800000500060c0015"], 0x68}}, 0x4004040)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000034000000030a01020000000000000000010000000900030073797a320000000008000a40000000040900010073797a310000000030000000050a01020000000000000000010020000c00024000000000000000010900010073797a31"], 0xac}}, 0x0)

875.016431ms ago: executing program 1 (id=3077):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000000300)=[{{&(0x7f0000001cc0)={0xa, 0xffec, 0x0, @mcast2, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00'], 0x20}, 0x2900}, {{&(0x7f0000000200)={0xa, 0x4e21, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}, 0x1c, 0x0}}], 0x2, 0x0)

821.931058ms ago: executing program 0 (id=3079):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e99900000000fedbdf25fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc"], 0xb8}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80030001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x4000)

668.903893ms ago: executing program 3 (id=3080):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x22, 0x0, "43cad7b04bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8)
setsockopt$inet_tcp_int(r2, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10)
connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
recvmmsg(r1, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/47, 0x2f}], 0x1}, 0x3ff}], 0x1, 0x123, 0x0)
shutdown(r1, 0x1)
unshare(0x20000400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000141401"], 0x18}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r6=>0x0})
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/user\x00')
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x24, r5, 0xd66771a5e8224ded, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r7}]}, 0x24}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x1c, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0xc, 0x0, 0x0, @fd=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x22, 0x0, "43cad7b04bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8) (async)
setsockopt$inet_tcp_int(r2, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6) (async)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10) (async)
connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) (async)
recvmmsg(r1, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/47, 0x2f}], 0x1}, 0x3ff}], 0x1, 0x123, 0x0) (async)
shutdown(r1, 0x1) (async)
unshare(0x20000400) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000141401"], 0x18}}, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000400)={'wlan1\x00'}) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/user\x00') (async)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x24, r5, 0xd66771a5e8224ded, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r7}]}, 0x24}}, 0x0) (async)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x1c, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0xc, 0x0, 0x0, @fd=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) (async)

668.542399ms ago: executing program 1 (id=3081):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000540)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac14142e08000700e000030a08000a00", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x24040000}, 0x2000800)

625.031857ms ago: executing program 0 (id=3082):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
ioctl$SIOCAX25GETUID(r0, 0x89e0, &(0x7f0000000480)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})

457.684124ms ago: executing program 0 (id=3083):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)="1844ab6825", 0x5}], 0x1}}], 0x1, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000000b40)=[{{&(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000200)="2f0ef5ff", 0x4}], 0x1}}], 0x1, 0x2400c040)

321.059374ms ago: executing program 0 (id=3084):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000000c0)={<r1=>0x0, 0x7, 0x0, 0x3, 0x62a}, &(0x7f0000000100)=0x18)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000140)={r1, 0x2}, 0x8)
setsockopt(r0, 0x84, 0x82, &(0x7f00000002c0)="1af3050000f20800", 0x8)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x300000d, 0x6052, r2, 0x1000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="180500000000000000000000000000001836000005000000000000000600000095"], &(0x7f0000000540)='syzkaller\x00', 0x5, 0xdb, &(0x7f0000003e40)=""/219, 0x41000, 0x74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r4, 0xc4fc9e906872338b, 0x24, 0x0, {{0x15}, {@void, @val={0xc, 0x99, {0x8, 0x2}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x4, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x30}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x1010c0, 0x0)

280.914398ms ago: executing program 1 (id=3085):
unshare(0x22020400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='task_newtask\x00', r1, 0x0, 0x4}, 0x18)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000001680)={@cgroup=r4, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000300)={0x8, <r5=>0x0}, 0x8)
r6 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000180)=r5, 0x4)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000940)={@cgroup=r0, r4, 0x2f, 0x2000, 0x4, @value=r6}, 0x20)

75.005844ms ago: executing program 1 (id=3086):
socket$packet(0x11, 0x2, 0x300)
unshare(0x20000400)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x18)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x21, 0x2, 0x2)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

863.377µs ago: executing program 0 (id=3087):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r0, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0x8}, 0x1c)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f0000000340))
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
bind$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r2, &(0x7f0000000000)={0xa, 0x0, 0x7fb2, @empty, 0x6, 0x2}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1, 0x5, 0x6, 0xb, 0x1000, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300000000"], 0xbc}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}]}, 0x1c}}, 0x0)
r6 = socket(0x10, 0x80003, 0x0)
write(r6, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
recvmsg$unix(r6, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000080)={'sit0\x00'})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r8 = socket(0x10, 0x803, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bdaa, 0xffffffff, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f00000001c0)={0x0, 0x10000, 0x6, 0xd9b, 0x5})
r11 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r11}, &(0x7f0000000880), &(0x7f00000008c0)}, 0x20)

0s ago: executing program 3 (id=3088):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b4000000000000006111140000000000040000000000000095000000000000001abe5201462857a3db65e291772afa2114f5963ed660b870d974d2252829f8290f8d02e3b0096b3df3e6585851cb7efb50a982b66e14716ffe33a164c3d1ff5798fc4bd6d3e5ab096e9ad743eb00"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp=0x21, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1d43, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="01004900000000"], 0x7)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x1, &(0x7f0000000040)={&(0x7f0000000980)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000390000000800030025967833cb28b99f45ae60cf4b7d82a571a5f4a7022d06d8e1b6bba297ebbe47042a63fd4be4181d6c8763b07d4c8ed0623b2efe9e29d6e15f6eae4ded8b6e0fe11ad5eba78e151f3a75633482cad0e49e71b28bbf66877b535c02fd0600000087e66d6b242f23e54311963c50e9c8e77843b3926ce00fb30a4d189ad3f97db72d9de4a2454417f0edd37fe8f41635f680c8a205cab03113439da1c07e20ac816d2f21ce2cadd252dd9395a082c691534e841182ac294f5e2675d72264ea5b634fde7c1e7c717e91502f51fc168d649947c829ef8a81e441c659c2c1a15a374105d90f08c2cb4662a640f8a765d1ccbfcaa22474d26dedd1efc0a91426fdbc8bb0e11fb357ddcf2bb9a9800b08f503ee991ed299155566016a14254f", @ANYRES32=r3, @ANYBLOB="10005a800c000180050001000c000000"], 0x2c}}, 0x4000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='9p_client_req\x00', r4}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNGETFILTER(r5, 0x801054db, &(0x7f0000000100)=""/93)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x10, 0x803, 0x0)
socket$inet6(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x840000000002, 0x3, 0xfa)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d8000000", @ANYRES16=0x0, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r6], 0x48)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

kernel console output (not intermixed with test programs):

027844][T13067] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2437'.
[  288.161823][T13076] FAULT_INJECTION: forcing a failure.
[  288.161823][T13076] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.175049][T13076] CPU: 1 UID: 0 PID: 13076 Comm: syz.3.2439 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  288.175073][T13076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.175084][T13076] Call Trace:
[  288.175091][T13076]  <TASK>
[  288.175098][T13076]  dump_stack_lvl+0x189/0x250
[  288.175124][T13076]  ? __lock_acquire+0xaac/0xd20
[  288.175148][T13076]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.175170][T13076]  ? __pfx__printk+0x10/0x10
[  288.175186][T13076]  ? __might_fault+0xb0/0x130
[  288.175219][T13076]  should_fail_ex+0x414/0x560
[  288.175243][T13076]  _copy_from_user+0x2d/0xb0
[  288.175271][T13076]  ___sys_recvmsg+0x12e/0x510
[  288.175300][T13076]  ? __pfx____sys_recvmsg+0x10/0x10
[  288.175353][T13076]  ? __might_fault+0xb0/0x130
[  288.175375][T13076]  do_recvmmsg+0x307/0x760
[  288.175398][T13076]  ? __pfx_do_recvmmsg+0x10/0x10
[  288.175425][T13076]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  288.175460][T13076]  __x64_sys_recvmmsg+0x190/0x240
[  288.175475][T13076]  ? rcu_is_watching+0x15/0xb0
[  288.175492][T13076]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  288.175512][T13076]  ? do_syscall_64+0xba/0x210
[  288.175536][T13076]  do_syscall_64+0xf6/0x210
[  288.175553][T13076]  ? clear_bhb_loop+0x60/0xb0
[  288.175573][T13076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.175589][T13076] RIP: 0033:0x7f128758e969
[  288.175605][T13076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.175619][T13076] RSP: 002b:00007f12883ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  288.175638][T13076] RAX: ffffffffffffffda RBX: 00007f12877b5fa0 RCX: 00007f128758e969
[  288.175651][T13076] RDX: 0000000000000600 RSI: 0000200000003700 RDI: 0000000000000004
[  288.175662][T13076] RBP: 00007f12883ee090 R08: 0000000000000000 R09: 0000000000000000
[  288.175673][T13076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  288.175683][T13076] R13: 0000000000000000 R14: 00007f12877b5fa0 R15: 00007ffd8e2247b8
[  288.175710][T13076]  </TASK>
[  288.688028][T13082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2442'.
[  288.790008][T13088] FAULT_INJECTION: forcing a failure.
[  288.790008][T13088] name failslab, interval 1, probability 0, space 0, times 0
[  288.877064][T13088] CPU: 0 UID: 0 PID: 13088 Comm: syz.1.2443 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  288.877091][T13088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.877101][T13088] Call Trace:
[  288.877108][T13088]  <TASK>
[  288.877116][T13088]  dump_stack_lvl+0x189/0x250
[  288.877146][T13088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.877170][T13088]  ? __pfx__printk+0x10/0x10
[  288.877192][T13088]  ? __pfx___might_resched+0x10/0x10
[  288.877214][T13088]  should_fail_ex+0x414/0x560
[  288.877239][T13088]  should_failslab+0xa8/0x100
[  288.877262][T13088]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  288.877285][T13088]  ? __alloc_skb+0x112/0x2d0
[  288.877312][T13088]  __alloc_skb+0x112/0x2d0
[  288.877339][T13088]  netlink_sendmsg+0x5c6/0xb30
[  288.877372][T13088]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.877398][T13088]  ? aa_sock_msg_perm+0x94/0x160
[  288.877421][T13088]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  288.877441][T13088]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.877466][T13088]  __sock_sendmsg+0x219/0x270
[  288.877489][T13088]  ____sys_sendmsg+0x505/0x830
[  288.877520][T13088]  ? __pfx_____sys_sendmsg+0x10/0x10
[  288.877554][T13088]  ? import_iovec+0x74/0xa0
[  288.877582][T13088]  ___sys_sendmsg+0x21f/0x2a0
[  288.877609][T13088]  ? __pfx____sys_sendmsg+0x10/0x10
[  288.877671][T13088]  ? __fget_files+0x2a/0x420
[  288.877691][T13088]  ? __fget_files+0x3a0/0x420
[  288.877724][T13088]  __x64_sys_sendmsg+0x19b/0x260
[  288.877751][T13088]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  288.877793][T13088]  ? do_syscall_64+0xba/0x210
[  288.877817][T13088]  do_syscall_64+0xf6/0x210
[  288.877837][T13088]  ? clear_bhb_loop+0x60/0xb0
[  288.877859][T13088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.877876][T13088] RIP: 0033:0x7f0b8498e969
[  288.877891][T13088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.877905][T13088] RSP: 002b:00007f0b85721038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.877921][T13088] RAX: ffffffffffffffda RBX: 00007f0b84bb5fa0 RCX: 00007f0b8498e969
[  288.877933][T13088] RDX: 0000000000004800 RSI: 0000200000000300 RDI: 0000000000000003
[  288.877942][T13088] RBP: 00007f0b85721090 R08: 0000000000000000 R09: 0000000000000000
[  288.877952][T13088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.877961][T13088] R13: 0000000000000000 R14: 00007f0b84bb5fa0 R15: 00007ffe2224b448
[  288.877992][T13088]  </TASK>
[  289.329241][T13098] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2446'.
[  289.569613][T13116] 8021q: VLANs not supported on gre0
[  289.638369][T13120] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  289.790011][T13127] No such timeout policy "syz0"
[  289.932340][T13133] validate_nla: 7 callbacks suppressed
[  289.932360][T13133] netlink: 'syz.0.2457': attribute type 1 has an invalid length.
[  290.248326][T13151] netlink: 'syz.2.2461': attribute type 1 has an invalid length.
[  290.412693][T13160] bond0: entered promiscuous mode
[  290.440479][T13160] bond_slave_0: entered promiscuous mode
[  290.455777][T13160] bond_slave_1: entered promiscuous mode
[  290.477078][T13160] bond0: left promiscuous mode
[  290.481898][T13160] bond_slave_0: left promiscuous mode
[  290.503259][T13160] bond_slave_1: left promiscuous mode
[  290.528983][T13169] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  290.550911][T13169] netlink: 'syz.0.2469': attribute type 1 has an invalid length.
[  290.566832][T13172] FAULT_INJECTION: forcing a failure.
[  290.566832][T13172] name failslab, interval 1, probability 0, space 0, times 0
[  290.607525][T13172] CPU: 0 UID: 0 PID: 13172 Comm: syz.1.2471 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  290.607554][T13172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  290.607565][T13172] Call Trace:
[  290.607573][T13172]  <TASK>
[  290.607581][T13172]  dump_stack_lvl+0x189/0x250
[  290.607613][T13172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.607638][T13172]  ? __pfx__printk+0x10/0x10
[  290.607671][T13172]  should_fail_ex+0x414/0x560
[  290.607765][T13172]  should_failslab+0xa8/0x100
[  290.607791][T13172]  __kmalloc_cache_noprof+0x70/0x3d0
[  290.607814][T13172]  ? sctp_add_bind_addr+0x8c/0x370
[  290.607840][T13172]  sctp_add_bind_addr+0x8c/0x370
[  290.607864][T13172]  sctp_copy_local_addr_list+0x30b/0x4e0
[  290.607888][T13172]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  290.607910][T13172]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  290.607937][T13172]  ? sctp_v6_is_any+0x64/0x80
[  290.608015][T13172]  ? sctp_copy_one_addr+0x93/0x360
[  290.608044][T13172]  sctp_bind_addr_copy+0xb3/0x3c0
[  290.608066][T13172]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  290.608086][T13172]  sctp_connect_new_asoc+0x2e0/0x690
[  290.608115][T13172]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  290.608138][T13172]  ? __local_bh_enable_ip+0x12d/0x1c0
[  290.608163][T13172]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  290.608185][T13172]  ? security_sctp_bind_connect+0x7e/0x2e0
[  290.608213][T13172]  sctp_sendmsg+0x155c/0x2810
[  290.608250][T13172]  ? __pfx_sctp_sendmsg+0x10/0x10
[  290.608284][T13172]  ? aa_sk_perm+0x81e/0x950
[  290.608312][T13172]  ? __pfx_aa_sk_perm+0x10/0x10
[  290.608334][T13172]  ? sock_rps_record_flow+0x19/0x410
[  290.608359][T13172]  ? inet_sendmsg+0x2f4/0x370
[  290.608384][T13172]  __sock_sendmsg+0x19c/0x270
[  290.608411][T13172]  __sys_sendto+0x3bd/0x520
[  290.608437][T13172]  ? __pfx___sys_sendto+0x10/0x10
[  290.608457][T13172]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  290.608492][T13172]  ? __fget_files+0x3a0/0x420
[  290.608528][T13172]  ? ksys_write+0x1f0/0x250
[  290.608560][T13172]  __x64_sys_sendto+0xde/0x100
[  290.608587][T13172]  do_syscall_64+0xf6/0x210
[  290.608608][T13172]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  290.608626][T13172]  ? clear_bhb_loop+0x60/0xb0
[  290.608648][T13172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.608665][T13172] RIP: 0033:0x7f0b8498e969
[  290.608682][T13172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.608697][T13172] RSP: 002b:00007f0b85721038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  290.608723][T13172] RAX: ffffffffffffffda RBX: 00007f0b84bb5fa0 RCX: 00007f0b8498e969
[  290.608736][T13172] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  290.608748][T13172] RBP: 00007f0b85721090 R08: 0000200000000080 R09: 000000000000001c
[  290.608760][T13172] R10: 0000000000000051 R11: 0000000000000246 R12: 0000000000000002
[  290.608771][T13172] R13: 0000000000000000 R14: 00007f0b84bb5fa0 R15: 00007ffe2224b448
[  290.608803][T13172]  </TASK>
[  291.065039][T13183] netlink: 'syz.3.2473': attribute type 1 has an invalid length.
[  291.120178][T13187] FAULT_INJECTION: forcing a failure.
[  291.120178][T13187] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.151542][T13187] CPU: 0 UID: 0 PID: 13187 Comm: syz.4.2477 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  291.151570][T13187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.151581][T13187] Call Trace:
[  291.151589][T13187]  <TASK>
[  291.151597][T13187]  dump_stack_lvl+0x189/0x250
[  291.151625][T13187]  ? __lock_acquire+0xaac/0xd20
[  291.151653][T13187]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.151677][T13187]  ? __pfx__printk+0x10/0x10
[  291.151694][T13187]  ? __might_fault+0xb0/0x130
[  291.151730][T13187]  should_fail_ex+0x414/0x560
[  291.151756][T13187]  _copy_from_user+0x2d/0xb0
[  291.151782][T13187]  kstrtouint_from_user+0xc4/0x170
[  291.151806][T13187]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  291.151847][T13187]  proc_fail_nth_write+0x88/0x240
[  291.151872][T13187]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  291.151903][T13187]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  291.151929][T13187]  vfs_write+0x27b/0xa90
[  291.151967][T13187]  ? __pfx_vfs_write+0x10/0x10
[  291.151989][T13187]  ? __fget_files+0x2a/0x420
[  291.152017][T13187]  ? __fget_files+0x3a0/0x420
[  291.152038][T13187]  ? __fget_files+0x2a/0x420
[  291.152070][T13187]  ksys_write+0x145/0x250
[  291.152088][T13187]  ? rcu_is_watching+0x15/0xb0
[  291.152106][T13187]  ? __pfx_ksys_write+0x10/0x10
[  291.152131][T13187]  ? do_syscall_64+0xba/0x210
[  291.152156][T13187]  do_syscall_64+0xf6/0x210
[  291.152176][T13187]  ? clear_bhb_loop+0x60/0xb0
[  291.152198][T13187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.152215][T13187] RIP: 0033:0x7f41d1d8d41f
[  291.152231][T13187] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  291.152246][T13187] RSP: 002b:00007f41d2b6c030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  291.152265][T13187] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f41d1d8d41f
[  291.152278][T13187] RDX: 0000000000000001 RSI: 00007f41d2b6c0a0 RDI: 0000000000000005
[  291.152289][T13187] RBP: 00007f41d2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  291.152300][T13187] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  291.152310][T13187] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  291.152340][T13187]  </TASK>
[  291.698205][T13207] FAULT_INJECTION: forcing a failure.
[  291.698205][T13207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.716319][T13207] CPU: 0 UID: 0 PID: 13207 Comm: syz.2.2483 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  291.716343][T13207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.716353][T13207] Call Trace:
[  291.716360][T13207]  <TASK>
[  291.716368][T13207]  dump_stack_lvl+0x189/0x250
[  291.716394][T13207]  ? __lock_acquire+0xaac/0xd20
[  291.716417][T13207]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.716438][T13207]  ? __pfx__printk+0x10/0x10
[  291.716454][T13207]  ? __might_fault+0xb0/0x130
[  291.716488][T13207]  should_fail_ex+0x414/0x560
[  291.716510][T13207]  _copy_from_user+0x2d/0xb0
[  291.716533][T13207]  generic_map_update_batch+0x51b/0x7f0
[  291.716563][T13207]  ? __pfx_generic_map_update_batch+0x10/0x10
[  291.716581][T13207]  ? __fget_files+0x2a/0x420
[  291.716610][T13207]  ? __pfx_generic_map_update_batch+0x10/0x10
[  291.716627][T13207]  bpf_map_do_batch+0x369/0x5f0
[  291.716657][T13207]  __sys_bpf+0x384/0x860
[  291.716678][T13207]  ? __pfx___sys_bpf+0x10/0x10
[  291.716711][T13207]  ? ksys_write+0x1f0/0x250
[  291.716729][T13207]  ? rcu_is_watching+0x15/0xb0
[  291.716757][T13207]  __x64_sys_bpf+0x7c/0x90
[  291.716777][T13207]  do_syscall_64+0xf6/0x210
[  291.716798][T13207]  ? clear_bhb_loop+0x60/0xb0
[  291.716820][T13207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.716836][T13207] RIP: 0033:0x7faa4078e969
[  291.716852][T13207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.716867][T13207] RSP: 002b:00007faa41623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  291.716885][T13207] RAX: ffffffffffffffda RBX: 00007faa409b5fa0 RCX: 00007faa4078e969
[  291.716898][T13207] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  291.716909][T13207] RBP: 00007faa41623090 R08: 0000000000000000 R09: 0000000000000000
[  291.716927][T13207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  291.716936][T13207] R13: 0000000000000000 R14: 00007faa409b5fa0 R15: 00007fffc59b59a8
[  291.716961][T13207]  </TASK>
[  292.047575][T13219] __nla_validate_parse: 12 callbacks suppressed
[  292.047600][T13219] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2487'.
[  292.187879][T13228] FAULT_INJECTION: forcing a failure.
[  292.187879][T13228] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  292.228499][T13228] CPU: 0 UID: 0 PID: 13228 Comm: syz.2.2491 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  292.228528][T13228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.228539][T13228] Call Trace:
[  292.228547][T13228]  <TASK>
[  292.228555][T13228]  dump_stack_lvl+0x189/0x250
[  292.228588][T13228]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.228619][T13228]  ? __pfx__printk+0x10/0x10
[  292.228639][T13228]  ? fs_reclaim_acquire+0x7d/0x100
[  292.228674][T13228]  should_fail_ex+0x414/0x560
[  292.228698][T13228]  prepare_alloc_pages+0x213/0x610
[  292.228724][T13228]  __alloc_frozen_pages_noprof+0x123/0x370
[  292.228746][T13228]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  292.228772][T13228]  ? policy_nodemask+0x27c/0x720
[  292.228800][T13228]  alloc_pages_mpol+0x232/0x4a0
[  292.228825][T13228]  folio_alloc_mpol_noprof+0x39/0x70
[  292.228846][T13228]  shmem_alloc_and_add_folio+0x447/0xf60
[  292.228871][T13228]  ? filemap_get_entry+0xad/0x2f0
[  292.228888][T13228]  ? filemap_get_entry+0xad/0x2f0
[  292.228903][T13228]  ? filemap_get_entry+0xad/0x2f0
[  292.228924][T13228]  ? shmem_huge_global_enabled+0x174/0x3a0
[  292.228945][T13228]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  292.228972][T13228]  ? shmem_allowable_huge_orders+0x414/0x420
[  292.229001][T13228]  shmem_get_folio_gfp+0x597/0x15f0
[  292.229044][T13228]  shmem_fault+0x179/0x390
[  292.229077][T13228]  __do_fault+0x135/0x390
[  292.229105][T13228]  __handle_mm_fault+0x17f9/0x5380
[  292.229147][T13228]  ? __pfx___handle_mm_fault+0x10/0x10
[  292.229184][T13228]  ? follow_page_pte+0x888/0x13c0
[  292.229217][T13228]  handle_mm_fault+0x40a/0x8e0
[  292.229250][T13228]  __get_user_pages+0x16f0/0x2a40
[  292.229306][T13228]  ? __pfx___get_user_pages+0x10/0x10
[  292.229336][T13228]  __gup_longterm_locked+0x7c3/0x15b0
[  292.229383][T13228]  gup_fast_fallback+0x1843/0x1d60
[  292.229439][T13228]  ? __pfx_gup_fast_fallback+0x10/0x10
[  292.229460][T13228]  ? rcu_is_watching+0x15/0xb0
[  292.229481][T13228]  ? is_valid_gup_args+0x11f/0x200
[  292.229504][T13228]  ? pin_user_pages_fast+0x4d/0xb0
[  292.229528][T13228]  rds_cmsg_rdma_args+0x8f4/0x1240
[  292.229581][T13228]  rds_cmsg_send+0x33d/0x5c0
[  292.229624][T13228]  rds_sendmsg+0x1129/0x1f00
[  292.229664][T13228]  ? __pfx_rds_sendmsg+0x10/0x10
[  292.229684][T13228]  ? aa_sk_perm+0x81e/0x950
[  292.229709][T13228]  ? __pfx_aa_sk_perm+0x10/0x10
[  292.229725][T13228]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  292.229756][T13228]  ? aa_sock_msg_perm+0x94/0x160
[  292.229778][T13228]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  292.229798][T13228]  ? __pfx_rds_sendmsg+0x10/0x10
[  292.229822][T13228]  __sock_sendmsg+0x219/0x270
[  292.229845][T13228]  ____sys_sendmsg+0x505/0x830
[  292.229877][T13228]  ? __pfx_____sys_sendmsg+0x10/0x10
[  292.229911][T13228]  ? import_iovec+0x74/0xa0
[  292.229941][T13228]  ___sys_sendmsg+0x21f/0x2a0
[  292.229969][T13228]  ? __pfx____sys_sendmsg+0x10/0x10
[  292.230033][T13228]  ? __fget_files+0x2a/0x420
[  292.230055][T13228]  ? __fget_files+0x3a0/0x420
[  292.230089][T13228]  __x64_sys_sendmsg+0x19b/0x260
[  292.230117][T13228]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  292.230161][T13228]  ? do_syscall_64+0xba/0x210
[  292.230185][T13228]  do_syscall_64+0xf6/0x210
[  292.230205][T13228]  ? clear_bhb_loop+0x60/0xb0
[  292.230227][T13228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.230244][T13228] RIP: 0033:0x7faa4078e969
[  292.230261][T13228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.230276][T13228] RSP: 002b:00007faa41623038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  292.230296][T13228] RAX: ffffffffffffffda RBX: 00007faa409b5fa0 RCX: 00007faa4078e969
[  292.230310][T13228] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000003
[  292.230320][T13228] RBP: 00007faa41623090 R08: 0000000000000000 R09: 0000000000000000
[  292.230331][T13228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  292.230342][T13228] R13: 0000000000000000 R14: 00007faa409b5fa0 R15: 00007fffc59b59a8
[  292.230372][T13228]  </TASK>
[  292.673656][T13237] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2493'.
[  292.684605][T13237] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  292.799671][T13245] netlink: 'syz.4.2496': attribute type 4 has an invalid length.
[  292.808260][T13245] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2496'.
[  292.889422][T13252] netlink: 'syz.1.2498': attribute type 2 has an invalid length.
[  292.915468][T13252] netlink: 'syz.1.2498': attribute type 8 has an invalid length.
[  292.923421][T13252] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2498'.
[  292.953096][T13255] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:20002
[  293.039232][T13259] sctp: [Deprecated]: syz.2.2499 (pid 13259) Use of struct sctp_assoc_value in delayed_ack socket option.
[  293.039232][T13259] Use struct sctp_sack_info instead
[  293.174934][T13262] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2502'.
[  293.697757][T13274] xt_hashlimit: size too large, truncated to 1048576
[  293.874665][T13280] xt_hashlimit: size too large, truncated to 1048576
[  293.888596][T13286] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  293.932374][T13290] FAULT_INJECTION: forcing a failure.
[  293.932374][T13290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.975203][T13291] Bluetooth: MGMT ver 1.23
[  294.019832][T13290] CPU: 0 UID: 0 PID: 13290 Comm: syz.3.2509 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  294.019860][T13290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  294.019872][T13290] Call Trace:
[  294.019880][T13290]  <TASK>
[  294.019890][T13290]  dump_stack_lvl+0x189/0x250
[  294.019922][T13290]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.019946][T13290]  ? __pfx__printk+0x10/0x10
[  294.019978][T13290]  should_fail_ex+0x414/0x560
[  294.020003][T13290]  _copy_to_user+0x31/0xb0
[  294.020029][T13290]  simple_read_from_buffer+0xe1/0x170
[  294.020057][T13290]  proc_fail_nth_read+0x1df/0x250
[  294.020085][T13290]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  294.020112][T13290]  ? rw_verify_area+0x258/0x650
[  294.020131][T13290]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  294.020157][T13290]  vfs_read+0x1fd/0x980
[  294.020183][T13290]  ? __pfx___mutex_lock+0x10/0x10
[  294.020204][T13290]  ? __pfx_vfs_read+0x10/0x10
[  294.020226][T13290]  ? __fget_files+0x2a/0x420
[  294.020254][T13290]  ? __fget_files+0x3a0/0x420
[  294.020275][T13290]  ? __fget_files+0x2a/0x420
[  294.020310][T13290]  ksys_read+0x145/0x250
[  294.020332][T13290]  ? __pfx_ksys_read+0x10/0x10
[  294.020355][T13290]  ? do_syscall_64+0xba/0x210
[  294.020379][T13290]  do_syscall_64+0xf6/0x210
[  294.020400][T13290]  ? clear_bhb_loop+0x60/0xb0
[  294.020422][T13290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.020440][T13290] RIP: 0033:0x7f128758d37c
[  294.020456][T13290] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  294.020472][T13290] RSP: 002b:00007f12883cd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  294.020491][T13290] RAX: ffffffffffffffda RBX: 00007f12877b6080 RCX: 00007f128758d37c
[  294.020504][T13290] RDX: 000000000000000f RSI: 00007f12883cd0a0 RDI: 0000000000000003
[  294.020516][T13290] RBP: 00007f12883cd090 R08: 0000000000000000 R09: 0000000000000000
[  294.020527][T13290] R10: 0000200000001300 R11: 0000000000000246 R12: 0000000000000001
[  294.020538][T13290] R13: 0000000000000001 R14: 00007f12877b6080 R15: 00007ffd8e2247b8
[  294.020569][T13290]  </TASK>
[  294.560524][T13299] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2516'.
[  294.586747][T13294] netlink: 136 bytes leftover after parsing attributes in process `syz.2.2513'.
[  294.596667][T13294] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  295.108280][T13316] netlink: 'syz.0.2521': attribute type 4 has an invalid length.
[  295.127651][T13316] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2521'.
[  295.522583][T13340] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2529'.
[  295.702211][T13347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2531'.
[  296.138690][T13369] FAULT_INJECTION: forcing a failure.
[  296.138690][T13369] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.209807][T13369] CPU: 0 UID: 0 PID: 13369 Comm: syz.2.2536 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  296.209834][T13369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  296.209843][T13369] Call Trace:
[  296.209850][T13369]  <TASK>
[  296.209857][T13369]  dump_stack_lvl+0x189/0x250
[  296.209889][T13369]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.209911][T13369]  ? __pfx__printk+0x10/0x10
[  296.209936][T13369]  should_fail_ex+0x414/0x560
[  296.209959][T13369]  _copy_to_user+0x31/0xb0
[  296.209984][T13369]  simple_read_from_buffer+0xe1/0x170
[  296.210009][T13369]  proc_fail_nth_read+0x1df/0x250
[  296.210036][T13369]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.210058][T13369]  ? rw_verify_area+0x258/0x650
[  296.210074][T13369]  ? aa_sk_perm+0x81e/0x950
[  296.210089][T13369]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.210114][T13369]  vfs_read+0x1fd/0x980
[  296.210133][T13369]  ? __pfx_aa_sk_perm+0x10/0x10
[  296.210152][T13369]  ? do_sock_setsockopt+0x267/0x3e0
[  296.210175][T13369]  ? __pfx_vfs_read+0x10/0x10
[  296.210187][T13369]  ? do_sock_setsockopt+0x267/0x3e0
[  296.210205][T13369]  ? kfree+0x4d/0x440
[  296.210222][T13369]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  296.210242][T13369]  ? do_sock_setsockopt+0x267/0x3e0
[  296.210263][T13369]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  296.210291][T13369]  ksys_read+0x145/0x250
[  296.210314][T13369]  ? __pfx_ksys_read+0x10/0x10
[  296.210336][T13369]  ? do_syscall_64+0xba/0x210
[  296.210359][T13369]  do_syscall_64+0xf6/0x210
[  296.210378][T13369]  ? clear_bhb_loop+0x60/0xb0
[  296.210400][T13369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.210423][T13369] RIP: 0033:0x7faa4078d37c
[  296.210439][T13369] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  296.210454][T13369] RSP: 002b:00007faa41623030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  296.210473][T13369] RAX: ffffffffffffffda RBX: 00007faa409b5fa0 RCX: 00007faa4078d37c
[  296.210485][T13369] RDX: 000000000000000f RSI: 00007faa416230a0 RDI: 0000000000000004
[  296.210496][T13369] RBP: 00007faa41623090 R08: 0000000000000000 R09: 0000000000000000
[  296.210507][T13369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.210518][T13369] R13: 0000000000000000 R14: 00007faa409b5fa0 R15: 00007fffc59b59a8
[  296.210546][T13369]  </TASK>
[  296.866508][T13388] netlink: 'syz.3.2545': attribute type 1 has an invalid length.
[  296.875054][T13388] NCSI netlink: No device for ifindex 0
[  296.957668][T13393] netlink: 'syz.0.2547': attribute type 4 has an invalid length.
[  297.583140][T13410] 8021q: VLANs not supported on nlmon0
[  297.986014][T13429] __nla_validate_parse: 5 callbacks suppressed
[  297.986035][T13429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2559'.
[  298.099858][T13432] xfrm1: entered allmulticast mode
[  298.335186][T13448] netlink: 'syz.0.2568': attribute type 4 has an invalid length.
[  298.366119][T13448] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2568'.
[  299.087186][T13455] 8021q: VLANs not supported on nlmon0
[  299.324048][T13465] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2574'.
[  299.492702][T13470] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2577'.
[  300.024211][T13489] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  300.101733][T13494] netlink: 'syz.0.2585': attribute type 4 has an invalid length.
[  300.110456][T13494] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2585'.
[  300.119854][T13489] netlink: 'syz.4.2583': attribute type 1 has an invalid length.
[  300.131363][T13489] netlink: 600 bytes leftover after parsing attributes in process `syz.4.2583'.
[  300.253524][T13489] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2583'.
[  300.296499][T13502] netlink: 'syz.3.2587': attribute type 10 has an invalid length.
[  300.317920][T13502] openvswitch: netlink: Flow key attr not present in new flow.
[  300.411047][T13507] sctp: [Deprecated]: syz.3.2587 (pid 13507) Use of int in max_burst socket option deprecated.
[  300.411047][T13507] Use struct sctp_assoc_value instead
[  300.487162][T13510] syz_tun: entered allmulticast mode
[  300.501307][T13509] syz_tun: left allmulticast mode
[  300.503731][T13512] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2590'.
[  300.531812][T13512] netlink: 'syz.1.2590': attribute type 4 has an invalid length.
[  301.369521][T13535] FAULT_INJECTION: forcing a failure.
[  301.369521][T13535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.432217][T13535] CPU: 1 UID: 0 PID: 13535 Comm: syz.3.2600 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  301.432245][T13535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.432256][T13535] Call Trace:
[  301.432263][T13535]  <TASK>
[  301.432272][T13535]  dump_stack_lvl+0x189/0x250
[  301.432298][T13535]  ? __lock_acquire+0xaac/0xd20
[  301.432325][T13535]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.432347][T13535]  ? __pfx__printk+0x10/0x10
[  301.432365][T13535]  ? __might_fault+0xb0/0x130
[  301.432399][T13535]  should_fail_ex+0x414/0x560
[  301.432423][T13535]  _copy_from_user+0x2d/0xb0
[  301.432448][T13535]  sk_getsockopt+0x197/0x24e0
[  301.432479][T13535]  ? __pfx_sk_getsockopt+0x10/0x10
[  301.432501][T13535]  ? do_syscall_64+0x40/0x210
[  301.432533][T13535]  ? __lock_acquire+0xaac/0xd20
[  301.432565][T13535]  ? __might_fault+0xb0/0x130
[  301.432607][T13535]  do_sock_getsockopt+0x275/0x650
[  301.432630][T13535]  ? do_syscall_64+0x40/0x210
[  301.432660][T13535]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  301.432683][T13535]  ? do_syscall_64+0x40/0x210
[  301.432701][T13535]  ? __fget_files+0x2a/0x420
[  301.432723][T13535]  ? __fget_files+0x3a0/0x420
[  301.432744][T13535]  ? __fget_files+0x2a/0x420
[  301.432774][T13535]  __x64_sys_getsockopt+0x1a5/0x250
[  301.432796][T13535]  ? do_syscall_64+0x40/0x210
[  301.432817][T13535]  ? do_syscall_64+0x40/0x210
[  301.432840][T13535]  do_syscall_64+0xf6/0x210
[  301.432860][T13535]  ? clear_bhb_loop+0x60/0xb0
[  301.432881][T13535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.432898][T13535] RIP: 0033:0x7f128758e969
[  301.432913][T13535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.432928][T13535] RSP: 002b:00007f12883ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  301.432947][T13535] RAX: ffffffffffffffda RBX: 00007f12877b5fa0 RCX: 00007f128758e969
[  301.432960][T13535] RDX: 000000000000000b RSI: 0000000000000001 RDI: 0000000000000003
[  301.432970][T13535] RBP: 00007f12883ee090 R08: 0000200000000080 R09: 0000000000000000
[  301.432982][T13535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.432992][T13535] R13: 0000000000000000 R14: 00007f12877b5fa0 R15: 00007ffd8e2247b8
[  301.433022][T13535]  </TASK>
[  301.459888][T13539] FAULT_INJECTION: forcing a failure.
[  301.459888][T13539] name failslab, interval 1, probability 0, space 0, times 0
[  301.636723][T13547] netlink: 'syz.3.2606': attribute type 10 has an invalid length.
[  301.646439][T13539] CPU: 0 UID: 0 PID: 13539 Comm: syz.1.2602 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  301.646465][T13539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.646477][T13539] Call Trace:
[  301.646484][T13539]  <TASK>
[  301.646492][T13539]  dump_stack_lvl+0x189/0x250
[  301.646523][T13539]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.646545][T13539]  ? __pfx__printk+0x10/0x10
[  301.646569][T13539]  ? __pfx___might_resched+0x10/0x10
[  301.646591][T13539]  should_fail_ex+0x414/0x560
[  301.646637][T13539]  should_failslab+0xa8/0x100
[  301.646661][T13539]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  301.646685][T13539]  ? __alloc_skb+0x112/0x2d0
[  301.646711][T13539]  __alloc_skb+0x112/0x2d0
[  301.646736][T13539]  netlink_sendmsg+0x5c6/0xb30
[  301.646769][T13539]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.646795][T13539]  ? aa_sock_msg_perm+0x94/0x160
[  301.646816][T13539]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  301.646835][T13539]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.646857][T13539]  __sock_sendmsg+0x219/0x270
[  301.646888][T13539]  ____sys_sendmsg+0x505/0x830
[  301.646918][T13539]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.646950][T13539]  ? import_iovec+0x74/0xa0
[  301.646977][T13539]  ___sys_sendmsg+0x21f/0x2a0
[  301.647003][T13539]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.647062][T13539]  ? __fget_files+0x2a/0x420
[  301.647083][T13539]  ? __fget_files+0x3a0/0x420
[  301.647115][T13539]  __x64_sys_sendmsg+0x19b/0x260
[  301.647140][T13539]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  301.647181][T13539]  ? do_syscall_64+0xba/0x210
[  301.647204][T13539]  do_syscall_64+0xf6/0x210
[  301.647223][T13539]  ? clear_bhb_loop+0x60/0xb0
[  301.647244][T13539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.647260][T13539] RIP: 0033:0x7f0b8498e969
[  301.647275][T13539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.647290][T13539] RSP: 002b:00007f0b85721038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.647308][T13539] RAX: ffffffffffffffda RBX: 00007f0b84bb5fa0 RCX: 00007f0b8498e969
[  301.647320][T13539] RDX: 0000000020000890 RSI: 0000200000000240 RDI: 0000000000000005
[  301.647331][T13539] RBP: 00007f0b85721090 R08: 0000000000000000 R09: 0000000000000000
[  301.647341][T13539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.647351][T13539] R13: 0000000000000000 R14: 00007f0b84bb5fa0 R15: 00007ffe2224b448
[  301.647379][T13539]  </TASK>
[  301.741563][T13551] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  301.746611][T13547] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2606'.
[  301.784259][T13551] netlink: 'syz.1.2607': attribute type 1 has an invalid length.
[  301.793271][T13547] veth0_vlan: left promiscuous mode
[  301.794410][T13552] netlink: 'syz.2.2604': attribute type 1 has an invalid length.
[  301.799238][T13547] veth0_vlan: entered promiscuous mode
[  301.808465][T13552] netlink: 208 bytes leftover after parsing attributes in process `syz.2.2604'.
[  301.853808][T13547] veth0_vlan: entered allmulticast mode
[  302.008638][T13547] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  302.027911][T13560] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  302.287878][T13574] IPVS: set_ctl: invalid protocol: 41 224.0.0.1:20004
[  302.328603][T13580] sctp: [Deprecated]: syz.0.2613 (pid 13580) Use of struct sctp_assoc_value in delayed_ack socket option.
[  302.328603][T13580] Use struct sctp_sack_info instead
[  302.354042][T13580] FAULT_INJECTION: forcing a failure.
[  302.354042][T13580] name failslab, interval 1, probability 0, space 0, times 0
[  302.370572][T13580] CPU: 0 UID: 0 PID: 13580 Comm: syz.0.2613 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  302.370599][T13580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.370609][T13580] Call Trace:
[  302.370617][T13580]  <TASK>
[  302.370625][T13580]  dump_stack_lvl+0x189/0x250
[  302.370657][T13580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.370680][T13580]  ? __pfx__printk+0x10/0x10
[  302.370701][T13580]  ? __pfx___might_resched+0x10/0x10
[  302.370719][T13580]  ? fs_reclaim_acquire+0x7d/0x100
[  302.370749][T13580]  should_fail_ex+0x414/0x560
[  302.370774][T13580]  should_failslab+0xa8/0x100
[  302.370798][T13580]  __kmalloc_cache_noprof+0x70/0x3d0
[  302.370820][T13580]  ? __alloc_workqueue+0x166/0x1b70
[  302.370846][T13580]  __alloc_workqueue+0x166/0x1b70
[  302.370875][T13580]  ? rtnl_newlink+0x16d6/0x1c70
[  302.370895][T13580]  ? rtnetlink_rcv_msg+0x7cc/0xb70
[  302.370929][T13580]  alloc_workqueue+0xd4/0x210
[  302.370951][T13580]  ? net_generic+0x1e/0x240
[  302.370971][T13580]  ? __pfx_alloc_workqueue+0x10/0x10
[  302.370994][T13580]  ? net_generic+0x1e/0x240
[  302.371010][T13580]  ? net_generic+0x1e/0x240
[  302.371033][T13580]  bond_init+0xd4/0x860
[  302.371063][T13580]  ? __pfx_bond_init+0x10/0x10
[  302.371084][T13580]  ? __kasan_kmalloc+0x93/0xb0
[  302.371115][T13580]  register_netdevice+0x6bc/0x1ae0
[  302.371143][T13580]  ? __kvmalloc_node_noprof+0x338/0x5e0
[  302.371165][T13580]  ? alloc_netdev_mqs+0xc9e/0x11e0
[  302.371184][T13580]  ? __pfx_register_netdevice+0x10/0x10
[  302.371202][T13580]  ? validate_linkmsg+0x765/0x950
[  302.371232][T13580]  bond_newlink+0x60/0xb0
[  302.371248][T13580]  ? __pfx_bond_newlink+0x10/0x10
[  302.371266][T13580]  rtnl_newlink_create+0x30d/0xb00
[  302.371296][T13580]  ? __pfx_aa_get_newest_label+0x10/0x10
[  302.371320][T13580]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  302.371341][T13580]  ? rtnl_newlink+0x8db/0x1c70
[  302.371364][T13580]  ? __pfx___mutex_lock+0x10/0x10
[  302.371395][T13580]  ? ns_capable+0x8a/0xf0
[  302.371416][T13580]  rtnl_newlink+0x16d6/0x1c70
[  302.371454][T13580]  ? __pfx_rtnl_newlink+0x10/0x10
[  302.371478][T13580]  ? is_bpf_text_address+0x292/0x2b0
[  302.371507][T13580]  ? __lock_acquire+0xaac/0xd20
[  302.371544][T13580]  ? __lock_acquire+0xaac/0xd20
[  302.371586][T13580]  ? is_bpf_text_address+0x26/0x2b0
[  302.371613][T13580]  ? is_bpf_text_address+0x292/0x2b0
[  302.371635][T13580]  ? is_bpf_text_address+0x26/0x2b0
[  302.371661][T13580]  ? kernel_text_address+0xa5/0xe0
[  302.371692][T13580]  ? aa_get_newest_label+0xf7/0x5d0
[  302.371715][T13580]  ? __lock_acquire+0xaac/0xd20
[  302.371758][T13580]  ? __pfx_rtnl_newlink+0x10/0x10
[  302.371776][T13580]  rtnetlink_rcv_msg+0x7cc/0xb70
[  302.371798][T13580]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  302.371815][T13580]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  302.371859][T13580]  netlink_rcv_skb+0x205/0x470
[  302.371885][T13580]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  302.371907][T13580]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  302.371944][T13580]  ? netlink_deliver_tap+0x2e/0x1b0
[  302.371966][T13580]  ? netlink_deliver_tap+0x2e/0x1b0
[  302.371994][T13580]  netlink_unicast+0x758/0x8d0
[  302.372028][T13580]  netlink_sendmsg+0x805/0xb30
[  302.372061][T13580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  302.372088][T13580]  ? aa_sock_msg_perm+0x94/0x160
[  302.372109][T13580]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  302.372129][T13580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  302.372152][T13580]  __sock_sendmsg+0x219/0x270
[  302.372176][T13580]  ____sys_sendmsg+0x505/0x830
[  302.372206][T13580]  ? __pfx_____sys_sendmsg+0x10/0x10
[  302.372241][T13580]  ? import_iovec+0x74/0xa0
[  302.372269][T13580]  ___sys_sendmsg+0x21f/0x2a0
[  302.372295][T13580]  ? __pfx____sys_sendmsg+0x10/0x10
[  302.372359][T13580]  ? __fget_files+0x2a/0x420
[  302.372380][T13580]  ? __fget_files+0x3a0/0x420
[  302.372413][T13580]  __x64_sys_sendmsg+0x19b/0x260
[  302.372440][T13580]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  302.372483][T13580]  ? do_syscall_64+0xba/0x210
[  302.372506][T13580]  do_syscall_64+0xf6/0x210
[  302.372525][T13580]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  302.372542][T13580]  ? clear_bhb_loop+0x60/0xb0
[  302.372563][T13580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.372580][T13580] RIP: 0033:0x7fe337b8e969
[  302.372596][T13580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.372610][T13580] RSP: 002b:00007fe338a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  302.372629][T13580] RAX: ffffffffffffffda RBX: 00007fe337db6080 RCX: 00007fe337b8e969
[  302.372642][T13580] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000007
[  302.372653][T13580] RBP: 00007fe338a6f090 R08: 0000000000000000 R09: 0000000000000000
[  302.372664][T13580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  302.372674][T13580] R13: 0000000000000000 R14: 00007fe337db6080 R15: 00007ffce4503388
[  302.372705][T13580]  </TASK>
[  303.000579][T13583] xt_connbytes: Forcing CT accounting to be enabled
[  303.027094][T13583] set match dimension is over the limit!
[  303.142651][T13598] netlink: 'syz.0.2621': attribute type 2 has an invalid length.
[  303.159003][T13600] netlink: 'syz.2.2622': attribute type 15 has an invalid length.
[  303.167080][T13600] __nla_validate_parse: 7 callbacks suppressed
[  303.167095][T13600] netlink: 666 bytes leftover after parsing attributes in process `syz.2.2622'.
[  303.379789][T13605] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2625'.
[  303.572993][T13614] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  303.615018][T13608] netlink: 'syz.3.2623': attribute type 1 has an invalid length.
[  303.634767][T13608] netlink: 600 bytes leftover after parsing attributes in process `syz.3.2623'.
[  303.721800][T13612] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2623'.
[  303.802184][T13629] batman_adv: batadv0: Interface activated: dummy0
[  303.809246][T13629] batadv0: mtu less than device minimum
[  303.820886][T13629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  303.832943][T13629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  303.844953][T13629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  303.856958][T13629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  303.929238][T13628] syzkaller1: entered promiscuous mode
[  303.934770][T13628] syzkaller1: entered allmulticast mode
[  304.086704][T13641] xt_hashlimit: size too large, truncated to 1048576
[  304.186623][T13647] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2633'.
[  304.362402][T13658] syzkaller1: entered promiscuous mode
[  304.375448][T13658] syzkaller1: entered allmulticast mode
[  304.414437][T13651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2637'.
[  304.567051][T13651] set match dimension is over the limit!
[  304.886197][T13667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2640'.
[  305.109393][ T5833] Bluetooth: hci4: command 0x0405 tx timeout
[  305.222327][T13680] net_ratelimit: 15 callbacks suppressed
[  305.222344][T13680] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  305.277822][T13682] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  305.300235][T13682] netlink: 'syz.1.2646': attribute type 1 has an invalid length.
[  305.319652][T13682] netlink: 600 bytes leftover after parsing attributes in process `syz.1.2646'.
[  305.405896][T13689] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  305.456164][T13682] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2646'.
[  305.483481][T13699] netlink: 161716 bytes leftover after parsing attributes in process `syz.3.2651'.
[  305.528566][T13699] netlink: zone id is out of range
[  305.555594][T13699] netlink: zone id is out of range
[  305.616797][T13703] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  305.730536][T13709] netlink: 'syz.2.2655': attribute type 10 has an invalid length.
[  305.746866][T13709] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  305.868330][T13711] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  305.904075][T13720] set match dimension is over the limit!
[  306.077973][T13731] 8021q: VLANs not supported on nlmon0
[  306.207262][T13740] xt_hashlimit: max too large, truncated to 1048576
[  306.224323][T13737] sctp: [Deprecated]: syz.4.2665 (pid 13737) Use of struct sctp_assoc_value in delayed_ack socket option.
[  306.224323][T13737] Use struct sctp_sack_info instead
[  306.339419][T13748] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  306.373821][T13752] IPv6: Can't replace route, no match found
[  306.490511][T13759] netlink: 'syz.4.2673': attribute type 1 has an invalid length.
[  306.562266][T13759] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.581454][T13763] sch_tbf: burst 73484 is lower than device lo mtu (11337746) !
[  306.663631][T13759] ip6erspan0: entered promiscuous mode
[  306.697564][T13759] bond0: (slave ip6erspan0): making interface the new active one
[  306.718967][T13759] bond0: (slave ip6erspan0): Enslaving as an active interface with an up link
[  306.798659][T13764] vlan3: entered allmulticast mode
[  306.803831][T13764] bond0: entered allmulticast mode
[  306.830209][T13764] ip6erspan0: entered allmulticast mode
[  306.843902][T13764] bond0: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  306.896970][T13769] 8021q: VLANs not supported on nlmon0
[  306.942395][T13781] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  306.959000][T13781] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  306.968864][T13781] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  306.987862][T13781] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.110799][T13792] FAULT_INJECTION: forcing a failure.
[  307.110799][T13792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.130845][T13794] set match dimension is over the limit!
[  307.152393][T13792] CPU: 0 UID: 0 PID: 13792 Comm: syz.0.2685 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  307.152421][T13792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.152433][T13792] Call Trace:
[  307.152439][T13792]  <TASK>
[  307.152446][T13792]  dump_stack_lvl+0x189/0x250
[  307.152471][T13792]  ? __lock_acquire+0xaac/0xd20
[  307.152494][T13792]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.152516][T13792]  ? __pfx__printk+0x10/0x10
[  307.152533][T13792]  ? __might_fault+0xb0/0x130
[  307.152566][T13792]  should_fail_ex+0x414/0x560
[  307.152591][T13792]  _copy_from_user+0x2d/0xb0
[  307.152613][T13792]  ___sys_sendmsg+0x158/0x2a0
[  307.152637][T13792]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.152699][T13792]  ? __fget_files+0x2a/0x420
[  307.152720][T13792]  ? __fget_files+0x3a0/0x420
[  307.152753][T13792]  __x64_sys_sendmsg+0x19b/0x260
[  307.152780][T13792]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.152822][T13792]  ? do_syscall_64+0xba/0x210
[  307.152843][T13792]  do_syscall_64+0xf6/0x210
[  307.152863][T13792]  ? clear_bhb_loop+0x60/0xb0
[  307.152885][T13792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.152901][T13792] RIP: 0033:0x7fe337b8e969
[  307.152916][T13792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.152931][T13792] RSP: 002b:00007fe338a90038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.152950][T13792] RAX: ffffffffffffffda RBX: 00007fe337db5fa0 RCX: 00007fe337b8e969
[  307.152963][T13792] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  307.152972][T13792] RBP: 00007fe338a90090 R08: 0000000000000000 R09: 0000000000000000
[  307.152981][T13792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.152990][T13792] R13: 0000000000000000 R14: 00007fe337db5fa0 R15: 00007ffce4503388
[  307.153016][T13792]  </TASK>
[  307.612342][T13816] x_tables: duplicate underflow at hook 1
[  307.749097][T13817] netlink: 'syz.4.2694': attribute type 1 has an invalid length.
[  307.763744][T13824] 8021q: VLANs not supported on nlmon0
[  307.884819][T13830] FAULT_INJECTION: forcing a failure.
[  307.884819][T13830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.923003][T13830] CPU: 1 UID: 0 PID: 13830 Comm: syz.1.2699 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  307.923038][T13830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.923049][T13830] Call Trace:
[  307.923056][T13830]  <TASK>
[  307.923064][T13830]  dump_stack_lvl+0x189/0x250
[  307.923097][T13830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.923121][T13830]  ? __pfx__printk+0x10/0x10
[  307.923151][T13830]  should_fail_ex+0x414/0x560
[  307.923175][T13830]  _copy_to_user+0x31/0xb0
[  307.923202][T13830]  simple_read_from_buffer+0xe1/0x170
[  307.923229][T13830]  proc_fail_nth_read+0x1df/0x250
[  307.923254][T13830]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  307.923279][T13830]  ? rw_verify_area+0x258/0x650
[  307.923295][T13830]  ? aa_sk_perm+0x81e/0x950
[  307.923309][T13830]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  307.923333][T13830]  vfs_read+0x1fd/0x980
[  307.923351][T13830]  ? __pfx_aa_sk_perm+0x10/0x10
[  307.923372][T13830]  ? do_sock_setsockopt+0x267/0x3e0
[  307.923396][T13830]  ? __pfx_vfs_read+0x10/0x10
[  307.923411][T13830]  ? do_sock_setsockopt+0x267/0x3e0
[  307.923432][T13830]  ? kfree+0x4d/0x440
[  307.923453][T13830]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  307.923477][T13830]  ? do_sock_setsockopt+0x267/0x3e0
[  307.923503][T13830]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  307.923534][T13830]  ksys_read+0x145/0x250
[  307.923557][T13830]  ? __pfx_ksys_read+0x10/0x10
[  307.923580][T13830]  ? do_syscall_64+0xba/0x210
[  307.923604][T13830]  do_syscall_64+0xf6/0x210
[  307.923625][T13830]  ? clear_bhb_loop+0x60/0xb0
[  307.923647][T13830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.923664][T13830] RIP: 0033:0x7f0b8498d37c
[  307.923680][T13830] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  307.923695][T13830] RSP: 002b:00007f0b85721030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  307.923715][T13830] RAX: ffffffffffffffda RBX: 00007f0b84bb5fa0 RCX: 00007f0b8498d37c
[  307.923728][T13830] RDX: 000000000000000f RSI: 00007f0b857210a0 RDI: 0000000000000004
[  307.923739][T13830] RBP: 00007f0b85721090 R08: 0000000000000000 R09: 0000000000000000
[  307.923751][T13830] R10: 0000200000002080 R11: 0000000000000246 R12: 0000000000000001
[  307.923762][T13830] R13: 0000000000000000 R14: 00007f0b84bb5fa0 R15: 00007ffe2224b448
[  307.923791][T13830]  </TASK>
[  308.175517][T13838] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  308.193275][T13838] netlink: 'syz.4.2703': attribute type 1 has an invalid length.
[  308.213228][T13838] __nla_validate_parse: 8 callbacks suppressed
[  308.213247][T13838] netlink: 600 bytes leftover after parsing attributes in process `syz.4.2703'.
[  308.345784][T13852] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2703'.
[  308.449426][T13858] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  308.579061][T13865] netlink: 'syz.0.2714': attribute type 1 has an invalid length.
[  308.621299][T13866] 8021q: VLANs not supported on nlmon0
[  308.877732][T13885] veth0: entered allmulticast mode
[  308.893079][T13885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2719'.
[  309.013017][T13887] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2721'.
[  309.316460][T13887] macsec3: entered allmulticast mode
[  309.324370][T13887] bond0: entered allmulticast mode
[  309.341231][T13887] bond_slave_0: entered allmulticast mode
[  309.356972][T13887] bond_slave_1: entered allmulticast mode
[  309.379619][T13887] batadv0: entered allmulticast mode
[  309.405928][T13887] bond0: left allmulticast mode
[  309.410938][T13887] bond_slave_0: left allmulticast mode
[  309.421988][T13887] bond_slave_1: left allmulticast mode
[  309.427934][T13887] batadv0: left allmulticast mode
[  309.611957][T13902] bond0: entered promiscuous mode
[  309.622580][T13902] bond_slave_0: entered promiscuous mode
[  309.632852][T13902] bond_slave_1: entered promiscuous mode
[  309.643097][T13902] bond0: entered allmulticast mode
[  309.651437][T13902] bond_slave_0: entered allmulticast mode
[  309.658101][T13902] bond_slave_1: entered allmulticast mode
[  309.673890][T13902] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.683916][T13906] netlink: 'syz.0.2728': attribute type 1 has an invalid length.
[  309.852010][T13919] FAULT_INJECTION: forcing a failure.
[  309.852010][T13919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.853578][T13922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2731'.
[  309.881915][T13919] CPU: 1 UID: 0 PID: 13919 Comm: syz.2.2732 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  309.881942][T13919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.881954][T13919] Call Trace:
[  309.881962][T13919]  <TASK>
[  309.881970][T13919]  dump_stack_lvl+0x189/0x250
[  309.881998][T13919]  ? __lock_acquire+0xaac/0xd20
[  309.882025][T13919]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.882047][T13919]  ? __pfx__printk+0x10/0x10
[  309.882065][T13919]  ? __might_fault+0xb0/0x130
[  309.882097][T13919]  should_fail_ex+0x414/0x560
[  309.882120][T13919]  _copy_from_user+0x2d/0xb0
[  309.882145][T13919]  ___sys_sendmsg+0x158/0x2a0
[  309.882170][T13919]  ? __pfx____sys_sendmsg+0x10/0x10
[  309.882232][T13919]  ? __fget_files+0x2a/0x420
[  309.882253][T13919]  ? __fget_files+0x3a0/0x420
[  309.882283][T13919]  __x64_sys_sendmsg+0x19b/0x260
[  309.882306][T13919]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  309.882348][T13919]  ? do_syscall_64+0xba/0x210
[  309.882371][T13919]  do_syscall_64+0xf6/0x210
[  309.882389][T13919]  ? clear_bhb_loop+0x60/0xb0
[  309.882411][T13919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.882427][T13919] RIP: 0033:0x7faa4078e969
[  309.882443][T13919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.882458][T13919] RSP: 002b:00007faa41623038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  309.882478][T13919] RAX: ffffffffffffffda RBX: 00007faa409b5fa0 RCX: 00007faa4078e969
[  309.882491][T13919] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  309.882503][T13919] RBP: 00007faa41623090 R08: 0000000000000000 R09: 0000000000000000
[  309.882514][T13919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.882524][T13919] R13: 0000000000000000 R14: 00007faa409b5fa0 R15: 00007fffc59b59a8
[  309.882552][T13919]  </TASK>
[  310.458969][T13933] 8021q: VLANs not supported on nlmon0
[  310.582221][T13936] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  310.670326][T13941] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2741'.
[  310.701703][T13939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2740'.
[  310.738350][T13944] sctp: [Deprecated]: syz.2.2743 (pid 13944) Use of struct sctp_assoc_value in delayed_ack socket option.
[  310.738350][T13944] Use struct sctp_sack_info instead
[  310.765763][T13944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2743'.
[  310.770071][T13939] macsec1: entered allmulticast mode
[  310.801086][T13939] bond0: entered allmulticast mode
[  310.808416][T13939] 

: entered allmulticast mode
[  310.813942][T13939] bond_slave_1: entered allmulticast mode
[  310.823424][T13939] bond0: left allmulticast mode
[  310.828623][T13939] 

: left allmulticast mode
[  310.833487][T13939] bond_slave_1: left allmulticast mode
[  310.869348][T13941] smc: net device bond0 applied user defined pnetid SYZ2
[  310.877018][T13941] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ2
[  310.959596][T13951] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  311.024980][T13953] netlink: 'syz.4.2745': attribute type 1 has an invalid length.
[  311.481953][T13983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2757'.
[  311.513556][T13983] macsec1: entered allmulticast mode
[  311.523522][T13983] bond0: entered allmulticast mode
[  311.533723][T13983] 

: entered allmulticast mode
[  311.540713][T13983] bond_slave_1: entered allmulticast mode
[  311.961549][T13983] bond0: left allmulticast mode
[  311.975664][T13983] 

: left allmulticast mode
[  311.980471][T13983] bond_slave_1: left allmulticast mode
[  312.399210][T13998] netlink: 'syz.1.2761': attribute type 1 has an invalid length.
[  312.508148][T14001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2762'.
[  312.565716][T14009] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  312.621473][T14001] Cannot find set identified by id 0 to match
[  312.623022][T14009] netlink: 'syz.0.2765': attribute type 1 has an invalid length.
[  312.780300][T14020] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  312.979394][T14028] netlink: 'syz.2.2771': attribute type 3 has an invalid length.
[  313.344632][T14050] __nla_validate_parse: 5 callbacks suppressed
[  313.344651][T14050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2778'.
[  313.467654][T14055] pim6reg: entered allmulticast mode
[  313.524171][T14059] pim6reg: left allmulticast mode
[  313.594912][T14062] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2781'.
[  313.676785][T14068] xt_connbytes: Forcing CT accounting to be enabled
[  313.697031][T14068] set match dimension is over the limit!
[  313.750991][T14074] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  313.788765][T14074] netlink: 'syz.1.2784': attribute type 1 has an invalid length.
[  313.808545][T14074] netlink: 600 bytes leftover after parsing attributes in process `syz.1.2784'.
[  313.882402][T14078] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2784'.
[  314.033320][T14073] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2785'.
[  314.053396][T14083] tipc: Enabled bearer <udp:syz2>, priority 10
[  314.455771][T14107] 8021q: VLANs not supported on nlmon0
[  314.461565][T14108] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2796'.
[  314.538626][T14111] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  314.591958][T14108] pim6reg1: entered promiscuous mode
[  314.592631][T14111] netlink: 'syz.2.2799': attribute type 1 has an invalid length.
[  314.605179][T14108] pim6reg1: entered allmulticast mode
[  314.605189][T14111] netlink: 600 bytes leftover after parsing attributes in process `syz.2.2799'.
[  314.632440][T14108] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2796'.
[  314.648781][T14108] Cannot find del_set index 1 as target
[  314.722641][T14114] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2799'.
[  315.170592][T14142] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744071645954049)
[  315.208611][T14145] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2812'.
[  315.235486][T14142] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  315.269001][T14148] netlink: 'syz.3.2811': attribute type 1 has an invalid length.
[  315.652028][T14167] FAULT_INJECTION: forcing a failure.
[  315.652028][T14167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.695625][T14167] CPU: 0 UID: 0 PID: 14167 Comm: syz.4.2816 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  315.695652][T14167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.695663][T14167] Call Trace:
[  315.695672][T14167]  <TASK>
[  315.695680][T14167]  dump_stack_lvl+0x189/0x250
[  315.695708][T14167]  ? __lock_acquire+0xaac/0xd20
[  315.695733][T14167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.695752][T14167]  ? __pfx__printk+0x10/0x10
[  315.695770][T14167]  ? __might_fault+0xb0/0x130
[  315.695804][T14167]  should_fail_ex+0x414/0x560
[  315.695827][T14167]  _copy_from_user+0x2d/0xb0
[  315.695851][T14167]  ___sys_sendmsg+0x158/0x2a0
[  315.695878][T14167]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.695942][T14167]  ? __might_fault+0xb0/0x130
[  315.695969][T14167]  __sys_sendmmsg+0x227/0x430
[  315.695999][T14167]  ? __pfx___sys_sendmmsg+0x10/0x10
[  315.696030][T14167]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  315.696068][T14167]  ? ksys_write+0x1f0/0x250
[  315.696087][T14167]  ? rcu_is_watching+0x15/0xb0
[  315.696114][T14167]  __x64_sys_sendmmsg+0xa0/0xc0
[  315.696141][T14167]  do_syscall_64+0xf6/0x210
[  315.696162][T14167]  ? clear_bhb_loop+0x60/0xb0
[  315.696184][T14167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.696200][T14167] RIP: 0033:0x7f41d1d8e969
[  315.696217][T14167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.696232][T14167] RSP: 002b:00007f41d2b6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  315.696260][T14167] RAX: ffffffffffffffda RBX: 00007f41d1fb5fa0 RCX: 00007f41d1d8e969
[  315.696273][T14167] RDX: 040000000000037c RSI: 0000200000002440 RDI: 0000000000000004
[  315.696285][T14167] RBP: 00007f41d2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  315.696297][T14167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  315.696307][T14167] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  315.696337][T14167]  </TASK>
[  316.188666][T14177] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.264392][T14175] macsec1: entered allmulticast mode
[  316.281913][T14175] bond0: entered allmulticast mode
[  316.305572][T14175] 

: entered allmulticast mode
[  316.310663][T14175] bond_slave_1: entered allmulticast mode
[  316.332773][T14175] bond0: left allmulticast mode
[  316.341077][T14175] 

: left allmulticast mode
[  316.349641][T14175] bond_slave_1: left allmulticast mode
[  316.423354][T14177] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.527826][T14187] openvswitch: netlink: Flow key attr not present in new flow.
[  316.561087][T14177] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.703683][T14177] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.964183][T14177] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.051896][T14211] FAULT_INJECTION: forcing a failure.
[  317.051896][T14211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.058931][T14177] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.065377][T14211] CPU: 0 UID: 0 PID: 14211 Comm: syz.1.2831 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  317.065403][T14211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  317.065414][T14211] Call Trace:
[  317.065421][T14211]  <TASK>
[  317.065428][T14211]  dump_stack_lvl+0x189/0x250
[  317.065456][T14211]  ? __lock_acquire+0xaac/0xd20
[  317.065482][T14211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.065505][T14211]  ? __pfx__printk+0x10/0x10
[  317.065523][T14211]  ? __might_fault+0xb0/0x130
[  317.065555][T14211]  should_fail_ex+0x414/0x560
[  317.065579][T14211]  _copy_from_user+0x2d/0xb0
[  317.065603][T14211]  ___sys_recvmsg+0x12e/0x510
[  317.065634][T14211]  ? __pfx____sys_recvmsg+0x10/0x10
[  317.065689][T14211]  ? __might_fault+0xb0/0x130
[  317.065713][T14211]  do_recvmmsg+0x307/0x760
[  317.065738][T14211]  ? __pfx_do_recvmmsg+0x10/0x10
[  317.065765][T14211]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  317.065803][T14211]  __x64_sys_recvmmsg+0x190/0x240
[  317.065823][T14211]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  317.065843][T14211]  ? do_syscall_64+0xba/0x210
[  317.065866][T14211]  do_syscall_64+0xf6/0x210
[  317.065885][T14211]  ? clear_bhb_loop+0x60/0xb0
[  317.065906][T14211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.065922][T14211] RIP: 0033:0x7f0b8498e969
[  317.065938][T14211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.065952][T14211] RSP: 002b:00007f0b827f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  317.065970][T14211] RAX: ffffffffffffffda RBX: 00007f0b84bb6080 RCX: 00007f0b8498e969
[  317.065982][T14211] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000004
[  317.065994][T14211] RBP: 00007f0b827f6090 R08: 0000000000000000 R09: 0000000000000000
[  317.066005][T14211] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  317.066014][T14211] R13: 0000000000000001 R14: 00007f0b84bb6080 R15: 00007ffe2224b448
[  317.066042][T14211]  </TASK>
[  317.324918][T14177] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.396540][T14177] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.447736][T14223] FAULT_INJECTION: forcing a failure.
[  317.447736][T14223] name failslab, interval 1, probability 0, space 0, times 0
[  317.449917][T14218] Cannot find set identified by id 0 to match
[  317.470929][T14223] CPU: 1 UID: 0 PID: 14223 Comm: syz.4.2837 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  317.470956][T14223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  317.470967][T14223] Call Trace:
[  317.470974][T14223]  <TASK>
[  317.470982][T14223]  dump_stack_lvl+0x189/0x250
[  317.471014][T14223]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.471038][T14223]  ? __pfx__printk+0x10/0x10
[  317.471068][T14223]  ? __pfx___might_resched+0x10/0x10
[  317.471086][T14223]  ? fs_reclaim_acquire+0x7d/0x100
[  317.471116][T14223]  should_fail_ex+0x414/0x560
[  317.471142][T14223]  should_failslab+0xa8/0x100
[  317.471167][T14223]  __kmalloc_noprof+0xcb/0x4f0
[  317.471188][T14223]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  317.471215][T14223]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  317.471242][T14223]  genl_start+0x180/0x6c0
[  317.471259][T14223]  ? netlink_lookup+0x30/0x200
[  317.471284][T14223]  __netlink_dump_start+0x466/0x7e0
[  317.471315][T14223]  genl_family_rcv_msg_dumpit+0x1e7/0x2c0
[  317.471337][T14223]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  317.471354][T14223]  ? genl_get_cmd+0x67f/0x910
[  317.471373][T14223]  ? __pfx_genl_start+0x10/0x10
[  317.471387][T14223]  ? __pfx_genl_dumpit+0x10/0x10
[  317.471400][T14223]  ? __pfx_genl_done+0x10/0x10
[  317.471430][T14223]  genl_rcv_msg+0x5da/0x790
[  317.471453][T14223]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.471468][T14223]  ? __pfx_ethnl_default_start+0x10/0x10
[  317.471487][T14223]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  317.471507][T14223]  ? __pfx_ethnl_default_done+0x10/0x10
[  317.471540][T14223]  netlink_rcv_skb+0x205/0x470
[  317.471558][T14223]  ? __lock_acquire+0xaac/0xd20
[  317.471581][T14223]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.471599][T14223]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  317.471635][T14223]  ? down_read+0x1ad/0x2e0
[  317.471658][T14223]  genl_rcv+0x28/0x40
[  317.471674][T14223]  netlink_unicast+0x758/0x8d0
[  317.471707][T14223]  netlink_sendmsg+0x805/0xb30
[  317.471737][T14223]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.471763][T14223]  ? aa_sock_msg_perm+0x94/0x160
[  317.471784][T14223]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  317.471801][T14223]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.471823][T14223]  __sock_sendmsg+0x219/0x270
[  317.471844][T14223]  ____sys_sendmsg+0x505/0x830
[  317.471871][T14223]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.471901][T14223]  ? import_iovec+0x74/0xa0
[  317.471927][T14223]  ___sys_sendmsg+0x21f/0x2a0
[  317.471951][T14223]  ? __pfx____sys_sendmsg+0x10/0x10
[  317.472007][T14223]  ? __fget_files+0x2a/0x420
[  317.472028][T14223]  ? __fget_files+0x3a0/0x420
[  317.472069][T14223]  __x64_sys_sendmsg+0x19b/0x260
[  317.472095][T14223]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  317.472137][T14223]  ? do_syscall_64+0xba/0x210
[  317.472159][T14223]  do_syscall_64+0xf6/0x210
[  317.472180][T14223]  ? clear_bhb_loop+0x60/0xb0
[  317.472200][T14223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.472216][T14223] RIP: 0033:0x7f41d1d8e969
[  317.472232][T14223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.472247][T14223] RSP: 002b:00007f41d2b6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.472265][T14223] RAX: ffffffffffffffda RBX: 00007f41d1fb5fa0 RCX: 00007f41d1d8e969
[  317.472276][T14223] RDX: 0000000000000000 RSI: 0000200000001ac0 RDI: 0000000000000003
[  317.472287][T14223] RBP: 00007f41d2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  317.472295][T14223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.472304][T14223] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  317.472331][T14223]  </TASK>
[  317.970663][T14232] netlink: 'syz.4.2841': attribute type 1 has an invalid length.
[  318.002798][T14227] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  318.095695][T14227] netlink: 'syz.3.2838': attribute type 1 has an invalid length.
[  318.450634][ T2958] wlan0: failed to finalize CSA on link 0, disconnecting
[  318.513439][T14261] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  318.608528][T14263] FAULT_INJECTION: forcing a failure.
[  318.608528][T14263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.657338][T14263] CPU: 1 UID: 0 PID: 14263 Comm: syz.3.2851 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  318.657367][T14263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  318.657378][T14263] Call Trace:
[  318.657385][T14263]  <TASK>
[  318.657393][T14263]  dump_stack_lvl+0x189/0x250
[  318.657420][T14263]  ? __lock_acquire+0xaac/0xd20
[  318.657448][T14263]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.657472][T14263]  ? __pfx__printk+0x10/0x10
[  318.657494][T14263]  ? __might_fault+0xb0/0x130
[  318.657529][T14263]  should_fail_ex+0x414/0x560
[  318.657554][T14263]  _copy_to_iter+0x575/0x15a0
[  318.657589][T14263]  ? __pfx__copy_to_iter+0x10/0x10
[  318.657608][T14263]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  318.657633][T14263]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  318.657658][T14263]  __skb_datagram_iter+0x100/0x960
[  318.657677][T14263]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  318.657703][T14263]  skb_copy_datagram_iter+0xc5/0x230
[  318.657725][T14263]  netlink_recvmsg+0x2ab/0xa30
[  318.657758][T14263]  ? __pfx_netlink_recvmsg+0x10/0x10
[  318.657787][T14263]  ? aa_sock_msg_perm+0x94/0x160
[  318.657809][T14263]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  318.657828][T14263]  ? security_socket_recvmsg+0x7e/0x2e0
[  318.657852][T14263]  ? __pfx_netlink_recvmsg+0x10/0x10
[  318.657875][T14263]  sock_recvmsg+0x229/0x270
[  318.657899][T14263]  ____sys_recvmsg+0x1c9/0x460
[  318.657934][T14263]  ? __pfx_____sys_recvmsg+0x10/0x10
[  318.657973][T14263]  ? import_iovec+0x74/0xa0
[  318.658001][T14263]  ___sys_recvmsg+0x1b5/0x510
[  318.658033][T14263]  ? __pfx____sys_recvmsg+0x10/0x10
[  318.658078][T14263]  ? __fget_files+0x3a0/0x420
[  318.658108][T14263]  do_recvmmsg+0x307/0x760
[  318.658131][T14263]  ? __pfx_do_recvmmsg+0x10/0x10
[  318.658159][T14263]  ? _copy_from_user+0x94/0xb0
[  318.658206][T14263]  __x64_sys_recvmmsg+0x1af/0x240
[  318.658223][T14263]  ? rcu_is_watching+0x15/0xb0
[  318.658241][T14263]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  318.658263][T14263]  ? do_syscall_64+0xba/0x210
[  318.658287][T14263]  do_syscall_64+0xf6/0x210
[  318.658307][T14263]  ? clear_bhb_loop+0x60/0xb0
[  318.658328][T14263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.658345][T14263] RIP: 0033:0x7f128758e969
[  318.658360][T14263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.658375][T14263] RSP: 002b:00007f12883ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  318.658394][T14263] RAX: ffffffffffffffda RBX: 00007f12877b5fa0 RCX: 00007f128758e969
[  318.658408][T14263] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  318.658420][T14263] RBP: 00007f12883ee090 R08: 0000200000003700 R09: 0000000000000000
[  318.658432][T14263] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  318.658443][T14263] R13: 0000000000000000 R14: 00007f12877b5fa0 R15: 00007ffd8e2247b8
[  318.658472][T14263]  </TASK>
[  318.971985][T14242] __nla_validate_parse: 13 callbacks suppressed
[  318.972005][T14242] netlink: 264 bytes leftover after parsing attributes in process `syz.0.2842'.
[  319.001686][T14242] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2842'.
[  319.272867][T14288] FAULT_INJECTION: forcing a failure.
[  319.272867][T14288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.333799][T14288] CPU: 0 UID: 0 PID: 14288 Comm: syz.2.2861 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  319.333825][T14288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.333835][T14288] Call Trace:
[  319.333853][T14288]  <TASK>
[  319.333861][T14288]  dump_stack_lvl+0x189/0x250
[  319.333893][T14288]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.333917][T14288]  ? __pfx__printk+0x10/0x10
[  319.333946][T14288]  should_fail_ex+0x414/0x560
[  319.333972][T14288]  _copy_to_user+0x31/0xb0
[  319.333999][T14288]  simple_read_from_buffer+0xe1/0x170
[  319.334026][T14288]  proc_fail_nth_read+0x1df/0x250
[  319.334051][T14288]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.334079][T14288]  ? rw_verify_area+0x258/0x650
[  319.334096][T14288]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.334119][T14288]  vfs_read+0x1fd/0x980
[  319.334142][T14288]  ? __pfx___mutex_lock+0x10/0x10
[  319.334162][T14288]  ? __pfx_vfs_read+0x10/0x10
[  319.334182][T14288]  ? __fget_files+0x2a/0x420
[  319.334206][T14288]  ? __fget_files+0x3a0/0x420
[  319.334225][T14288]  ? __fget_files+0x2a/0x420
[  319.334253][T14288]  ksys_read+0x145/0x250
[  319.334275][T14288]  ? __pfx_ksys_read+0x10/0x10
[  319.334300][T14288]  ? do_syscall_64+0xba/0x210
[  319.334324][T14288]  do_syscall_64+0xf6/0x210
[  319.334344][T14288]  ? clear_bhb_loop+0x60/0xb0
[  319.334366][T14288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.334382][T14288] RIP: 0033:0x7faa4078d37c
[  319.334398][T14288] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  319.334413][T14288] RSP: 002b:00007faa41623030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  319.334433][T14288] RAX: ffffffffffffffda RBX: 00007faa409b5fa0 RCX: 00007faa4078d37c
[  319.334446][T14288] RDX: 000000000000000f RSI: 00007faa416230a0 RDI: 0000000000000004
[  319.334458][T14288] RBP: 00007faa41623090 R08: 0000000000000000 R09: 0000000000000000
[  319.334469][T14288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.334478][T14288] R13: 0000000000000000 R14: 00007faa409b5fa0 R15: 00007fffc59b59a8
[  319.334508][T14288]  </TASK>
[  319.388853][T14290] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  319.607479][T14285] netlink: 'syz.3.2858': attribute type 1 has an invalid length.
[  319.629162][T14285] netlink: 600 bytes leftover after parsing attributes in process `syz.3.2858'.
[  319.669804][T14306] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2865'.
[  319.739851][T14285] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2858'.
[  319.755613][T14306] unsupported nlmsg_type 40
[  319.836274][T14311] netlink: 410 bytes leftover after parsing attributes in process `syz.1.2868'.
[  319.860624][T14314] netlink: zone id is out of range
[  319.890247][T14314] netlink: zone id is out of range
[  319.914929][T14314] netlink: zone id is out of range
[  319.925685][T14314] netlink: zone id is out of range
[  319.931514][T14314] netlink: zone id is out of range
[  319.970719][T14314] netlink: zone id is out of range
[  319.998710][T14314] netlink: zone id is out of range
[  320.181287][T14329] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2874'.
[  320.196089][T14319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2869'.
[  320.205456][T14319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2869'.
[  320.278975][T14336] netlink: 'syz.0.2875': attribute type 1 has an invalid length.
[  320.361898][T14339] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2877'.
[  320.601458][T14354] netlink: 'syz.3.2881': attribute type 1 has an invalid length.
[  320.902554][T14363] vlan1: entered promiscuous mode
[  320.935587][T14363] erspan0: entered promiscuous mode
[  320.994002][T14366] macsec1: entered allmulticast mode
[  321.190078][T14372] tipc: Enabled bearer <udp:syz2>, priority 10
[  321.303567][T14377] FAULT_INJECTION: forcing a failure.
[  321.303567][T14377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.321079][T14377] CPU: 1 UID: 0 PID: 14377 Comm: syz.0.2890 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  321.321106][T14377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  321.321117][T14377] Call Trace:
[  321.321124][T14377]  <TASK>
[  321.321132][T14377]  dump_stack_lvl+0x189/0x250
[  321.321164][T14377]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.321188][T14377]  ? __pfx__printk+0x10/0x10
[  321.321218][T14377]  should_fail_ex+0x414/0x560
[  321.321244][T14377]  _copy_to_user+0x31/0xb0
[  321.321270][T14377]  simple_read_from_buffer+0xe1/0x170
[  321.321297][T14377]  proc_fail_nth_read+0x1df/0x250
[  321.321324][T14377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  321.321350][T14377]  ? rw_verify_area+0x258/0x650
[  321.321370][T14377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  321.321395][T14377]  vfs_read+0x1fd/0x980
[  321.321421][T14377]  ? __pfx___mutex_lock+0x10/0x10
[  321.321441][T14377]  ? __pfx_vfs_read+0x10/0x10
[  321.321462][T14377]  ? __fget_files+0x2a/0x420
[  321.321489][T14377]  ? __fget_files+0x3a0/0x420
[  321.321509][T14377]  ? __fget_files+0x2a/0x420
[  321.321539][T14377]  ksys_read+0x145/0x250
[  321.321561][T14377]  ? __pfx_ksys_read+0x10/0x10
[  321.321585][T14377]  ? do_syscall_64+0xba/0x210
[  321.321608][T14377]  do_syscall_64+0xf6/0x210
[  321.321628][T14377]  ? clear_bhb_loop+0x60/0xb0
[  321.321648][T14377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.321665][T14377] RIP: 0033:0x7fe337b8d37c
[  321.321680][T14377] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  321.321694][T14377] RSP: 002b:00007fe338a90030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  321.321713][T14377] RAX: ffffffffffffffda RBX: 00007fe337db5fa0 RCX: 00007fe337b8d37c
[  321.321726][T14377] RDX: 000000000000000f RSI: 00007fe338a900a0 RDI: 0000000000000004
[  321.321737][T14377] RBP: 00007fe338a90090 R08: 0000000000000000 R09: 0000000000000000
[  321.321748][T14377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.321758][T14377] R13: 0000000000000000 R14: 00007fe337db5fa0 R15: 00007ffce4503388
[  321.321788][T14377]  </TASK>
[  321.880160][T14387] veth1_to_peam: renamed from gre0
[  321.902468][T14387] veth1_to_peam: entered promiscuous mode
[  321.920148][T14390] Cannot find set identified by id 0 to match
[  321.933352][T14387] net_ratelimit: 6 callbacks suppressed
[  321.933370][T14387] A link change request failed with some changes committed already. Interface veth1_to_peam may have been left with an inconsistent configuration, please check.
[  321.959878][T14389] 8021q: VLANs not supported on nlmon0
[  322.030074][ T5833] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  322.040121][ T5833] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  322.058258][ T5833] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  322.087543][ T5833] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  322.095508][ T5833] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  322.273781][T14397] netlink: 'syz.0.2897': attribute type 1 has an invalid length.
[  322.960359][T14393] chnl_net:caif_netlink_parms(): no params data found
[  323.143812][T14430] FAULT_INJECTION: forcing a failure.
[  323.143812][T14430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.195734][T14430] CPU: 0 UID: 0 PID: 14430 Comm: syz.4.2907 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  323.195759][T14430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  323.195770][T14430] Call Trace:
[  323.195778][T14430]  <TASK>
[  323.195786][T14430]  dump_stack_lvl+0x189/0x250
[  323.195812][T14430]  ? __lock_acquire+0xaac/0xd20
[  323.195838][T14430]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.195860][T14430]  ? __pfx__printk+0x10/0x10
[  323.195877][T14430]  ? __might_fault+0xb0/0x130
[  323.195910][T14430]  should_fail_ex+0x414/0x560
[  323.195930][T14430]  _copy_to_iter+0x575/0x15a0
[  323.195964][T14430]  ? __pfx__copy_to_iter+0x10/0x10
[  323.195983][T14430]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  323.196006][T14430]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  323.196029][T14430]  __skb_datagram_iter+0x100/0x960
[  323.196047][T14430]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  323.196072][T14430]  skb_copy_datagram_iter+0xc5/0x230
[  323.196094][T14430]  netlink_recvmsg+0x2ab/0xa30
[  323.196128][T14430]  ? __pfx_netlink_recvmsg+0x10/0x10
[  323.196155][T14430]  ? aa_sock_msg_perm+0x94/0x160
[  323.196177][T14430]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  323.196196][T14430]  ? security_socket_recvmsg+0x7e/0x2e0
[  323.196219][T14430]  ? __pfx_netlink_recvmsg+0x10/0x10
[  323.196242][T14430]  sock_recvmsg+0x229/0x270
[  323.196266][T14430]  ____sys_recvmsg+0x1c9/0x460
[  323.196295][T14430]  ? __pfx_____sys_recvmsg+0x10/0x10
[  323.196332][T14430]  ? import_iovec+0x74/0xa0
[  323.196360][T14430]  ___sys_recvmsg+0x1b5/0x510
[  323.196391][T14430]  ? __pfx____sys_recvmsg+0x10/0x10
[  323.196441][T14430]  ? __fget_files+0x3a0/0x420
[  323.196483][T14430]  do_recvmmsg+0x307/0x760
[  323.196506][T14430]  ? __pfx_do_recvmmsg+0x10/0x10
[  323.196536][T14430]  ? _copy_from_user+0x94/0xb0
[  323.196575][T14430]  __x64_sys_recvmmsg+0x1af/0x240
[  323.196590][T14430]  ? rcu_is_watching+0x15/0xb0
[  323.196608][T14430]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  323.196627][T14430]  ? do_syscall_64+0xba/0x210
[  323.196651][T14430]  do_syscall_64+0xf6/0x210
[  323.196670][T14430]  ? clear_bhb_loop+0x60/0xb0
[  323.196693][T14430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.196708][T14430] RIP: 0033:0x7f41d1d8e969
[  323.196723][T14430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.196737][T14430] RSP: 002b:00007f41d2b6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  323.196757][T14430] RAX: ffffffffffffffda RBX: 00007f41d1fb5fa0 RCX: 00007f41d1d8e969
[  323.196769][T14430] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  323.196781][T14430] RBP: 00007f41d2b6c090 R08: 0000200000003700 R09: 0000000000000000
[  323.196792][T14430] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  323.196802][T14430] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  323.196832][T14430]  </TASK>
[  323.526438][T14393] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.533623][T14393] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.612623][T14393] bridge_slave_0: entered allmulticast mode
[  323.658517][T14393] bridge_slave_0: entered promiscuous mode
[  323.700291][T14393] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.707975][T14393] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.715511][T14393] bridge_slave_1: entered allmulticast mode
[  323.723406][T14393] bridge_slave_1: entered promiscuous mode
[  323.756921][T14440] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  323.840500][T14393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.858080][T14393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.965625][T14393] team0: Port device team_slave_0 added
[  323.976118][T14393] team0: Port device team_slave_1 added
[  324.060759][T14393] batman_adv: batadv0: Adding interface: batadv_slave_0
[  324.085826][T14393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.145931][ T5841] Bluetooth: hci5: command tx timeout
[  324.155482][T14393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  324.189378][T14393] batman_adv: batadv0: Adding interface: batadv_slave_1
[  324.196527][T14393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.240185][T14393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.274195][T14451] gtp0: entered promiscuous mode
[  324.279392][T14451] gtp0: entered allmulticast mode
[  324.417110][T14393] hsr_slave_0: entered promiscuous mode
[  324.434934][T14393] hsr_slave_1: entered promiscuous mode
[  324.564513][T14459] __nla_validate_parse: 15 callbacks suppressed
[  324.564531][T14459] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.2916'.
[  324.811200][T14467] FAULT_INJECTION: forcing a failure.
[  324.811200][T14467] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.857458][T14467] CPU: 0 UID: 0 PID: 14467 Comm: syz.4.2919 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  324.857482][T14467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  324.857491][T14467] Call Trace:
[  324.857498][T14467]  <TASK>
[  324.857504][T14467]  dump_stack_lvl+0x189/0x250
[  324.857528][T14467]  ? __lock_acquire+0xaac/0xd20
[  324.857550][T14467]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.857569][T14467]  ? __pfx__printk+0x10/0x10
[  324.857592][T14467]  ? __might_fault+0xb0/0x130
[  324.857617][T14467]  should_fail_ex+0x414/0x560
[  324.857638][T14467]  _copy_from_iter+0x1db/0x15a0
[  324.857663][T14467]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  324.857678][T14467]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  324.857696][T14467]  ? __pfx__copy_from_iter+0x10/0x10
[  324.857715][T14467]  ? __build_skb_around+0x257/0x3e0
[  324.857738][T14467]  ? netlink_sendmsg+0x642/0xb30
[  324.857757][T14467]  ? skb_put+0x11b/0x210
[  324.857779][T14467]  netlink_sendmsg+0x6b2/0xb30
[  324.857806][T14467]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.857828][T14467]  ? aa_sock_msg_perm+0x94/0x160
[  324.857848][T14467]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  324.857867][T14467]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.857888][T14467]  __sock_sendmsg+0x219/0x270
[  324.857909][T14467]  ____sys_sendmsg+0x505/0x830
[  324.857934][T14467]  ? __pfx_____sys_sendmsg+0x10/0x10
[  324.857964][T14467]  ? import_iovec+0x74/0xa0
[  324.857990][T14467]  ___sys_sendmsg+0x21f/0x2a0
[  324.858016][T14467]  ? __pfx____sys_sendmsg+0x10/0x10
[  324.858072][T14467]  ? __fget_files+0x2a/0x420
[  324.858092][T14467]  ? __fget_files+0x3a0/0x420
[  324.858123][T14467]  __x64_sys_sendmsg+0x19b/0x260
[  324.858148][T14467]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  324.858184][T14467]  ? do_syscall_64+0xba/0x210
[  324.858205][T14467]  do_syscall_64+0xf6/0x210
[  324.858225][T14467]  ? clear_bhb_loop+0x60/0xb0
[  324.858246][T14467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.858263][T14467] RIP: 0033:0x7f41d1d8e969
[  324.858279][T14467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.858293][T14467] RSP: 002b:00007f41d2b6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  324.858311][T14467] RAX: ffffffffffffffda RBX: 00007f41d1fb5fa0 RCX: 00007f41d1d8e969
[  324.858324][T14467] RDX: e821651e0a1b45fc RSI: 0000200000000800 RDI: 0000000000000003
[  324.858334][T14467] RBP: 00007f41d2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  324.858345][T14467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.858355][T14467] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  324.858383][T14467]  </TASK>
[  324.991234][T14393] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.247426][T14393] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.267780][T14473] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2921'.
[  325.343297][T14393] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.412656][T14479] nbd: must specify a device to reconfigure
[  325.423920][T14477] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2923'.
[  325.440365][T14479] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2924'.
[  325.452964][T14393] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.455377][T14477] netlink: 43 bytes leftover after parsing attributes in process `syz.0.2923'.
[  325.505596][T14477] netlink: 'syz.0.2923': attribute type 6 has an invalid length.
[  325.513759][T14477] netlink: 'syz.0.2923': attribute type 5 has an invalid length.
[  325.535429][T14477] netlink: 43 bytes leftover after parsing attributes in process `syz.0.2923'.
[  325.879425][T14488] pim6reg1: entered promiscuous mode
[  325.898424][T14488] pim6reg1: entered allmulticast mode
[  326.229452][ T5841] Bluetooth: hci5: command tx timeout
[  326.468009][T14492] ip6gre2: entered allmulticast mode
[  326.562073][T14393] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  326.574286][T14496] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2929'.
[  326.609235][T14393] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  326.610825][T14494] ipt_ECN: cannot use operation on non-tcp rule
[  326.633690][T14393] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  326.659796][T14393] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  326.696509][T14498] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2931'.
[  326.706481][T14498] nbd: must specify at least one socket
[  326.718947][T14498] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2931'.
[  326.728304][T14498] netlink: 'syz.0.2931': attribute type 2 has an invalid length.
[  326.736576][T14498] netlink: 'syz.0.2931': attribute type 1 has an invalid length.
[  326.766833][T14500] FAULT_INJECTION: forcing a failure.
[  326.766833][T14500] name failslab, interval 1, probability 0, space 0, times 0
[  326.794046][T14500] CPU: 0 UID: 0 PID: 14500 Comm: syz.4.2932 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  326.794096][T14500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.794113][T14500] Call Trace:
[  326.794121][T14500]  <TASK>
[  326.794130][T14500]  dump_stack_lvl+0x189/0x250
[  326.794162][T14500]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.794187][T14500]  ? __pfx__printk+0x10/0x10
[  326.794211][T14500]  ? __pfx___might_resched+0x10/0x10
[  326.794235][T14500]  should_fail_ex+0x414/0x560
[  326.794260][T14500]  ? alloc_netdev_mqs+0xa8b/0x11e0
[  326.794277][T14500]  should_failslab+0xa8/0x100
[  326.794302][T14500]  __kvmalloc_node_noprof+0x168/0x5e0
[  326.794326][T14500]  ? alloc_netdev_mqs+0xa8b/0x11e0
[  326.794351][T14500]  alloc_netdev_mqs+0xa8b/0x11e0
[  326.794383][T14500]  ppp_ioctl+0x634/0x19a0
[  326.794414][T14500]  ? __pfx_ppp_ioctl+0x10/0x10
[  326.794445][T14500]  ? ksys_write+0x1e1/0x250
[  326.794464][T14500]  ? rcu_is_watching+0x15/0xb0
[  326.794485][T14500]  ? bpf_lsm_file_ioctl+0x9/0x20
[  326.794507][T14500]  ? __pfx_ppp_ioctl+0x10/0x10
[  326.794529][T14500]  __se_sys_ioctl+0xf9/0x170
[  326.794551][T14500]  do_syscall_64+0xf6/0x210
[  326.794573][T14500]  ? clear_bhb_loop+0x60/0xb0
[  326.794594][T14500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.794611][T14500] RIP: 0033:0x7f41d1d8e969
[  326.794627][T14500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.794641][T14500] RSP: 002b:00007f41d2b6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  326.794659][T14500] RAX: ffffffffffffffda RBX: 00007f41d1fb5fa0 RCX: 00007f41d1d8e969
[  326.794672][T14500] RDX: 000000110e22fff6 RSI: 00000000c004743e RDI: 0000000000000003
[  326.794684][T14500] RBP: 00007f41d2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  326.794695][T14500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  326.794705][T14500] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  326.794736][T14500]  </TASK>
[  326.908467][T14393] 8021q: adding VLAN 0 to HW filter on device bond0
[  327.111721][T14505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2934'.
[  327.126577][T14393] 8021q: adding VLAN 0 to HW filter on device team0
[  327.171165][T14505] macsec2: entered allmulticast mode
[  327.185525][T14505] bond0: entered allmulticast mode
[  327.190681][T14505] 

: entered allmulticast mode
[  327.217734][T14505] bond_slave_1: entered allmulticast mode
[  327.223522][T14505] batadv0: entered allmulticast mode
[  327.276097][T14505] bond0: left allmulticast mode
[  327.281007][T14505] 

: left allmulticast mode
[  327.320526][T14505] bond_slave_1: left allmulticast mode
[  327.345930][T14505] batadv0: left allmulticast mode
[  327.423444][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.430745][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  327.511332][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.518673][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  327.632294][ T5841] Bluetooth: hci4: link tx timeout
[  327.640205][ T5841] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  328.282884][T14393] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.313830][ T5833] Bluetooth: hci5: command tx timeout
[  328.613128][T14393] veth0_vlan: entered promiscuous mode
[  328.659072][T14393] veth1_vlan: entered promiscuous mode
[  328.756214][T14393] veth0_macvtap: entered promiscuous mode
[  328.778287][T14393] veth1_macvtap: entered promiscuous mode
[  328.832603][T14393] batman_adv: batadv0: Interface activated: batadv_slave_0
[  328.878226][T14393] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.898837][T14393] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.929441][T14393] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.948644][T14393] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.972898][T14393] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.004748][T14562] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  329.038948][T14562] netlink: 'syz.3.2951': attribute type 1 has an invalid length.
[  329.174425][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.208808][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.312566][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.340651][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.682105][ T5833] Bluetooth: hci4: command 0x0405 tx timeout
[  330.389090][ T5841] Bluetooth: hci5: command tx timeout
[  330.715577][T14604] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  330.859543][T14605] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input6
[  330.925049][T14609] netlink: 'syz.0.2962': attribute type 1 has an invalid length.
[  330.961392][T14609] __nla_validate_parse: 3 callbacks suppressed
[  330.961411][T14609] netlink: 600 bytes leftover after parsing attributes in process `syz.0.2962'.
[  330.994738][T14615] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2963'.
[  331.007690][ T5833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  331.019240][ T5833] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  331.032339][ T5833] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  331.040989][ T5833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  331.052329][ T5833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  331.344531][T14624] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2965'.
[  331.774714][T14637] 8021q: VLANs not supported on caif0
[  331.800606][T14640] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2973'.
[  331.958835][T14643] FAULT_INJECTION: forcing a failure.
[  331.958835][T14643] name failslab, interval 1, probability 0, space 0, times 0
[  332.006656][T14643] CPU: 1 UID: 0 PID: 14643 Comm: syz.0.2975 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  332.006684][T14643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  332.006695][T14643] Call Trace:
[  332.006702][T14643]  <TASK>
[  332.006711][T14643]  dump_stack_lvl+0x189/0x250
[  332.006742][T14643]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.006766][T14643]  ? __pfx__printk+0x10/0x10
[  332.006790][T14643]  ? __pfx___might_resched+0x10/0x10
[  332.006806][T14643]  ? fs_reclaim_acquire+0x7d/0x100
[  332.006835][T14643]  should_fail_ex+0x414/0x560
[  332.006860][T14643]  should_failslab+0xa8/0x100
[  332.006885][T14643]  kmem_cache_alloc_noprof+0x73/0x3c0
[  332.006905][T14643]  ? _sctp_make_chunk+0x14e/0x430
[  332.006931][T14643]  _sctp_make_chunk+0x14e/0x430
[  332.006958][T14643]  sctp_make_datafrag_empty+0x122/0x230
[  332.006979][T14643]  ? sctp_datamsg_from_user+0x88/0xef0
[  332.006999][T14643]  ? __pfx_sctp_make_datafrag_empty+0x10/0x10
[  332.007025][T14643]  ? sctp_user_addto_chunk+0xa8/0x240
[  332.007051][T14643]  sctp_datamsg_from_user+0x729/0xef0
[  332.007093][T14643]  sctp_sendmsg_to_asoc+0x1003/0x1810
[  332.007116][T14643]  ? __asan_memcpy+0x40/0x70
[  332.007142][T14643]  ? sctp_assoc_add_peer+0xcfa/0x13b0
[  332.007183][T14643]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  332.007208][T14643]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  332.007230][T14643]  ? __local_bh_enable_ip+0x12d/0x1c0
[  332.007255][T14643]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  332.007276][T14643]  ? security_sctp_bind_connect+0x7e/0x2e0
[  332.007297][T14643]  sctp_sendmsg+0x1941/0x2810
[  332.007334][T14643]  ? __pfx_sctp_sendmsg+0x10/0x10
[  332.007361][T14643]  ? aa_sk_perm+0x81e/0x950
[  332.007385][T14643]  ? __pfx_aa_sk_perm+0x10/0x10
[  332.007408][T14643]  ? sock_rps_record_flow+0x19/0x410
[  332.007432][T14643]  ? inet_sendmsg+0x2f4/0x370
[  332.007455][T14643]  __sock_sendmsg+0x19c/0x270
[  332.007480][T14643]  __sys_sendto+0x3bd/0x520
[  332.007504][T14643]  ? __pfx___sys_sendto+0x10/0x10
[  332.007524][T14643]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  332.007557][T14643]  ? __fget_files+0x3a0/0x420
[  332.007598][T14643]  ? ksys_write+0x1f0/0x250
[  332.007617][T14643]  ? rcu_is_watching+0x15/0xb0
[  332.007643][T14643]  __x64_sys_sendto+0xde/0x100
[  332.007670][T14643]  do_syscall_64+0xf6/0x210
[  332.007690][T14643]  ? clear_bhb_loop+0x60/0xb0
[  332.007712][T14643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.007728][T14643] RIP: 0033:0x7fe337b8e969
[  332.007744][T14643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.007760][T14643] RSP: 002b:00007fe338a90038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  332.007779][T14643] RAX: ffffffffffffffda RBX: 00007fe337db5fa0 RCX: 00007fe337b8e969
[  332.007792][T14643] RDX: 0000000000034000 RSI: 0000200000000100 RDI: 0000000000000003
[  332.007804][T14643] RBP: 00007fe338a90090 R08: 00002000000000c0 R09: 0000000000000010
[  332.007816][T14643] R10: 00000000040048c4 R11: 0000000000000246 R12: 0000000000000002
[  332.007827][T14643] R13: 0000000000000000 R14: 00007fe337db5fa0 R15: 00007ffce4503388
[  332.007857][T14643]  </TASK>
[  332.396189][T14652] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  332.447376][T14648] pimreg3: entered allmulticast mode
[  332.454949][T14648] netlink: 'syz.2.2977': attribute type 1 has an invalid length.
[  332.462834][T14648] netlink: 600 bytes leftover after parsing attributes in process `syz.2.2977'.
[  332.508934][T14658] netlink: 'syz.1.2979': attribute type 1 has an invalid length.
[  332.517044][T14658] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2979'.
[  332.631323][T14612] chnl_net:caif_netlink_parms(): no params data found
[  332.869175][T14670] sch_tbf: burst 2 is lower than device ip6gre0 mtu (1448) !
[  332.926380][T14676] FAULT_INJECTION: forcing a failure.
[  332.926380][T14676] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  332.928877][T14674] sch_tbf: burst 2 is lower than device ip6gre0 mtu (1448) !
[  332.952764][T14674] sch_tbf: burst 2 is lower than device ip6gre0 mtu (1448) !
[  332.960589][T14676] CPU: 1 UID: 0 PID: 14676 Comm: syz.1.2982 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  332.960614][T14676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  332.960626][T14676] Call Trace:
[  332.960633][T14676]  <TASK>
[  332.960641][T14676]  dump_stack_lvl+0x189/0x250
[  332.960678][T14676]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.960702][T14676]  ? __pfx__printk+0x10/0x10
[  332.960723][T14676]  ? fs_reclaim_acquire+0x7d/0x100
[  332.960764][T14676]  should_fail_ex+0x414/0x560
[  332.960790][T14676]  prepare_alloc_pages+0x213/0x610
[  332.960815][T14676]  __alloc_frozen_pages_noprof+0x123/0x370
[  332.960832][T14676]  ? do_recvmmsg+0x307/0x760
[  332.960851][T14676]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  332.960878][T14676]  ? policy_nodemask+0x27c/0x720
[  332.960899][T14676]  ? __lock_acquire+0xaac/0xd20
[  332.960927][T14676]  alloc_pages_mpol+0x232/0x4a0
[  332.960955][T14676]  vma_alloc_folio_noprof+0xe4/0x200
[  332.960982][T14676]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  332.961018][T14676]  folio_prealloc+0x30/0x180
[  332.961042][T14676]  __handle_mm_fault+0x2b28/0x5380
[  332.961084][T14676]  ? __pfx___handle_mm_fault+0x10/0x10
[  332.961127][T14676]  ? find_vma+0xe7/0x160
[  332.961147][T14676]  ? __pfx_find_vma+0x10/0x10
[  332.961171][T14676]  handle_mm_fault+0x40a/0x8e0
[  332.961203][T14676]  do_user_addr_fault+0x764/0x1390
[  332.961238][T14676]  exc_page_fault+0x68/0x110
[  332.961261][T14676]  asm_exc_page_fault+0x26/0x30
[  332.961277][T14676] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  332.961302][T14676] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 7f f2 03 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  332.961316][T14676] RSP: 0018:ffffc9000c307518 EFLAGS: 00050206
[  332.961333][T14676] RAX: ffff88802476c001 RBX: ffff88802476c0b4 RCX: 0000000000000df8
[  332.961345][T14676] RDX: 0000000000000000 RSI: ffff88802476c0b4 RDI: 0000200000001b40
[  332.961357][T14676] RBP: ffffc9000c307678 R08: ffff88802476ceab R09: 1ffff110048ed9d5
[  332.961370][T14676] R10: dffffc0000000000 R11: ffffed10048ed9d6 R12: dffffc0000000000
[  332.961382][T14676] R13: 0000000000000df8 R14: 00007ffffffff000 R15: 0000200000002938
[  332.961414][T14676]  _copy_to_iter+0x5f6/0x15a0
[  332.961450][T14676]  ? __pfx__copy_to_iter+0x10/0x10
[  332.961469][T14676]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  332.961493][T14676]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  332.961519][T14676]  __skb_datagram_iter+0x100/0x960
[  332.961538][T14676]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  332.961564][T14676]  skb_copy_datagram_iter+0xc5/0x230
[  332.961586][T14676]  netlink_recvmsg+0x2ab/0xa30
[  332.961620][T14676]  ? __pfx_netlink_recvmsg+0x10/0x10
[  332.961649][T14676]  ? aa_sock_msg_perm+0x94/0x160
[  332.961671][T14676]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  332.961692][T14676]  ? __pfx_netlink_recvmsg+0x10/0x10
[  332.961716][T14676]  sock_recvmsg_nosec+0x186/0x1c0
[  332.961746][T14676]  ____sys_recvmsg+0x3aa/0x460
[  332.961782][T14676]  ? __pfx_____sys_recvmsg+0x10/0x10
[  332.961823][T14676]  ? import_iovec+0x74/0xa0
[  332.961851][T14676]  ___sys_recvmsg+0x1b5/0x510
[  332.961882][T14676]  ? __pfx____sys_recvmsg+0x10/0x10
[  332.961941][T14676]  ? __might_fault+0xb0/0x130
[  332.961967][T14676]  do_recvmmsg+0x307/0x760
[  332.961994][T14676]  ? __pfx_do_recvmmsg+0x10/0x10
[  332.962024][T14676]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  332.962063][T14676]  __x64_sys_recvmmsg+0x190/0x240
[  332.962079][T14676]  ? rcu_is_watching+0x15/0xb0
[  332.962096][T14676]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  332.962118][T14676]  ? do_syscall_64+0xba/0x210
[  332.962141][T14676]  do_syscall_64+0xf6/0x210
[  332.962161][T14676]  ? clear_bhb_loop+0x60/0xb0
[  332.962182][T14676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.962198][T14676] RIP: 0033:0x7f0b8498e969
[  332.962214][T14676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.962228][T14676] RSP: 002b:00007f0b827f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  332.962245][T14676] RAX: ffffffffffffffda RBX: 00007f0b84bb6080 RCX: 00007f0b8498e969
[  332.962257][T14676] RDX: 0000000000000004 RSI: 0000200000000b00 RDI: 0000000000000003
[  332.962269][T14676] RBP: 00007f0b827f6090 R08: 0000000000000000 R09: 0000000000000000
[  332.962280][T14676] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000002
[  332.962290][T14676] R13: 0000000000000001 R14: 00007f0b84bb6080 R15: 00007ffe2224b448
[  332.962320][T14676]  </TASK>
[  332.964397][T14612] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.106009][ T5841] Bluetooth: hci1: command tx timeout
[  333.885535][T14612] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.892787][T14612] bridge_slave_0: entered allmulticast mode
[  333.907098][T14612] bridge_slave_0: entered promiscuous mode
[  333.934241][T14690] 8021q: VLANs not supported on caif0
[  333.975519][T14612] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.982832][T14612] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.025521][T14612] bridge_slave_1: entered allmulticast mode
[  334.060007][T14612] bridge_slave_1: entered promiscuous mode
[  334.219434][T14612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.253792][T14612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  334.277818][T14701] netlink: 'syz.0.2989': attribute type 1 has an invalid length.
[  334.305461][T14701] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2989'.
[  334.380263][T14700] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2987'.
[  334.424143][T14700] set match dimension is over the limit!
[  334.502414][T14612] team0: Port device team_slave_0 added
[  334.546861][T14612] team0: Port device team_slave_1 added
[  334.691965][T14712] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2995'.
[  334.695485][T14612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.718921][T14612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.747856][T14612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.764755][T14612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  334.772140][T14612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.800214][T14612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.083564][T14728] FAULT_INJECTION: forcing a failure.
[  335.083564][T14728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.101596][T14722] 8021q: VLANs not supported on caif0
[  335.102441][T14728] CPU: 1 UID: 0 PID: 14728 Comm: syz.4.3001 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  335.102464][T14728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  335.102475][T14728] Call Trace:
[  335.102482][T14728]  <TASK>
[  335.102490][T14728]  dump_stack_lvl+0x189/0x250
[  335.102516][T14728]  ? __lock_acquire+0xaac/0xd20
[  335.102543][T14728]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.102564][T14728]  ? __pfx__printk+0x10/0x10
[  335.102582][T14728]  ? __might_fault+0xb0/0x130
[  335.102614][T14728]  should_fail_ex+0x414/0x560
[  335.102638][T14728]  _copy_from_user+0x2d/0xb0
[  335.102663][T14728]  ___sys_sendmsg+0x158/0x2a0
[  335.102689][T14728]  ? __pfx____sys_sendmsg+0x10/0x10
[  335.102749][T14728]  ? __fget_files+0x2a/0x420
[  335.102769][T14728]  ? __fget_files+0x3a0/0x420
[  335.102800][T14728]  __sys_sendmmsg+0x227/0x430
[  335.102830][T14728]  ? __pfx___sys_sendmmsg+0x10/0x10
[  335.102862][T14728]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  335.102899][T14728]  ? ksys_write+0x1f0/0x250
[  335.102916][T14728]  ? rcu_is_watching+0x15/0xb0
[  335.102942][T14728]  __x64_sys_sendmmsg+0xa0/0xc0
[  335.102968][T14728]  do_syscall_64+0xf6/0x210
[  335.102988][T14728]  ? clear_bhb_loop+0x60/0xb0
[  335.103008][T14728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.103025][T14728] RIP: 0033:0x7f41d1d8e969
[  335.103040][T14728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.103055][T14728] RSP: 002b:00007f41d2b6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  335.103073][T14728] RAX: ffffffffffffffda RBX: 00007f41d1fb5fa0 RCX: 00007f41d1d8e969
[  335.103086][T14728] RDX: 0000000000000001 RSI: 0000200000000640 RDI: 0000000000000004
[  335.103097][T14728] RBP: 00007f41d2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  335.103108][T14728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.103118][T14728] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  335.103147][T14728]  </TASK>
[  335.188969][ T5841] Bluetooth: hci1: command tx timeout
[  335.343640][T14730] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3002'.
[  335.344531][T14612] hsr_slave_0: entered promiscuous mode
[  335.385031][T14612] hsr_slave_1: entered promiscuous mode
[  335.410845][T14612] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  335.428477][T14612] Cannot create hsr debugfs directory
[  335.616423][T14735] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  335.794636][T14742] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  335.814249][T14612] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.907685][T14612] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.000872][T14612] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.050758][T14753] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3008'.
[  336.094637][T14612] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.340820][T14612] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  336.355151][T14612] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  336.386899][T14612] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  336.409979][T14612] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  336.458723][T14768] netlink: 'syz.2.3013': attribute type 1 has an invalid length.
[  336.617673][T14612] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.686936][T14612] 8021q: adding VLAN 0 to HW filter on device team0
[  336.717904][T14773] netlink: 'syz.2.3015': attribute type 4 has an invalid length.
[  336.719334][ T1077] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.732867][ T1077] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.769210][ T1077] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.776443][ T1077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.936912][T14612] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  336.956000][T14776] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  336.973714][T14782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3019'.
[  337.109793][T14612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.167874][T14797] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3023'.
[  337.236191][T14612] veth0_vlan: entered promiscuous mode
[  337.265593][ T5841] Bluetooth: hci1: command tx timeout
[  337.272081][T14805] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3023'.
[  337.278264][T14803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3025'.
[  337.286559][T14612] veth1_vlan: entered promiscuous mode
[  337.291050][T14803] FAULT_INJECTION: forcing a failure.
[  337.291050][T14803] name failslab, interval 1, probability 0, space 0, times 0
[  337.308804][T14803] CPU: 1 UID: 0 PID: 14803 Comm: syz.4.3025 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  337.308826][T14803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  337.308836][T14803] Call Trace:
[  337.308842][T14803]  <TASK>
[  337.308849][T14803]  dump_stack_lvl+0x189/0x250
[  337.308880][T14803]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.308904][T14803]  ? __pfx__printk+0x10/0x10
[  337.308923][T14803]  ? __pfx___might_resched+0x10/0x10
[  337.308940][T14803]  ? fs_reclaim_acquire+0x7d/0x100
[  337.308969][T14803]  should_fail_ex+0x414/0x560
[  337.308990][T14803]  should_failslab+0xa8/0x100
[  337.309013][T14803]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  337.309032][T14803]  ? __request_module+0x2d1/0x5e0
[  337.309059][T14803]  kstrdup+0x42/0x100
[  337.309078][T14803]  __request_module+0x2d1/0x5e0
[  337.309103][T14803]  ? __pfx___request_module+0x10/0x10
[  337.309134][T14803]  ? rtnl_link_ops_get+0x23/0x250
[  337.309153][T14803]  ? rtnl_link_ops_get+0x23/0x250
[  337.309174][T14803]  ? rtnl_link_ops_get+0x215/0x250
[  337.309198][T14803]  rtnl_newlink+0x64f/0x1c70
[  337.309230][T14803]  ? __pfx_rtnl_newlink+0x10/0x10
[  337.309251][T14803]  ? __lock_acquire+0xaac/0xd20
[  337.309277][T14803]  ? __lock_acquire+0xaac/0xd20
[  337.309309][T14803]  ? __lock_acquire+0xaac/0xd20
[  337.309356][T14803]  ? is_bpf_text_address+0x26/0x2b0
[  337.309383][T14803]  ? is_bpf_text_address+0x292/0x2b0
[  337.309403][T14803]  ? is_bpf_text_address+0x26/0x2b0
[  337.309426][T14803]  ? kernel_text_address+0xa5/0xe0
[  337.309455][T14803]  ? aa_get_newest_label+0xf7/0x5d0
[  337.309478][T14803]  ? __lock_acquire+0xaac/0xd20
[  337.309523][T14803]  ? __pfx_rtnl_newlink+0x10/0x10
[  337.309543][T14803]  rtnetlink_rcv_msg+0x7cc/0xb70
[  337.309566][T14803]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  337.309583][T14803]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  337.309618][T14803]  netlink_rcv_skb+0x205/0x470
[  337.309642][T14803]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  337.309664][T14803]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  337.309697][T14803]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.309718][T14803]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.309745][T14803]  netlink_unicast+0x758/0x8d0
[  337.309777][T14803]  netlink_sendmsg+0x805/0xb30
[  337.309809][T14803]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.309834][T14803]  ? aa_sock_msg_perm+0x94/0x160
[  337.309855][T14803]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  337.309874][T14803]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.309896][T14803]  __sock_sendmsg+0x219/0x270
[  337.309919][T14803]  ____sys_sendmsg+0x505/0x830
[  337.309949][T14803]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.309980][T14803]  ? import_iovec+0x74/0xa0
[  337.310007][T14803]  ___sys_sendmsg+0x21f/0x2a0
[  337.310034][T14803]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.310093][T14803]  ? __fget_files+0x2a/0x420
[  337.310115][T14803]  ? __fget_files+0x3a0/0x420
[  337.310149][T14803]  __x64_sys_sendmsg+0x19b/0x260
[  337.310182][T14803]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  337.310224][T14803]  ? do_syscall_64+0xba/0x210
[  337.310249][T14803]  do_syscall_64+0xf6/0x210
[  337.310266][T14803]  ? clear_bhb_loop+0x60/0xb0
[  337.310283][T14803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.310297][T14803] RIP: 0033:0x7f41d1d8e969
[  337.310313][T14803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.310327][T14803] RSP: 002b:00007f41d2b6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.310351][T14803] RAX: ffffffffffffffda RBX: 00007f41d1fb5fa0 RCX: 00007f41d1d8e969
[  337.310363][T14803] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  337.310373][T14803] RBP: 00007f41d2b6c090 R08: 0000000000000000 R09: 0000000000000000
[  337.310384][T14803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.310394][T14803] R13: 0000000000000000 R14: 00007f41d1fb5fa0 R15: 00007ffe06bf0038
[  337.310422][T14803]  </TASK>
[  337.717455][T14612] veth0_macvtap: entered promiscuous mode
[  337.811455][T14612] veth1_macvtap: entered promiscuous mode
[  337.834475][T14612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  337.851995][T14612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  337.865633][T14612] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  337.874385][T14612] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  337.883181][T14612] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  337.894219][T14612] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  337.909050][T14812] 8021q: VLANs not supported on caif0
[  338.508911][T14827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3034'.
[  338.693886][T14827] set match dimension is over the limit!
[  338.729290][T14833] xt_TCPMSS: Only works on TCP SYN packets
[  338.753800][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.795448][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.856797][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.864666][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.965397][T14837] netlink: 'syz.4.3038': attribute type 11 has an invalid length.
[  338.981529][T14839] wg2: entered promiscuous mode
[  339.008917][T14839] wg2: entered allmulticast mode
[  339.313054][T14852] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3044'.
[  339.345984][ T5841] Bluetooth: hci1: command tx timeout
[  339.552659][T14863] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3046'.
[  339.760628][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  339.770261][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  339.781293][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  339.800420][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  339.812379][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  339.892664][ T5828] syz_tun (unregistering): left allmulticast mode
[  339.893125][T14867] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input7
[  340.504442][T14869] chnl_net:caif_netlink_parms(): no params data found
[  340.741634][T14893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3056'.
[  340.756716][T14869] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.764096][T14869] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.771410][T14869] bridge_slave_0: entered allmulticast mode
[  340.779609][T14869] bridge_slave_0: entered promiscuous mode
[  340.814331][T14896] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3057'.
[  340.831403][T14869] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.849060][T14869] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.864666][T14869] bridge_slave_1: entered allmulticast mode
[  340.890935][T14869] bridge_slave_1: entered promiscuous mode
[  341.041696][ T4257] bond0 (unregistering): (slave ip6erspan0): Releasing active interface
[  341.060593][ T4257] ip6erspan0 (unregistering): left allmulticast mode
[  341.808155][ T4257] team0: Port device bond1 removed
[  341.814535][ T4257] bond1 (unregistering): Released all slaves
[  341.828370][ T4257] bond2 (unregistering): Released all slaves
[  341.905829][ T5833] Bluetooth: hci2: command tx timeout
[  341.980573][ T4257] bond0 (unregistering): Released all slaves
[  342.123638][T14869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  342.143633][T14912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3064'.
[  342.179768][ T4257] tipc: Disabling bearer <udp:syz2>
[  342.196067][ T4257] tipc: Left network mode
[  342.204469][T14915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3065'.
[  342.214728][T14869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  342.324381][T14912] macsec2: entered allmulticast mode
[  342.344050][T14912] bond0: entered allmulticast mode
[  342.350441][T14912] 

: entered allmulticast mode
[  342.363322][T14912] bond_slave_1: entered allmulticast mode
[  342.374461][T14912] batadv0: entered allmulticast mode
[  342.402077][T14912] bond0: left allmulticast mode
[  342.410208][T14912] 

: left allmulticast mode
[  342.420629][T14912] bond_slave_1: left allmulticast mode
[  342.431104][T14912] batadv0: left allmulticast mode
[  342.492706][T14915] macsec1: entered allmulticast mode
[  342.510157][T14915] bond0: entered allmulticast mode
[  342.520324][T14915] 

: entered allmulticast mode
[  342.527394][T14915] bond_slave_1: entered allmulticast mode
[  342.543090][T14915] bond0: left allmulticast mode
[  342.551376][T14915] 

: left allmulticast mode
[  342.560657][T14915] bond_slave_1: left allmulticast mode
[  342.662307][T14869] team0: Port device team_slave_0 added
[  342.673308][ T4257] IPVS: stopping backup sync thread 9658 ...
[  342.698678][T14869] team0: Port device team_slave_1 added
[  342.776877][T14924] netlink: 'syz.3.3069': attribute type 4 has an invalid length.
[  342.784817][T14924] netlink: 17 bytes leftover after parsing attributes in process `syz.3.3069'.
[  342.843908][T14869] batman_adv: batadv0: Adding interface: batadv_slave_0
[  342.866920][T14869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  342.968442][T14869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  343.040674][T14936] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3072'.
[  343.074385][T14938] netlink: 'syz.1.3070': attribute type 1 has an invalid length.
[  343.196554][T14938] netlink: 600 bytes leftover after parsing attributes in process `syz.1.3070'.
[  343.649638][T14929] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  343.711782][T14937] pimreg1728: entered allmulticast mode
[  343.758656][T14869] batman_adv: batadv0: Adding interface: batadv_slave_1
[  343.773179][T14869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  343.802568][T14869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  343.847536][T14936] macsec2: entered allmulticast mode
[  343.853987][T14936] bond0: entered allmulticast mode
[  343.864339][T14936] 

: entered allmulticast mode
[  343.869935][T14936] bond_slave_1: entered allmulticast mode
[  343.876686][T14936] batadv0: entered allmulticast mode
[  343.887178][T14936] bond0: left allmulticast mode
[  343.892133][T10060] IPVS: starting estimator thread 0...
[  343.892508][T14936] 

: left allmulticast mode
[  343.905944][T14936] bond_slave_1: left allmulticast mode
[  343.912020][T14936] batadv0: left allmulticast mode
[  343.985800][ T5833] Bluetooth: hci2: command tx timeout
[  343.991538][T14951] IPVS: using max 43 ests per chain, 103200 per kthread
[  344.086296][T14954] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3076'.
[  344.302936][T14869] hsr_slave_0: entered promiscuous mode
[  344.316833][T14869] hsr_slave_1: entered promiscuous mode
[  344.329096][T14869] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  344.338985][T14960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3080'.
[  344.353902][T14869] Cannot create hsr debugfs directory
[  344.958510][ T4257] ------------[ cut here ]------------
[  344.964067][ T4257] kernel BUG at net/8021q/vlan.c:99!
[  344.970114][ T4257] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  344.970291][T14979] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3088'.
[  344.976372][ T4257] CPU: 0 UID: 0 PID: 4257 Comm: kworker/u8:8 Not tainted 6.15.0-rc7-syzkaller-01759-gf5b60d6a575a #0 PREEMPT(full) 
[  344.976394][ T4257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  344.976405][ T4257] Workqueue: netns cleanup_net
[  344.976431][ T4257] RIP: 0010:unregister_vlan_dev+0x4da/0x4e0
[  344.976454][ T4257] Code: f7 e8 fa 53 8f f7 e9 e7 fe ff ff e8 70 58 2d f7 48 c7 c7 00 10 51 8f 4c 89 ee e8 31 8c 5b fa e9 c4 fd ff ff e8 57 58 2d f7 90 <0f> 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  344.976468][ T4257] RSP: 0018:ffffc9000e5cf7f8 EFLAGS: 00010293
[  344.976484][ T4257] RAX: ffffffff8a929989 RBX: ffff88805b57a000 RCX: ffff8880327e9e00
[  344.976496][ T4257] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  344.976504][ T4257] RBP: 0000000000000001 R08: ffffffff8f2fabe7 R09: 1ffffffff1e5f57c
[  344.976515][ T4257] R10: dffffc0000000000 R11: fffffbfff1e5f57d R12: ffff888055236000
[  344.976527][ T4257] R13: ffffc9000e5cf900 R14: ffff88805b57a428 R15: 0000000000000000
[  344.976540][ T4257] FS:  0000000000000000(0000) GS:ffff8881260b0000(0000) knlGS:0000000000000000
[  344.976561][ T4257] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  344.976574][ T4257] CR2: 000020000000d000 CR3: 0000000057776000 CR4: 00000000003526f0
[  344.976590][ T4257] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  344.976601][ T4257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  344.976612][ T4257] Call Trace:
[  344.976620][ T4257]  <TASK>
[  344.976627][ T4257]  ? default_device_exit_batch+0x766/0x890
[  345.048089][T14983] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3087'.
[  345.051907][ T4257]  ? kfree+0x193/0x440
[  345.051936][ T4257]  ? __pfx_unregister_vlan_dev+0x10/0x10
[  345.153720][ T4257]  default_device_exit_batch+0x766/0x890
[  345.159366][ T4257]  ? __pfx___might_resched+0x10/0x10
[  345.164654][ T4257]  ? __pfx_default_device_exit_batch+0x10/0x10
[  345.170815][ T4257]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  345.176273][ T4257]  ? net_generic+0x1e/0x240
[  345.180780][ T4257]  ? __pfx_default_device_exit_batch+0x10/0x10
[  345.186937][ T4257]  ops_undo_list+0x525/0x990
[  345.191907][ T4257]  ? __pfx_ops_undo_list+0x10/0x10
[  345.197027][ T4257]  cleanup_net+0x4c5/0x8a0
[  345.201457][ T4257]  ? __pfx_cleanup_net+0x10/0x10
[  345.206417][ T4257]  ? _raw_spin_unlock_irq+0x23/0x50
[  345.211640][ T4257]  ? process_scheduled_works+0x9ec/0x17a0
[  345.217365][ T4257]  ? process_scheduled_works+0x9ec/0x17a0
[  345.223084][ T4257]  process_scheduled_works+0xade/0x17a0
[  345.228645][ T4257]  ? __pfx_process_scheduled_works+0x10/0x10
[  345.234635][ T4257]  worker_thread+0x8a0/0xda0
[  345.239226][ T4257]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  345.245562][ T4257]  ? __kthread_parkme+0x7b/0x200
[  345.250506][ T4257]  kthread+0x70e/0x8a0
[  345.254586][ T4257]  ? __pfx_worker_thread+0x10/0x10
[  345.259708][ T4257]  ? __pfx_kthread+0x10/0x10
[  345.264312][ T4257]  ? __pfx_kthread+0x10/0x10
[  345.268907][ T4257]  ? _raw_spin_unlock_irq+0x23/0x50
[  345.274107][ T4257]  ? lockdep_hardirqs_on+0x9c/0x150
[  345.279309][ T4257]  ? __pfx_kthread+0x10/0x10
[  345.283922][ T4257]  ret_from_fork+0x4b/0x80
[  345.288358][ T4257]  ? __pfx_kthread+0x10/0x10
[  345.292971][ T4257]  ret_from_fork_asm+0x1a/0x30
[  345.297759][ T4257]  </TASK>
[  345.300786][ T4257] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  345.305635][ T4257] ---[ end trace 0000000000000000 ]---
[  345.315983][ T4257] RIP: 0010:unregister_vlan_dev+0x4da/0x4e0
[  345.322115][ T4257] Code: f7 e8 fa 53 8f f7 e9 e7 fe ff ff e8 70 58 2d f7 48 c7 c7 00 10 51 8f 4c 89 ee e8 31 8c 5b fa e9 c4 fd ff ff e8 57 58 2d f7 90 <0f> 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  345.345339][ T4257] RSP: 0018:ffffc9000e5cf7f8 EFLAGS: 00010293
[  345.351455][ T4257] RAX: ffffffff8a929989 RBX: ffff88805b57a000 RCX: ffff8880327e9e00
[  345.395344][ T4257] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  345.403366][ T4257] RBP: 0000000000000001 R08: ffffffff8f2fabe7 R09: 1ffffffff1e5f57c
[  345.428354][ T4257] R10: dffffc0000000000 R11: fffffbfff1e5f57d R12: ffff888055236000
[  345.439369][ T4257] R13: ffffc9000e5cf900 R14: ffff88805b57a428 R15: 0000000000000000
[  345.463673][ T4257] FS:  0000000000000000(0000) GS:ffff8881260b0000(0000) knlGS:0000000000000000
[  345.486985][ T4257] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  345.493614][ T4257] CR2: 00007f0cc4ccb6b0 CR3: 0000000067726000 CR4: 00000000003526f0
[  345.501666][ T4257] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  345.509778][ T4257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  345.517888][ T4257] Kernel panic - not syncing: Fatal exception
[  345.524261][ T4257] Kernel Offset: disabled
[  345.528593][ T4257] Rebooting in 86400 seconds..