last executing test programs:

2.124480983s ago: executing program 0 (id=1267):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_IFNAME={0x14, 0x3, 'batadv_slave_1\x00'}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000680)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r7, @ANYBLOB="01"], 0x3c}}, 0x0)

1.36981819s ago: executing program 0 (id=1276):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$kcm(0x10, 0x2, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1}, 0x48)
socket$rxrpc(0x21, 0x2, 0xa)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000f00fc00000018000180140002006e657464657673696d300000000000000800060000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES64=r3], 0x5c}, 0x1, 0x0, 0x0, 0x4000800}, 0x88010)

1.190413611s ago: executing program 2 (id=1278):
pipe(&(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1)
close(r1)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c)
shutdown(r2, 0x1)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0)

1.189608466s ago: executing program 1 (id=1280):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0xfffffff7, 0x4)
recvmmsg(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1.103217996s ago: executing program 0 (id=1282):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@const={0x0, 0x0, 0x0, 0x9, 0x4}]}}, 0x0, 0x26}, 0x28)

1.059311144s ago: executing program 2 (id=1283):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000380)}, 0x90)

1.029346556s ago: executing program 4 (id=1284):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x1, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000025c0)={{r0}, &(0x7f0000002540), &(0x7f0000002580)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)

971.011767ms ago: executing program 3 (id=1285):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r1}, 0xc)

934.227563ms ago: executing program 1 (id=1286):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000002000010000000000000000000a002000000000070000000008000600010000001400030076657468315f766c616e000000000000140002"], 0x4c}, 0x1, 0x0, 0x0, 0x24040804}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)

897.391123ms ago: executing program 0 (id=1287):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002600)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, 0x0, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x1000d9}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20008800)

831.260938ms ago: executing program 4 (id=1288):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}}, 0x20040000)

830.921225ms ago: executing program 2 (id=1289):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x10)
socketpair(0x1, 0x1, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

816.191898ms ago: executing program 3 (id=1290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xd}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc)

709.028963ms ago: executing program 4 (id=1291):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x4c, r2, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @disassoc={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x4}, @device_a, @device_a, @initial, {0x8}}, 0x2e, @val={0x8c, 0x10, {0xd4e, "c6950800f7e1", @short="f34948ea656c17be"}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc0}, 0x20048020)

691.76958ms ago: executing program 1 (id=1292):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000006111000000000000731a0300000000009500000c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x3}, 0x10, 0xffffffffffffffff}, 0x4c)

627.325061ms ago: executing program 2 (id=1293):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012"], 0x3c}}, 0x0)

627.168614ms ago: executing program 3 (id=1294):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000))
ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100"})

551.586091ms ago: executing program 4 (id=1295):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x2b}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000004c0)=ANY=[@ANYRES32=r1, @ANYRES32=r3, @ANYBLOB="0500"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000300)=@tcp=r0}, 0x20)
shutdown(r0, 0x1)

497.576748ms ago: executing program 0 (id=1296):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0xfffffff7, 0x4)
recvmmsg(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

432.318408ms ago: executing program 1 (id=1297):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x1503, 0x4}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

431.464558ms ago: executing program 2 (id=1298):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f00000007c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x20, 0xfc, 0x2, 0x0, @private=0xa010100, @multicast1=0xe0000300}, @echo={0x8, 0x0, 0x0, 0x8000, 0x3}}}}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000380)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0x1, 0x2, 0x0, @rand_addr=0x1f, @multicast1=0xe0000300}, @redirect={0x5, 0x0, 0x0, @local, {0x5, 0x4, 0x1, 0x19, 0x400, 0x65, 0xfff6, 0x1, 0x33, 0x0, @rand_addr=0x64010100, @broadcast}}}}}}, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "fc79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x1, 0x85}, 0x3c)

387.761621ms ago: executing program 3 (id=1299):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000680)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r2, @ANYBLOB="01"], 0x3c}}, 0x0)

386.973715ms ago: executing program 4 (id=1300):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000003540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000003700)={&(0x7f00000004c0)={0x40, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x1e, 0x33, @deauth={{{0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1}, {0xe}, @device_b, @device_a, @initial, {0x3, 0x7}}, 0x80, @void}}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040080}, 0x28008004)

223.628766ms ago: executing program 3 (id=1301):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x38}}, 0x20040000)

207.873744ms ago: executing program 2 (id=1302):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000002000010000000000000000000a002000000000070000000008000600010000001400030076657468315f766c616e000000000000140002"], 0x4c}, 0x1, 0x0, 0x0, 0x24040804}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)

199.731343ms ago: executing program 0 (id=1303):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d440100000000009500000000000000050000000000000095000700000000000172dbabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6355cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe6fd599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f712e522aad0f13b0e5b43d837d040f813d011538"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f}, 0x48)

199.292026ms ago: executing program 4 (id=1304):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0xf}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

178.508189ms ago: executing program 1 (id=1305):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x4c, r2, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @disassoc={{{0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x4}, @device_a, @device_a, @initial, {0x8}}, 0x2e, @val={0x8c, 0x10, {0xd4e, "c6950800f7e1", @short="f34948ea656c17be"}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc0}, 0x20048020)

13.471575ms ago: executing program 3 (id=1306):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002600)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r5, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x1000d9}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20008800)

0s ago: executing program 1 (id=1307):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_BACKLOG_LIMIT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

kernel console output (not intermixed with test programs):

dv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.323515][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.336188][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.343239][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.369220][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.381534][ T5871] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.388493][ T5871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.414701][ T5871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.427962][ T5871] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.435059][ T5871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.461067][ T5871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.474297][ T5880] team0: Port device team_slave_0 added
[   93.488198][ T5864] team0: Port device team_slave_1 added
[   93.496512][ T5880] team0: Port device team_slave_1 added
[   93.615121][ T5880] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.622502][ T5880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.649016][ T5880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.705599][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.712700][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.739583][ T5864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.751458][ T5880] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.758426][ T5880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.785533][ T5880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.825810][ T5863] hsr_slave_0: entered promiscuous mode
[   93.832535][ T5863] hsr_slave_1: entered promiscuous mode
[   93.838797][ T5863] debugfs: 'hsr0' already exists in 'hsr'
[   93.844855][ T5863] Cannot create hsr debugfs directory
[   93.862442][ T5871] hsr_slave_0: entered promiscuous mode
[   93.868809][ T5871] hsr_slave_1: entered promiscuous mode
[   93.876244][ T5871] debugfs: 'hsr0' already exists in 'hsr'
[   93.882167][ T5871] Cannot create hsr debugfs directory
[   93.888420][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.897346][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.923496][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.981381][ T5880] hsr_slave_0: entered promiscuous mode
[   93.987779][ T5880] hsr_slave_1: entered promiscuous mode
[   93.994115][ T5880] debugfs: 'hsr0' already exists in 'hsr'
[   93.999855][ T5880] Cannot create hsr debugfs directory
[   94.226133][ T5864] hsr_slave_0: entered promiscuous mode
[   94.232916][ T5864] hsr_slave_1: entered promiscuous mode
[   94.239019][ T5864] debugfs: 'hsr0' already exists in 'hsr'
[   94.244880][ T5864] Cannot create hsr debugfs directory
[   94.508583][ T5862] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   94.522456][ T5862] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   94.568995][ T5862] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   94.616923][ T5862] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   94.750936][ T5863] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   94.763431][ T5863] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   94.790048][ T5863] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   94.802609][ T5863] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   94.872637][ T5880] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.901847][ T5880] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.931877][ T5880] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.943576][ T5880] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.027642][ T5871] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   95.039038][ T5871] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   95.062528][ T5871] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   95.075241][ T5871] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   95.082598][ T5866] Bluetooth: hci1: command tx timeout
[   95.088146][ T5879] Bluetooth: hci2: command tx timeout
[   95.116145][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.160971][ T5866] Bluetooth: hci3: command tx timeout
[   95.166490][ T5879] Bluetooth: hci0: command tx timeout
[   95.188483][ T5862] 8021q: adding VLAN 0 to HW filter on device team0
[   95.215642][ T5864] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   95.235705][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.242966][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.250955][ T5879] Bluetooth: hci4: command tx timeout
[   95.263578][ T5864] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   95.275708][ T5864] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   95.302782][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.309663][ T5864] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   95.342878][ T1152] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.350026][ T1152] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.378845][ T5863] 8021q: adding VLAN 0 to HW filter on device team0
[   95.427492][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.434642][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.473409][  T991] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.480610][  T991] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.646279][ T5871] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.675053][ T5880] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.778777][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.807192][ T5871] 8021q: adding VLAN 0 to HW filter on device team0
[   95.826134][ T5880] 8021q: adding VLAN 0 to HW filter on device team0
[   95.839825][  T991] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.847000][  T991] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.907343][  T991] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.914591][  T991] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.929982][  T991] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.937211][  T991] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.953014][  T991] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.960202][  T991] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.077337][ T5864] 8021q: adding VLAN 0 to HW filter on device team0
[   96.107304][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.114483][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.154335][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.167933][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.192270][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.199454][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.504610][ T5862] veth0_vlan: entered promiscuous mode
[   96.563615][ T5862] veth1_vlan: entered promiscuous mode
[   96.718358][ T5862] veth0_macvtap: entered promiscuous mode
[   96.824740][ T5862] veth1_macvtap: entered promiscuous mode
[   96.870208][ T5880] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.919433][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.948484][ T5871] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.959816][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.005856][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.017202][   T59] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.026609][   T59] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.064397][   T59] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.073594][   T59] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.113549][ T5880] veth0_vlan: entered promiscuous mode
[   97.126159][ T5863] veth0_vlan: entered promiscuous mode
[   97.145492][ T5863] veth1_vlan: entered promiscuous mode
[   97.161155][ T5879] Bluetooth: hci2: command tx timeout
[   97.166605][ T5879] Bluetooth: hci1: command tx timeout
[   97.176738][ T5880] veth1_vlan: entered promiscuous mode
[   97.243702][ T5866] Bluetooth: hci3: command tx timeout
[   97.249490][ T5879] Bluetooth: hci0: command tx timeout
[   97.286827][ T5864] veth0_vlan: entered promiscuous mode
[   97.295690][  T991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.307396][  T991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.320730][ T5879] Bluetooth: hci4: command tx timeout
[   97.338377][ T5871] veth0_vlan: entered promiscuous mode
[   97.354228][ T5863] veth0_macvtap: entered promiscuous mode
[   97.365561][ T5863] veth1_macvtap: entered promiscuous mode
[   97.387795][ T5871] veth1_vlan: entered promiscuous mode
[   97.416609][ T5864] veth1_vlan: entered promiscuous mode
[   97.427388][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.442567][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.464865][ T5880] veth0_macvtap: entered promiscuous mode
[   97.493827][ T5880] veth1_macvtap: entered promiscuous mode
[   97.514669][ T5864] veth0_macvtap: entered promiscuous mode
[   97.541343][ T5864] veth1_macvtap: entered promiscuous mode
[   97.566020][ T5862] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.569585][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.613554][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.635692][ T5871] veth0_macvtap: entered promiscuous mode
[   97.663429][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.698908][ T5981] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   97.715701][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.728110][ T5871] veth1_macvtap: entered promiscuous mode
[   97.744551][   T33] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.756370][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.775613][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.798989][   T33] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.820062][   T33] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.862055][   T33] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.894841][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.905818][   T33] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.917176][   T33] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.966398][ T5871] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.974686][   T33] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.986608][   T33] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.023625][   T33] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.033629][   T33] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.049774][   T33] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.102233][   T33] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.112661][   T33] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.156653][   T33] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.214065][   T33] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.233435][   T33] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.310225][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.329839][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.357546][  T991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.370785][  T991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.462087][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.470311][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.537212][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.549415][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.626494][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.635779][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.686461][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.715032][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.737142][ T5997] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3'.
[   98.739665][ T5991] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10'.
[   98.783121][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.809237][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.880198][ T5991] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   98.909840][ T5999] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11'.
[   98.932431][ T5999] erspan0: entered promiscuous mode
[   98.953006][ T5999] erspan0: left promiscuous mode
[   98.987196][ T6001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'.
[   99.052081][ T6003] netlink: 'syz.1.12': attribute type 10 has an invalid length.
[   99.070908][ T6003] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12'.
[   99.091608][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.103045][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.142744][ T6003] team0: Device geneve0 is up. Set it down before adding it as a team port
[   99.185806][ T5856] IPVS: starting estimator thread 0...
[   99.202820][ T6003] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   99.246316][ T5866] Bluetooth: hci2: command tx timeout
[   99.251983][ T5879] Bluetooth: hci1: command tx timeout
[   99.300986][ T6007] IPVS: using max 26 ests per chain, 62400 per kthread
[   99.321420][ T5879] Bluetooth: hci0: command tx timeout
[   99.326909][ T5866] Bluetooth: hci3: command tx timeout
[   99.401108][ T5866] Bluetooth: hci4: command tx timeout
[   99.471741][ T6019] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2621
[  100.466132][ T6046] netlink: 16 bytes leftover after parsing attributes in process `syz.0.22'.
[  100.827816][ T6046] bond0: entered promiscuous mode
[  100.837668][ T6046] bond_slave_0: entered promiscuous mode
[  100.851370][ T6046] bond_slave_1: entered promiscuous mode
[  100.877553][ T6046] bond0: left promiscuous mode
[  100.888610][ T6046] bond_slave_0: left promiscuous mode
[  100.905223][ T6046] bond_slave_1: left promiscuous mode
[  101.072491][ T6062] syz_tun: entered allmulticast mode
[  101.109830][ T6063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.26'.
[  101.153242][ T6062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.25'.
[  101.352719][ T6062] syz_tun (unregistering): left allmulticast mode
[  101.412130][ T6072] netlink: 'syz.3.29': attribute type 1 has an invalid length.
[  101.532615][ T6072] 8021q: adding VLAN 0 to HW filter on device bond1
[  101.543616][ T6072] team0: Port device bond1 added
[  101.553064][ T6074] tipc: Started in network mode
[  101.587428][ T6074] tipc: Node identity ce2973fcaac8, cluster identity 4711
[  101.627495][ T6074] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  101.709007][ T6070] syzkaller0: entered promiscuous mode
[  101.725830][ T6070] syzkaller0: entered allmulticast mode
[  101.754955][ T6084] team0: Device ipvlan2 failed to register rx_handler
[  101.777436][ T6094] netlink: 'syz.4.32': attribute type 10 has an invalid length.
[  101.818391][ T6089] syz.2.33 uses obsolete (PF_INET,SOCK_PACKET)
[  101.829953][ T6097] netlink: 'syz.4.32': attribute type 1 has an invalid length.
[  101.882550][ T6070] tipc: Resetting bearer <eth:syzkaller0>
[  101.901749][ T6069] tipc: Resetting bearer <eth:syzkaller0>
[  101.985431][ T6069] tipc: Disabling bearer <eth:syzkaller0>
[  102.034432][ T6094] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  102.117264][ T6086] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  102.238488][ T6107] netlink: 140 bytes leftover after parsing attributes in process `syz.0.35'.
[  102.434276][ T6113] netlink: 4 bytes leftover after parsing attributes in process `syz.4.36'.
[  102.484872][   T30] audit: type=1800 audit(1757071672.641:2): pid=6116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.36" name="memory.events" dev="tmpfs" ino=43 res=0 errno=0
[  102.528579][   T43] IPVS: starting estimator thread 0...
[  102.560056][   T30] audit: type=1804 audit(1757071672.641:3): pid=6116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.36" name="/newroot/5/memory.events" dev="tmpfs" ino=43 res=1 errno=0
[  102.642116][ T6117] IPVS: using max 26 ests per chain, 62400 per kthread
[  102.965967][ T6129] netlink: 'syz.4.39': attribute type 10 has an invalid length.
[  103.010694][ T6129] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.039627][ T6129] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.095935][ T6129] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  103.806822][ T6151] netlink: 'syz.3.44': attribute type 21 has an invalid length.
[  103.844190][ T6151] __nla_validate_parse: 1 callbacks suppressed
[  103.844208][ T6151] netlink: 128 bytes leftover after parsing attributes in process `syz.3.44'.
[  103.954957][ T6151] netlink: 'syz.3.44': attribute type 5 has an invalid length.
[  103.975474][ T6151] netlink: 3 bytes leftover after parsing attributes in process `syz.3.44'.
[  104.212846][ T6161] netlink: 8 bytes leftover after parsing attributes in process `syz.0.47'.
[  104.260159][ T6161] netlink: 12 bytes leftover after parsing attributes in process `syz.0.47'.
[  104.313805][ T6166] Zero length message leads to an empty skb
[  104.459152][ T6178] Bluetooth: MGMT ver 1.23
[  105.385755][ T6207] tipc: Started in network mode
[  105.431511][ T6207] tipc: Node identity 32b15ba69739, cluster identity 4711
[  105.438837][ T6207] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  105.540907][ T6212] syzkaller0: entered promiscuous mode
[  105.547015][ T6212] syzkaller0: entered allmulticast mode
[  105.558186][ T6213] warning: `syz.1.60' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  105.652849][ T6219] netlink: 26 bytes leftover after parsing attributes in process `syz.4.62'.
[  105.785780][ T6212] tipc: Resetting bearer <eth:syzkaller0>
[  105.842605][ T6205] tipc: Resetting bearer <eth:syzkaller0>
[  105.935800][ T6205] tipc: Disabling bearer <eth:syzkaller0>
[  105.948796][ T6229] netlink: 16 bytes leftover after parsing attributes in process `syz.0.64'.
[  106.106170][ T6237] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.66'.
[  106.118840][ T6237] netlink: zone id is out of range
[  106.157208][ T6237] netlink: zone id is out of range
[  106.200970][ T6237] netlink: zone id is out of range
[  106.206145][ T6237] netlink: get zone limit has 8 unknown bytes
[  106.305378][ T6243] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  106.321801][ T6243] macsec1: entered promiscuous mode
[  106.351342][ T6243] mac80211_hwsim hwsim8 wlan1: left promiscuous mode
[  106.362458][ T6245] FAULT_INJECTION: forcing a failure.
[  106.362458][ T6245] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  106.381589][ T5970] IPVS: starting estimator thread 0...
[  106.420025][ T6245] CPU: 0 UID: 0 PID: 6245 Comm: syz.3.69 Not tainted syzkaller #0 PREEMPT(full) 
[  106.420054][ T6245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  106.420075][ T6245] Call Trace:
[  106.420083][ T6245]  <TASK>
[  106.420092][ T6245]  dump_stack_lvl+0x189/0x250
[  106.420126][ T6245]  ? __pfx____ratelimit+0x10/0x10
[  106.420148][ T6245]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.420173][ T6245]  ? __pfx__printk+0x10/0x10
[  106.420202][ T6245]  ? __might_fault+0xb0/0x130
[  106.420243][ T6245]  should_fail_ex+0x414/0x560
[  106.420276][ T6245]  _copy_from_user+0x2d/0xb0
[  106.420302][ T6245]  do_ip_vs_set_ctl+0x2d3/0xa60
[  106.420334][ T6245]  ? rcu_is_watching+0x15/0xb0
[  106.420354][ T6245]  ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[  106.420382][ T6245]  ? trace_contention_end+0x39/0x120
[  106.420427][ T6245]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  106.420457][ T6245]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  106.420477][ T6245]  ? aa_sk_perm+0x81e/0x950
[  106.420514][ T6245]  ? __pfx_aa_sk_perm+0x10/0x10
[  106.420550][ T6245]  nf_setsockopt+0x26c/0x290
[  106.420578][ T6245]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  106.420611][ T6245]  do_sock_setsockopt+0x179/0x1b0
[  106.420637][ T6245]  __x64_sys_setsockopt+0x13f/0x1b0
[  106.420664][ T6245]  do_syscall_64+0xfa/0x3b0
[  106.420685][ T6245]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.420706][ T6245]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.420725][ T6245]  ? clear_bhb_loop+0x60/0xb0
[  106.420749][ T6245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.420768][ T6245] RIP: 0033:0x7f87d9d8ebe9
[  106.420792][ T6245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.420808][ T6245] RSP: 002b:00007f87dac0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  106.420833][ T6245] RAX: ffffffffffffffda RBX: 00007f87d9fc5fa0 RCX: 00007f87d9d8ebe9
[  106.420848][ T6245] RDX: 0000000000000488 RSI: 0000000000000000 RDI: 0000000000000005
[  106.420859][ T6245] RBP: 00007f87dac0c090 R08: 0000000000000044 R09: 0000000000000000
[  106.420871][ T6245] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  106.420884][ T6245] R13: 00007f87d9fc6038 R14: 00007f87d9fc5fa0 R15: 00007ffc766dbd88
[  106.420916][ T6245]  </TASK>
[  106.814997][ T6254] 
@ÿ: renamed from veth0_vlan (while UP)
[  106.890593][ T6248] IPVS: using max 24 ests per chain, 57600 per kthread
[  107.009487][ T5970] IPVS: starting estimator thread 0...
[  107.100555][ T6257] IPVS: using max 25 ests per chain, 60000 per kthread
[  107.110270][ T6258] netlink: 104 bytes leftover after parsing attributes in process `syz.3.72'.
[  107.145445][ T6262] netlink: 96 bytes leftover after parsing attributes in process `syz.1.73'.
[  107.436514][ T6273] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  107.534802][ T6273] FAULT_INJECTION: forcing a failure.
[  107.534802][ T6273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.568184][ T6273] CPU: 0 UID: 0 PID: 6273 Comm: syz.1.78 Not tainted syzkaller #0 PREEMPT(full) 
[  107.568212][ T6273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  107.568224][ T6273] Call Trace:
[  107.568232][ T6273]  <TASK>
[  107.568240][ T6273]  dump_stack_lvl+0x189/0x250
[  107.568270][ T6273]  ? __pfx____ratelimit+0x10/0x10
[  107.568299][ T6273]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.568323][ T6273]  ? __pfx__printk+0x10/0x10
[  107.568386][ T6273]  should_fail_ex+0x414/0x560
[  107.568420][ T6273]  _copy_to_user+0x31/0xb0
[  107.568447][ T6273]  simple_read_from_buffer+0xe1/0x170
[  107.568483][ T6273]  proc_fail_nth_read+0x1b3/0x220
[  107.568510][ T6273]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  107.568536][ T6273]  ? rw_verify_area+0x2a6/0x4d0
[  107.568559][ T6273]  ? __lock_acquire+0xab9/0xd20
[  107.568586][ T6273]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  107.568611][ T6273]  vfs_read+0x200/0xa30
[  107.568636][ T6273]  ? fdget_pos+0x247/0x320
[  107.568659][ T6273]  ? __pfx___mutex_lock+0x10/0x10
[  107.568682][ T6273]  ? __pfx_vfs_read+0x10/0x10
[  107.568709][ T6273]  ? __fget_files+0x2a/0x420
[  107.568731][ T6273]  ? __fget_files+0x3a0/0x420
[  107.568747][ T6273]  ? __fget_files+0x2a/0x420
[  107.568775][ T6273]  ksys_read+0x145/0x250
[  107.568804][ T6273]  ? __pfx_ksys_read+0x10/0x10
[  107.568836][ T6273]  ? do_syscall_64+0xbe/0x3b0
[  107.568862][ T6273]  do_syscall_64+0xfa/0x3b0
[  107.568883][ T6273]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.568904][ T6273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.568924][ T6273]  ? clear_bhb_loop+0x60/0xb0
[  107.568949][ T6273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.568967][ T6273] RIP: 0033:0x7efec318d5fc
[  107.568985][ T6273] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  107.569001][ T6273] RSP: 002b:00007efec3f92030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  107.569022][ T6273] RAX: ffffffffffffffda RBX: 00007efec33c5fa0 RCX: 00007efec318d5fc
[  107.569036][ T6273] RDX: 000000000000000f RSI: 00007efec3f920a0 RDI: 0000000000000005
[  107.569049][ T6273] RBP: 00007efec3f92090 R08: 0000000000000000 R09: 0000000000000000
[  107.569061][ T6273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.569072][ T6273] R13: 00007efec33c6038 R14: 00007efec33c5fa0 R15: 00007ffe14c8d918
[  107.569105][ T6273]  </TASK>
[  108.351286][ T6294] openvswitch: netlink: Tunnel attr 14 has unexpected len 4 expected 0
[  108.389460][ T6304] netlink: 'syz.1.87': attribute type 1 has an invalid length.
[  108.514743][ T6304] bond1 (unregistering): Released all slaves
[  108.697607][ T6317] IPVS: set_ctl: invalid protocol: 94 255.255.255.255:20001
[  108.855496][ T6317] bond0: (slave gretap0): Opening slave failed
[  109.135490][ T6329] netlink: 24 bytes leftover after parsing attributes in process `syz.1.93'.
[  109.173016][ T6329] netlink: 16 bytes leftover after parsing attributes in process `syz.1.93'.
[  109.538814][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  109.569877][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  109.610308][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  109.669337][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  109.715273][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  109.750757][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  109.774067][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  109.807670][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[  110.133529][ T6356] vlan2: entered promiscuous mode
[  110.147919][ T6356] bridge0: entered promiscuous mode
[  110.277956][ T6361] batadv0: entered promiscuous mode
[  110.330125][ T6361] macsec1: entered promiscuous mode
[  110.359410][ T6361] batadv0: left promiscuous mode
[  110.622192][ T6377] syz_tun: entered allmulticast mode
[  110.713099][ T6377] syz_tun (unregistering): left allmulticast mode
[  111.288150][ T6387] netlink: 'syz.2.108': attribute type 5 has an invalid length.
[  111.350610][ T6387] netlink: 'syz.2.108': attribute type 5 has an invalid length.
[  111.393262][ T6387] IPVS: length: 209 != 24
[  111.629307][ T6401] netlink: 'syz.0.111': attribute type 6 has an invalid length.
[  111.894094][ T6401] netlink: 'syz.0.111': attribute type 12 has an invalid length.
[  112.693668][ T6454] veth0: entered promiscuous mode
[  113.710554][ T6450] veth0: left promiscuous mode
[  114.376802][ T6490] __nla_validate_parse: 53 callbacks suppressed
[  114.376821][ T6490] netlink: 16 bytes leftover after parsing attributes in process `syz.0.130'.
[  114.637195][ T6500] netlink: 12 bytes leftover after parsing attributes in process `syz.2.137'.
[  114.920236][ T6510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.140'.
[  115.137390][ T6516] netlink: 16 bytes leftover after parsing attributes in process `syz.2.142'.
[  115.183920][ T6516] netlink: 40 bytes leftover after parsing attributes in process `syz.2.142'.
[  115.197676][ T6523] netlink: 4 bytes leftover after parsing attributes in process `syz.2.142'.
[  115.296920][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.142'.
[  115.739151][ T6533] syzkaller0: entered promiscuous mode
[  115.788478][ T6533] syzkaller0: entered allmulticast mode
[  118.051598][ T5866] Bluetooth: hci4: command 0x0405 tx timeout
[  119.499336][ T6582] netlink: 4 bytes leftover after parsing attributes in process `syz.3.156'.
[  120.079994][ T6580] syz_tun: entered allmulticast mode
[  120.178566][ T6582] syz_tun (unregistering): left allmulticast mode
[  120.228039][ T6587] netlink: 'syz.4.158': attribute type 4 has an invalid length.
[  120.392827][ T6593] netlink: 20 bytes leftover after parsing attributes in process `syz.1.161'.
[  120.436157][ T6593] netlink: 20 bytes leftover after parsing attributes in process `syz.1.161'.
[  120.457633][ T6594] pimreg: entered allmulticast mode
[  120.542171][ T6600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.164'.
[  121.068019][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.090834][ T6622] netlink: 20 bytes leftover after parsing attributes in process `syz.4.169'.
[  121.107337][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.128670][ T5876] udevd[5876]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  121.183379][ T6622] netlink: 20 bytes leftover after parsing attributes in process `syz.4.169'.
[  121.210984][ T5876] udevd[5876]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  121.234959][ T6620] netlink: 'syz.1.167': attribute type 26 has an invalid length.
[  121.317345][ T6626] netlink: 20 bytes leftover after parsing attributes in process `syz.2.170'.
[  121.660753][ T6632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.172'.
[  121.711565][ T6642] netlink: 28 bytes leftover after parsing attributes in process `syz.2.173'.
[  121.783632][ T6644] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  121.843453][ T5876] udevd[5876]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  121.879570][ T5876] udevd[5876]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  121.933999][ T6644] netlink: 68 bytes leftover after parsing attributes in process `syz.4.174'.
[  123.064529][ T6691] Illegal XDP return value 4294967262 on prog  (id 56) dev N/A, expect packet loss!
[  123.162269][ T6697] netlink: 'syz.3.190': attribute type 1 has an invalid length.
[  123.332950][ T6694] bond2 (unregistering): Released all slaves
[  123.747131][ T6710] netlink: 'syz.4.194': attribute type 2 has an invalid length.
[  124.605362][ T6721] syz.1.195 (6721) used greatest stack depth: 17864 bytes left
[  125.142980][ T6756] FAULT_INJECTION: forcing a failure.
[  125.142980][ T6756] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.182194][ T6756] CPU: 1 UID: 0 PID: 6756 Comm: syz.2.207 Not tainted syzkaller #0 PREEMPT(full) 
[  125.182222][ T6756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  125.182234][ T6756] Call Trace:
[  125.182242][ T6756]  <TASK>
[  125.182251][ T6756]  dump_stack_lvl+0x189/0x250
[  125.182280][ T6756]  ? __pfx____ratelimit+0x10/0x10
[  125.182303][ T6756]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.182333][ T6756]  ? __pfx__printk+0x10/0x10
[  125.182362][ T6756]  ? __might_fault+0xb0/0x130
[  125.182402][ T6756]  should_fail_ex+0x414/0x560
[  125.182435][ T6756]  _copy_from_iter+0x1de/0x1790
[  125.182464][ T6756]  ? rcu_is_watching+0x15/0xb0
[  125.182487][ T6756]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  125.182517][ T6756]  ? __pfx__copy_from_iter+0x10/0x10
[  125.182539][ T6756]  ? __build_skb_around+0x257/0x3e0
[  125.182565][ T6756]  ? netlink_sendmsg+0x642/0xb30
[  125.182585][ T6756]  ? skb_put+0x11b/0x210
[  125.182611][ T6756]  netlink_sendmsg+0x6b2/0xb30
[  125.182642][ T6756]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.182667][ T6756]  ? aa_sock_msg_perm+0xf1/0x1d0
[  125.182688][ T6756]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  125.182710][ T6756]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.182731][ T6756]  __sock_sendmsg+0x21c/0x270
[  125.182766][ T6756]  ____sys_sendmsg+0x505/0x830
[  125.182796][ T6756]  ? __pfx_____sys_sendmsg+0x10/0x10
[  125.182830][ T6756]  ? import_iovec+0x74/0xa0
[  125.182857][ T6756]  ___sys_sendmsg+0x21f/0x2a0
[  125.182884][ T6756]  ? __pfx____sys_sendmsg+0x10/0x10
[  125.182948][ T6756]  ? __fget_files+0x2a/0x420
[  125.182965][ T6756]  ? __fget_files+0x3a0/0x420
[  125.182995][ T6756]  __x64_sys_sendmsg+0x19b/0x260
[  125.183022][ T6756]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  125.183057][ T6756]  ? __pfx_ksys_write+0x10/0x10
[  125.183082][ T6756]  ? rcu_is_watching+0x15/0xb0
[  125.183107][ T6756]  ? do_syscall_64+0xbe/0x3b0
[  125.183134][ T6756]  do_syscall_64+0xfa/0x3b0
[  125.183154][ T6756]  ? lockdep_hardirqs_on+0x9c/0x150
[  125.183175][ T6756]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.183194][ T6756]  ? clear_bhb_loop+0x60/0xb0
[  125.183219][ T6756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.183238][ T6756] RIP: 0033:0x7faceb18ebe9
[  125.183256][ T6756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.183272][ T6756] RSP: 002b:00007facec0a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  125.183294][ T6756] RAX: ffffffffffffffda RBX: 00007faceb3c5fa0 RCX: 00007faceb18ebe9
[  125.183314][ T6756] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000007
[  125.183326][ T6756] RBP: 00007facec0a0090 R08: 0000000000000000 R09: 0000000000000000
[  125.183339][ T6756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.183350][ T6756] R13: 00007faceb3c6038 R14: 00007faceb3c5fa0 R15: 00007ffd34e491c8
[  125.183394][ T6756]  </TASK>
[  125.711314][ T6771] __nla_validate_parse: 4 callbacks suppressed
[  125.711334][ T6771] netlink: 8 bytes leftover after parsing attributes in process `syz.4.212'.
[  125.786900][ T6771] erspan0: entered promiscuous mode
[  125.872365][ T6771] erspan0: left promiscuous mode
[  126.210053][ T6789] netlink: 16 bytes leftover after parsing attributes in process `syz.4.219'.
[  126.455102][ T6799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.223'.
[  126.745070][ T6812] netlink: 4 bytes leftover after parsing attributes in process `syz.2.226'.
[  127.187169][ T6812] bond0: (slave bond_slave_1): Releasing backup interface
[  127.253503][ T6810] 
: renamed from bond_slave_0 (while UP)
[  127.474724][ T6820] FAULT_INJECTION: forcing a failure.
[  127.474724][ T6820] name failslab, interval 1, probability 0, space 0, times 1
[  127.556012][ T6820] CPU: 1 UID: 0 PID: 6820 Comm: syz.4.228 Not tainted syzkaller #0 PREEMPT(full) 
[  127.556040][ T6820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  127.556053][ T6820] Call Trace:
[  127.556061][ T6820]  <TASK>
[  127.556071][ T6820]  dump_stack_lvl+0x189/0x250
[  127.556100][ T6820]  ? __pfx____ratelimit+0x10/0x10
[  127.556123][ T6820]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.556147][ T6820]  ? __pfx__printk+0x10/0x10
[  127.556183][ T6820]  ? __pfx___might_resched+0x10/0x10
[  127.556208][ T6820]  should_fail_ex+0x414/0x560
[  127.556242][ T6820]  should_failslab+0xa8/0x100
[  127.556273][ T6820]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  127.556302][ T6820]  ? __alloc_skb+0x112/0x2d0
[  127.556321][ T6820]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  127.556354][ T6820]  __alloc_skb+0x112/0x2d0
[  127.556388][ T6820]  __ip6_append_data+0x2c16/0x3f30
[  127.556447][ T6820]  ? __pfx_raw6_getfrag+0x10/0x10
[  127.556491][ T6820]  ? __pfx___ip6_append_data+0x10/0x10
[  127.556519][ T6820]  ? __pfx_ip6_mtu+0x10/0x10
[  127.556558][ T6820]  ip6_append_data+0x1c4/0x380
[  127.556593][ T6820]  ? __pfx_raw6_getfrag+0x10/0x10
[  127.556617][ T6820]  rawv6_sendmsg+0x127a/0x1820
[  127.556659][ T6820]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  127.556689][ T6820]  ? __lock_acquire+0xab9/0xd20
[  127.556735][ T6820]  ? __pfx_aa_sk_perm+0x10/0x10
[  127.556770][ T6820]  ? sock_rps_record_flow+0x19/0x410
[  127.556802][ T6820]  ? inet_sendmsg+0x2f4/0x370
[  127.556829][ T6820]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  127.556856][ T6820]  __sock_sendmsg+0x19c/0x270
[  127.556890][ T6820]  sock_write_iter+0x258/0x330
[  127.556922][ T6820]  ? __pfx_sock_write_iter+0x10/0x10
[  127.556976][ T6820]  do_iter_readv_writev+0x619/0x8b0
[  127.557012][ T6820]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  127.557043][ T6820]  ? common_file_perm+0x1b5/0x230
[  127.557067][ T6820]  ? bpf_lsm_file_permission+0x9/0x20
[  127.557092][ T6820]  ? security_file_permission+0x75/0x290
[  127.557121][ T6820]  ? rw_verify_area+0x255/0x4d0
[  127.557152][ T6820]  vfs_writev+0x31a/0x960
[  127.557177][ T6820]  ? __lock_acquire+0xab9/0xd20
[  127.557208][ T6820]  ? __pfx_vfs_writev+0x10/0x10
[  127.557245][ T6820]  ? __fget_files+0x2a/0x420
[  127.557269][ T6820]  ? __fget_files+0x3a0/0x420
[  127.557286][ T6820]  ? __fget_files+0x2a/0x420
[  127.557314][ T6820]  do_writev+0x14d/0x2d0
[  127.557337][ T6820]  ? __pfx_do_writev+0x10/0x10
[  127.557355][ T6820]  ? rcu_is_watching+0x15/0xb0
[  127.557390][ T6820]  ? do_syscall_64+0xbe/0x3b0
[  127.557419][ T6820]  do_syscall_64+0xfa/0x3b0
[  127.557439][ T6820]  ? lockdep_hardirqs_on+0x9c/0x150
[  127.557460][ T6820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.557479][ T6820]  ? clear_bhb_loop+0x60/0xb0
[  127.557504][ T6820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.557524][ T6820] RIP: 0033:0x7f471598ebe9
[  127.557542][ T6820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.557559][ T6820] RSP: 002b:00007f47167a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  127.557580][ T6820] RAX: ffffffffffffffda RBX: 00007f4715bc5fa0 RCX: 00007f471598ebe9
[  127.557595][ T6820] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000005
[  127.557607][ T6820] RBP: 00007f47167a3090 R08: 0000000000000000 R09: 0000000000000000
[  127.557620][ T6820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  127.557631][ T6820] R13: 00007f4715bc6038 R14: 00007f4715bc5fa0 R15: 00007fff89503f38
[  127.557664][ T6820]  </TASK>
[  128.235395][ T6843] netlink: 28 bytes leftover after parsing attributes in process `syz.4.233'.
[  128.470023][ T6853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.234'.
[  128.493664][ T6854] netlink: 68 bytes leftover after parsing attributes in process `syz.4.238'.
[  128.707476][ T6862] geneve2: entered promiscuous mode
[  128.798253][ T6870] netlink: 16 bytes leftover after parsing attributes in process `syz.0.239'.
[  128.907192][ T6870] netlink: 216 bytes leftover after parsing attributes in process `syz.0.239'.
[  129.384712][ T6882] netlink: 32 bytes leftover after parsing attributes in process `syz.3.244'.
[  129.667963][ T6889] Bluetooth: MGMT ver 1.23
[  130.610934][ T6911] netlink: 'syz.1.254': attribute type 1 has an invalid length.
[  130.626472][ T6911] nbd: error processing sock list
[  130.646937][ T6911] block nbd0: shutting down sockets
[  130.849161][ T6929] netlink: 104 bytes leftover after parsing attributes in process `syz.1.261'.
[  130.866400][ T6932] netlink: 48 bytes leftover after parsing attributes in process `syz.2.260'.
[  130.994479][ T6932] netlink: 24 bytes leftover after parsing attributes in process `syz.2.260'.
[  131.368268][ T6946] FAULT_INJECTION: forcing a failure.
[  131.368268][ T6946] name failslab, interval 1, probability 0, space 0, times 0
[  131.393598][ T6946] CPU: 1 UID: 0 PID: 6946 Comm: syz.3.267 Not tainted syzkaller #0 PREEMPT(full) 
[  131.393627][ T6946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  131.393640][ T6946] Call Trace:
[  131.393648][ T6946]  <TASK>
[  131.393657][ T6946]  dump_stack_lvl+0x189/0x250
[  131.393699][ T6946]  ? __pfx____ratelimit+0x10/0x10
[  131.393722][ T6946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.393746][ T6946]  ? __pfx__printk+0x10/0x10
[  131.393777][ T6946]  ? __lock_acquire+0xab9/0xd20
[  131.393818][ T6946]  should_fail_ex+0x414/0x560
[  131.393852][ T6946]  should_failslab+0xa8/0x100
[  131.393883][ T6946]  kmem_cache_alloc_noprof+0x73/0x3c0
[  131.393910][ T6946]  ? skb_clone+0x212/0x3a0
[  131.393941][ T6946]  skb_clone+0x212/0x3a0
[  131.393972][ T6946]  __netlink_deliver_tap+0x404/0x850
[  131.394007][ T6946]  ? netlink_deliver_tap+0x2e/0x1b0
[  131.394031][ T6946]  netlink_deliver_tap+0x19c/0x1b0
[  131.394053][ T6946]  netlink_unicast+0x7fa/0x9e0
[  131.394095][ T6946]  ? __pfx_netlink_unicast+0x10/0x10
[  131.394128][ T6946]  ? netlink_sendmsg+0x642/0xb30
[  131.394147][ T6946]  ? skb_put+0x11b/0x210
[  131.394174][ T6946]  netlink_sendmsg+0x805/0xb30
[  131.394207][ T6946]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.394233][ T6946]  ? aa_sock_msg_perm+0xf1/0x1d0
[  131.394255][ T6946]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  131.394277][ T6946]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.394299][ T6946]  __sock_sendmsg+0x21c/0x270
[  131.394332][ T6946]  ____sys_sendmsg+0x505/0x830
[  131.394363][ T6946]  ? __pfx_____sys_sendmsg+0x10/0x10
[  131.394398][ T6946]  ? import_iovec+0x74/0xa0
[  131.394427][ T6946]  ___sys_sendmsg+0x21f/0x2a0
[  131.394454][ T6946]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.394520][ T6946]  ? __fget_files+0x2a/0x420
[  131.394537][ T6946]  ? __fget_files+0x3a0/0x420
[  131.394567][ T6946]  __x64_sys_sendmsg+0x19b/0x260
[  131.394595][ T6946]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  131.394631][ T6946]  ? __pfx_ksys_write+0x10/0x10
[  131.394654][ T6946]  ? rcu_is_watching+0x15/0xb0
[  131.394680][ T6946]  ? do_syscall_64+0xbe/0x3b0
[  131.394714][ T6946]  do_syscall_64+0xfa/0x3b0
[  131.394734][ T6946]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.394755][ T6946]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.394774][ T6946]  ? clear_bhb_loop+0x60/0xb0
[  131.394799][ T6946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.394819][ T6946] RIP: 0033:0x7f87d9d8ebe9
[  131.394837][ T6946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.394853][ T6946] RSP: 002b:00007f87dac0c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.394873][ T6946] RAX: ffffffffffffffda RBX: 00007f87d9fc5fa0 RCX: 00007f87d9d8ebe9
[  131.394888][ T6946] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000007
[  131.394900][ T6946] RBP: 00007f87dac0c090 R08: 0000000000000000 R09: 0000000000000000
[  131.394912][ T6946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.394924][ T6946] R13: 00007f87d9fc6038 R14: 00007f87d9fc5fa0 R15: 00007ffc766dbd88
[  131.394957][ T6946]  </TASK>
[  131.960612][ T5866] Bluetooth: hci0: command tx timeout
[  133.004831][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  133.011476][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.446675][ T6983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.279'.
[  133.451940][ T6976] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.497248][ T6976] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.662666][ T6983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  133.978965][ T7004] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  133.989724][ T7004] syzkaller0: entered promiscuous mode
[  133.999635][ T7004] syzkaller0: entered allmulticast mode
[  134.005810][ T7005] trusted_key: syz.3.286 sent an empty control message without MSG_MORE.
[  134.028896][ T7001] tipc: Resetting bearer <eth:syzkaller0>
[  134.052038][ T7001] tipc: Disabling bearer <eth:syzkaller0>
[  134.072635][ T7006] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.286'.
[  134.086285][ T7007] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.286'.
[  134.306502][ T7015] netlink: 248 bytes leftover after parsing attributes in process `syz.3.287'.
[  134.351255][ T7015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.287'.
[  134.434545][ T7019] tipc: Started in network mode
[  134.454234][ T7019] tipc: Node identity b6513a9a8eef, cluster identity 4711
[  134.473010][ T7019] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  134.491147][ T7019] syzkaller0: entered promiscuous mode
[  134.509306][ T7019] syzkaller0: entered allmulticast mode
[  134.549646][ T7019] tipc: Resetting bearer <eth:syzkaller0>
[  134.556870][ T7019] netlink: 12 bytes leftover after parsing attributes in process `syz.1.290'.
[  135.181609][ T7017] tipc: Resetting bearer <eth:syzkaller0>
[  135.367951][ T7017] tipc: Disabling bearer <eth:syzkaller0>
[  135.482588][ T7054] smc: net device bond0 applied user defined pnetid SYZ2
[  135.812257][ T7068] netlink: 'syz.3.304': attribute type 1 has an invalid length.
[  135.961539][ T7068] bond2: entered promiscuous mode
[  135.970932][ T7068] 8021q: adding VLAN 0 to HW filter on device bond2
[  136.202165][ T7073] 8021q: adding VLAN 0 to HW filter on device bond3
[  136.257501][ T7073] bond2: (slave bond3): making interface the new active one
[  136.290161][ T7089] __nla_validate_parse: 4 callbacks suppressed
[  136.290179][ T7089] netlink: 12 bytes leftover after parsing attributes in process `syz.1.308'.
[  136.301327][ T7073] bond3: entered promiscuous mode
[  136.316425][ T7091] FAULT_INJECTION: forcing a failure.
[  136.316425][ T7091] name failslab, interval 1, probability 0, space 0, times 0
[  136.342048][ T7073] bond2: (slave bond3): Enslaving as an active interface with an up link
[  136.386707][ T7077] bond2: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  136.392392][ T7091] CPU: 1 UID: 0 PID: 7091 Comm: syz.4.309 Not tainted syzkaller #0 PREEMPT(full) 
[  136.392421][ T7091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  136.392436][ T7091] Call Trace:
[  136.392447][ T7091]  <TASK>
[  136.392466][ T7091]  dump_stack_lvl+0x189/0x250
[  136.392501][ T7091]  ? __pfx____ratelimit+0x10/0x10
[  136.392529][ T7091]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.392556][ T7091]  ? __pfx__printk+0x10/0x10
[  136.392592][ T7091]  ? __pfx___might_resched+0x10/0x10
[  136.392614][ T7091]  ? fs_reclaim_acquire+0x7d/0x100
[  136.392642][ T7091]  should_fail_ex+0x414/0x560
[  136.392679][ T7091]  should_failslab+0xa8/0x100
[  136.392715][ T7091]  __kmalloc_noprof+0xcb/0x4f0
[  136.392747][ T7091]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  136.392786][ T7091]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  136.392827][ T7091]  genl_family_rcv_msg_doit+0xb8/0x300
[  136.392868][ T7091]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  136.392908][ T7091]  ? apparmor_capable+0x137/0x1b0
[  136.392940][ T7091]  ? bpf_lsm_capable+0x9/0x20
[  136.392970][ T7091]  ? security_capable+0x7e/0x2e0
[  136.393012][ T7091]  genl_rcv_msg+0x60e/0x790
[  136.393051][ T7091]  ? __pfx_genl_rcv_msg+0x10/0x10
[  136.393078][ T7091]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  136.393109][ T7091]  ? __asan_memcpy+0x40/0x70
[  136.393135][ T7091]  ? __pfx_ref_tracker_free+0x10/0x10
[  136.393176][ T7091]  netlink_rcv_skb+0x205/0x470
[  136.393197][ T7091]  ? __lock_acquire+0xab9/0xd20
[  136.393229][ T7091]  ? __pfx_genl_rcv_msg+0x10/0x10
[  136.393262][ T7091]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  136.393309][ T7091]  ? down_read+0x1ad/0x2e0
[  136.393340][ T7091]  genl_rcv+0x28/0x40
[  136.393367][ T7091]  netlink_unicast+0x82f/0x9e0
[  136.393419][ T7091]  ? __pfx_netlink_unicast+0x10/0x10
[  136.393464][ T7091]  ? netlink_sendmsg+0x642/0xb30
[  136.393485][ T7091]  ? skb_put+0x11b/0x210
[  136.393515][ T7091]  netlink_sendmsg+0x805/0xb30
[  136.393551][ T7091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.393580][ T7091]  ? aa_sock_msg_perm+0xf1/0x1d0
[  136.393605][ T7091]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  136.393630][ T7091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.393655][ T7091]  __sock_sendmsg+0x21c/0x270
[  136.393693][ T7091]  ____sys_sendmsg+0x505/0x830
[  136.393728][ T7091]  ? __pfx_____sys_sendmsg+0x10/0x10
[  136.393766][ T7091]  ? import_iovec+0x74/0xa0
[  136.393799][ T7091]  ___sys_sendmsg+0x21f/0x2a0
[  136.393831][ T7091]  ? __pfx____sys_sendmsg+0x10/0x10
[  136.393907][ T7091]  ? __fget_files+0x2a/0x420
[  136.393926][ T7091]  ? __fget_files+0x3a0/0x420
[  136.393959][ T7091]  __x64_sys_sendmsg+0x19b/0x260
[  136.393990][ T7091]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  136.394030][ T7091]  ? __pfx_ksys_write+0x10/0x10
[  136.394057][ T7091]  ? rcu_is_watching+0x15/0xb0
[  136.394087][ T7091]  ? do_syscall_64+0xbe/0x3b0
[  136.394117][ T7091]  do_syscall_64+0xfa/0x3b0
[  136.394141][ T7091]  ? lockdep_hardirqs_on+0x9c/0x150
[  136.394163][ T7091]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.394186][ T7091]  ? clear_bhb_loop+0x60/0xb0
[  136.394213][ T7091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.394236][ T7091] RIP: 0033:0x7f471598ebe9
[  136.394256][ T7091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.394275][ T7091] RSP: 002b:00007f47167a3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.394300][ T7091] RAX: ffffffffffffffda RBX: 00007f4715bc5fa0 RCX: 00007f471598ebe9
[  136.394315][ T7091] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000007
[  136.394330][ T7091] RBP: 00007f47167a3090 R08: 0000000000000000 R09: 0000000000000000
[  136.394344][ T7091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.394357][ T7091] R13: 00007f4715bc6038 R14: 00007f4715bc5fa0 R15: 00007fff89503f38
[  136.394393][ T7091]  </TASK>
[  136.564813][ T7095] netlink: 12 bytes leftover after parsing attributes in process `syz.2.310'.
[  136.588241][ T7077] bond2: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  136.820180][ T7089] ip_vti0: entered promiscuous mode
[  136.829747][ T7089] ip_vti0: entered allmulticast mode
[  137.155457][ T7106] netlink: 28 bytes leftover after parsing attributes in process `syz.0.313'.
[  138.029416][ T7133] netlink: 8 bytes leftover after parsing attributes in process `syz.1.322'.
[  138.162689][ T7142] team_slave_0: entered promiscuous mode
[  138.168779][ T7142] team_slave_1: entered promiscuous mode
[  138.221177][ T7142] vlan2: entered promiscuous mode
[  138.226536][ T7142] team0: entered promiscuous mode
[  139.061478][ T7175] raw_sendmsg: syz.1.331 forgot to set AF_INET. Fix it!
[  139.139333][ T7179] lo speed is unknown, defaulting to 1000
[  139.227512][ T7179] lo speed is unknown, defaulting to 1000
[  139.276768][ T7179] lo speed is unknown, defaulting to 1000
[  139.344366][ T7179] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  139.432933][ T7189] netlink: 20 bytes leftover after parsing attributes in process `syz.2.333'.
[  139.447172][ T7179] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  139.530143][ T7189] netlink: 20 bytes leftover after parsing attributes in process `syz.2.333'.
[  139.650958][ T7179] lo speed is unknown, defaulting to 1000
[  139.658934][ T7179] lo speed is unknown, defaulting to 1000
[  139.670080][ T7179] lo speed is unknown, defaulting to 1000
[  139.679397][ T7179] lo speed is unknown, defaulting to 1000
[  139.689437][ T7179] lo speed is unknown, defaulting to 1000
[  140.053424][ T5873] udevd[5873]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  140.116565][ T5873] udevd[5873]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  140.137487][ T7210] netlink: 332 bytes leftover after parsing attributes in process `syz.0.337'.
[  140.193983][ T7210] netlink: 104 bytes leftover after parsing attributes in process `syz.0.337'.
[  140.234151][ T7210] netlink: 32 bytes leftover after parsing attributes in process `syz.0.337'.
[  140.340218][ T7212] lo speed is unknown, defaulting to 1000
[  140.543093][ T7218] netlink: 3 bytes leftover after parsing attributes in process `syz.0.338'.
[  140.614754][ T7218] batadv1: entered promiscuous mode
[  140.655309][ T7218] batadv1: entered allmulticast mode
[  140.897026][ T7220] tipc: Started in network mode
[  140.908092][ T7220] tipc: Node identity 5e6cd9099891, cluster identity 4711
[  140.959186][ T7220] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  141.007012][ T7224] syzkaller0: entered promiscuous mode
[  141.026348][ T7224] syzkaller0: entered allmulticast mode
[  141.185104][ T7231] tipc: Resetting bearer <eth:syzkaller0>
[  141.265615][ T7219] tipc: Resetting bearer <eth:syzkaller0>
[  141.303539][ T7219] tipc: Disabling bearer <eth:syzkaller0>
[  141.519168][ T7245] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  141.539384][ T7245] syzkaller0: entered promiscuous mode
[  141.549070][ T7245] syzkaller0: entered allmulticast mode
[  141.562926][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.603489][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.646443][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.700630][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.737991][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.757370][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.862668][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.910775][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.940221][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.955297][ T7240] netlink: 4 bytes leftover after parsing attributes in process `syz.0.342'.
[  141.991695][ T7242] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  142.022978][ T7249] tipc: Resetting bearer <eth:syzkaller0>
[  142.167425][ T7259] bridge_slave_0: left allmulticast mode
[  142.175880][ T7259] bridge_slave_0: left promiscuous mode
[  142.182316][ T7259] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.205559][ T7259] bridge_slave_1: left allmulticast mode
[  142.227184][ T7259] bridge_slave_1: left promiscuous mode
[  142.237472][ T7259] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.256227][ T7259] bond0: (slave bond_slave_0): Releasing backup interface
[  142.284893][ T7259] bond0: (slave bond_slave_1): Releasing backup interface
[  142.302946][ T7259] team0: Port device team_slave_0 removed
[  142.316415][ T7259] team0: Port device team_slave_1 removed
[  142.333357][ T7259] bond0: (slave batadv_slave_0): Releasing backup interface
[  142.353628][ T7259] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.363665][ T7259] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.405962][ T7259] bond0: (slave wlan1): Releasing backup interface
[  142.426806][ T7244] tipc: Resetting bearer <eth:syzkaller0>
[  142.473989][ T7244] tipc: Disabling bearer <eth:syzkaller0>
[  142.516453][ T1210] IPVS: starting estimator thread 0...
[  142.681424][ T7276] IPVS: using max 24 ests per chain, 57600 per kthread
[  142.718701][ T7242] tipc: Resetting bearer <eth:syzkaller0>
[  142.784484][ T7238] tipc: Disabling bearer <eth:syzkaller0>
[  142.949107][ T7284] openvswitch: netlink: Message has 1 unknown bytes.
[  142.987197][ T7284] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  143.057069][ T7289] tipc: Started in network mode
[  143.081228][ T7289] tipc: Node identity d6fda3ff1df4, cluster identity 4711
[  143.138422][ T7289] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  143.258004][ T7295] syzkaller0: entered promiscuous mode
[  143.272832][ T7295] syzkaller0: entered allmulticast mode
[  143.340984][ T7301] bond0: entered promiscuous mode
[  143.346084][ T7301] 
: entered promiscuous mode
[  143.388030][ T7301] bond_slave_1: entered promiscuous mode
[  143.410848][ T7301] bond0: left promiscuous mode
[  143.415792][ T7301] 
: left promiscuous mode
[  143.424925][ T7301] bond_slave_1: left promiscuous mode
[  143.543019][ T7303] tipc: Resetting bearer <eth:syzkaller0>
[  143.579673][ T7292] lo speed is unknown, defaulting to 1000
[  143.603570][ T7288] tipc: Resetting bearer <eth:syzkaller0>
[  143.707458][ T7288] tipc: Disabling bearer <eth:syzkaller0>
[  143.967498][ T7315] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  144.325617][ T7339] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 3, id = 0
[  144.806181][ T7354] Bluetooth: MGMT ver 1.23
[  145.366733][ T7372] erspan0: entered promiscuous mode
[  145.377042][ T7372] erspan0: left promiscuous mode
[  146.364607][ T7374] hsr_slave_1 (unregistering): left promiscuous mode
[  146.440699][ T7370] syzkaller1: entered allmulticast mode
[  146.631730][ T7393] __nla_validate_parse: 51 callbacks suppressed
[  146.631750][ T7393] netlink: 68 bytes leftover after parsing attributes in process `syz.0.382'.
[  146.687188][ T7394] netlink: 104 bytes leftover after parsing attributes in process `syz.0.382'.
[  146.728956][ T7396] netlink: 12 bytes leftover after parsing attributes in process `syz.3.383'.
[  146.949291][ T7398] lo speed is unknown, defaulting to 1000
[  147.686688][ T7422] netlink: 4748 bytes leftover after parsing attributes in process `syz.1.392'.
[  147.883547][ T7420] netlink: 'syz.0.391': attribute type 4 has an invalid length.
[  147.925882][ T7428] netlink: 40 bytes leftover after parsing attributes in process `syz.1.394'.
[  147.996302][ T7430] netlink: 4 bytes leftover after parsing attributes in process `syz.2.395'.
[  148.090123][ T7430] hsr_slave_0: left promiscuous mode
[  148.100073][ T7430] hsr_slave_1: left promiscuous mode
[  148.130922][ T7432] netlink: 16 bytes leftover after parsing attributes in process `syz.1.396'.
[  148.177383][ T7432] bond0: entered promiscuous mode
[  148.190550][ T7432] bond_slave_0: entered promiscuous mode
[  148.217546][ T7432] bond_slave_1: entered promiscuous mode
[  148.229354][ T7432] bond0: left promiscuous mode
[  148.240582][ T7432] bond_slave_0: left promiscuous mode
[  148.250947][ T7432] bond_slave_1: left promiscuous mode
[  148.307067][ T7435] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  148.528701][ T7441] netlink: 60 bytes leftover after parsing attributes in process `syz.0.401'.
[  148.854166][ T7454] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  148.964317][ T7463] netlink: 40 bytes leftover after parsing attributes in process `syz.3.405'.
[  148.999923][ T7445] tipc: Resetting bearer <eth:syzkaller0>
[  149.026009][ T7466] openvswitch: netlink: Message has 1 unknown bytes.
[  149.044847][ T7466] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  149.079967][ T7468] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  149.099613][ T7468] syzkaller0: entered promiscuous mode
[  149.145737][ T7468] syzkaller0: entered allmulticast mode
[  149.183387][ T7457] syzkaller0: entered promiscuous mode
[  149.192867][ T7457] syzkaller0: entered allmulticast mode
[  149.236714][ T7442] tipc: Resetting bearer <eth:syzkaller0>
[  149.288319][ T7442] tipc: Disabling bearer <eth:syzkaller0>
[  149.331508][ T7476] tipc: Resetting bearer <eth:syzkaller0>
[  149.481261][ T7467] tipc: Resetting bearer <eth:syzkaller0>
[  149.563843][ T7467] tipc: Disabling bearer <eth:syzkaller0>
[  149.707978][ T7492] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  149.769883][ T7493] netlink: 12 bytes leftover after parsing attributes in process `syz.3.410'.
[  150.204929][ T7508] IPVS: set_ctl: invalid protocol: 0 172.30.0.1:20002
[  150.659324][ T7530] tipc: New replicast peer: 255.255.255.255
[  150.659900][ T7531] netlink: 'syz.0.429': attribute type 10 has an invalid length.
[  150.696832][ T7530] tipc: Enabled bearer <udp:s>, priority 10
[  150.738649][ T7531] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  151.183237][ T7542] openvswitch: netlink: Message has 1 unknown bytes.
[  151.191105][ T7542] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  151.459392][ T7556] lo speed is unknown, defaulting to 1000
[  151.814777][ T6035] tipc: Node number set to 3406406655
[  151.915983][ T5876] udevd[5876]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  152.318184][ T7583] __nla_validate_parse: 5 callbacks suppressed
[  152.318203][ T7583] netlink: 28 bytes leftover after parsing attributes in process `syz.0.442'.
[  152.415234][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.1.444'.
[  152.593761][ T7589] netlink: 'syz.1.446': attribute type 1 has an invalid length.
[  152.630793][ T7589] netlink: 'syz.1.446': attribute type 1 has an invalid length.
[  152.666241][ T7589] netlink: 12 bytes leftover after parsing attributes in process `syz.1.446'.
[  152.736030][ T7589] block nbd0: shutting down sockets
[  152.770096][ T7598] netlink: 104 bytes leftover after parsing attributes in process `syz.0.449'.
[  152.821487][ T7600] netlink: 16 bytes leftover after parsing attributes in process `syz.3.448'.
[  153.064004][ T7607] netlink: 'syz.1.454': attribute type 1 has an invalid length.
[  153.180048][ T7617] netlink: 28 bytes leftover after parsing attributes in process `syz.0.457'.
[  153.268381][ T7607] bond1: entered promiscuous mode
[  153.283460][ T7607] 8021q: adding VLAN 0 to HW filter on device bond1
[  153.491830][ T7615] 8021q: adding VLAN 0 to HW filter on device bond2
[  153.526253][ T7615] bond1: (slave bond2): making interface the new active one
[  153.547190][ T7631] netlink: 'syz.3.460': attribute type 10 has an invalid length.
[  153.558191][ T7615] bond2: entered promiscuous mode
[  153.567875][ T7615] bond1: (slave bond2): Enslaving as an active interface with an up link
[  153.624905][ T7619] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  153.639809][ T7619] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  153.674743][ T7631] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.683142][ T7631] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.702409][ T7631] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.709620][ T7631] bridge0: port 2(bridge_slave_1) entered listening state
[  153.717066][ T7631] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.724252][ T7631] bridge0: port 1(bridge_slave_0) entered listening state
[  153.741059][ T7631] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  153.766393][ T7614] lo speed is unknown, defaulting to 1000
[  153.785202][ T7635] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  153.804025][ T7636] syzkaller0: entered promiscuous mode
[  153.809640][ T7636] syzkaller0: entered allmulticast mode
[  153.959353][ T7635] tipc: Resetting bearer <eth:syzkaller0>
[  154.046180][ T7633] tipc: Resetting bearer <eth:syzkaller0>
[  154.092430][ T7633] tipc: Disabling bearer <eth:syzkaller0>
[  154.621643][ T7657] openvswitch: netlink: Message has 1 unknown bytes.
[  154.645866][ T7657] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  155.457782][ T7691] lo: entered allmulticast mode
[  155.537969][ T7696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.482'.
[  155.607447][ T7690] lo: left allmulticast mode
[  155.656749][ T7699] lo speed is unknown, defaulting to 1000
[  155.714858][ T7700] netlink: 'syz.3.483': attribute type 15 has an invalid length.
[  155.753623][ T7700] netlink: 24 bytes leftover after parsing attributes in process `syz.3.483'.
[  155.772306][ T7704] netlink: 28 bytes leftover after parsing attributes in process `syz.4.485'.
[  156.097448][ T7716] netlink: 8 bytes leftover after parsing attributes in process `syz.4.490'.
[  156.351766][ T7729] netlink: 'syz.2.492': attribute type 10 has an invalid length.
[  156.446829][ T7730] bond3: entered promiscuous mode
[  156.452448][ T7730] 8021q: adding VLAN 0 to HW filter on device bond3
[  156.707874][ T7730] bond3 (unregistering): Released all slaves
[  157.246792][ T7761] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  157.276801][ T7761] syzkaller0: entered promiscuous mode
[  157.315131][ T7761] syzkaller0: entered allmulticast mode
[  157.356185][   T30] audit: type=1800 audit(1757071727.481:4): pid=7767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.507" name="memory.events" dev="tmpfs" ino=498 res=0 errno=0
[  157.476010][ T7769] tipc: Resetting bearer <eth:syzkaller0>
[  157.492904][ T7759] tipc: Resetting bearer <eth:syzkaller0>
[  157.493156][ T7774] __nla_validate_parse: 3 callbacks suppressed
[  157.493173][ T7774] netlink: 28 bytes leftover after parsing attributes in process `syz.0.509'.
[  157.547303][ T7759] tipc: Disabling bearer <eth:syzkaller0>
[  157.876288][ T7786] netlink: 16 bytes leftover after parsing attributes in process `syz.2.515'.
[  158.084768][ T7797] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'.
[  158.475876][ T7813] macvtap0: entered promiscuous mode
[  158.510735][ T7813] macvtap0: entered allmulticast mode
[  158.542895][ T7813] veth0_macvtap: entered allmulticast mode
[  158.605876][ T7813] veth0_to_team: entered promiscuous mode
[  158.613675][ T7813] veth0_to_team: entered allmulticast mode
[  158.677487][ T7818] netlink: 'syz.1.527': attribute type 10 has an invalid length.
[  158.695166][ T7825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.528'.
[  158.710279][ T7818] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  158.971357][ T7834] lo speed is unknown, defaulting to 1000
[  159.848924][ T7868] netlink: 12 bytes leftover after parsing attributes in process `syz.0.541'.
[  159.971625][ T7865] lo speed is unknown, defaulting to 1000
[  160.479941][ T7900] netlink: 'syz.2.550': attribute type 58 has an invalid length.
[  160.559664][ T7900] netlink: 20 bytes leftover after parsing attributes in process `syz.2.550'.
[  160.823877][ T7909] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  160.865544][ T7909] syzkaller0: entered promiscuous mode
[  160.904282][ T7909] syzkaller0: entered allmulticast mode
[  161.006625][ T7911] tipc: Resetting bearer <eth:syzkaller0>
[  161.028361][ T7917] netlink: 'syz.4.555': attribute type 2 has an invalid length.
[  161.104533][ T7917] k›*·: entered promiscuous mode
[  161.140747][ T7906] tipc: Resetting bearer <eth:syzkaller0>
[  161.165395][ T7925] netlink: 24 bytes leftover after parsing attributes in process `syz.3.557'.
[  161.294280][ T7906] tipc: Disabling bearer <eth:syzkaller0>
[  161.322189][ T7934] sctp: [Deprecated]: syz.0.558 (pid 7934) Use of int in maxseg socket option.
[  161.322189][ T7934] Use struct sctp_assoc_value instead
[  161.417963][ T7933] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  161.546100][ T7940] lo speed is unknown, defaulting to 1000
[  161.643745][ T7954] netlink: 8 bytes leftover after parsing attributes in process `syz.1.559'.
[  162.420165][ T7985] tipc: Can't bind to reserved service type 0
[  162.556782][ T7986] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (2878)
[  162.566591][ T7986] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  162.843253][ T7994] netlink: 'syz.1.572': attribute type 12 has an invalid length.
[  162.903182][ T7994] netlink: 248 bytes leftover after parsing attributes in process `syz.1.572'.
[  162.944347][ T7997] lo speed is unknown, defaulting to 1000
[  163.127210][ T8007] netlink: 'syz.3.576': attribute type 2 has an invalid length.
[  163.332181][ T8016] netlink: 'syz.2.578': attribute type 1 has an invalid length.
[  163.438266][ T8018] syzkaller1: entered promiscuous mode
[  163.477889][ T8018] syzkaller1: entered allmulticast mode
[  163.968670][ T8038] netlink: 12 bytes leftover after parsing attributes in process `syz.2.586'.
[  164.577172][ T8053] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  164.616787][ T8054] IPVS: set_ctl: invalid protocol: 33 127.0.0.1:20000
[  164.674213][ T8058] netlink: 20 bytes leftover after parsing attributes in process `syz.0.592'.
[  165.077567][ T8069] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  165.092127][ T8069] syzkaller0: entered promiscuous mode
[  165.106142][ T8069] syzkaller0: entered allmulticast mode
[  165.148840][ T8069] tipc: Resetting bearer <eth:syzkaller0>
[  165.181018][ T8068] tipc: Resetting bearer <eth:syzkaller0>
[  165.209085][ T8068] tipc: Disabling bearer <eth:syzkaller0>
[  165.386535][ T8079] netlink: 'syz.0.600': attribute type 13 has an invalid length.
[  165.410028][ T8079] netlink: 16 bytes leftover after parsing attributes in process `syz.0.600'.
[  165.502055][ T8082] !
: renamed from dummy0 (while UP)
[  165.714568][ T8050] netlink: 40 bytes leftover after parsing attributes in process `syz.2.589'.
[  165.755778][ T8050] xt_policy: too many policy elements
[  165.832890][ T8082] lo speed is unknown, defaulting to 1000
[  166.424781][   T30] audit: type=1107 audit(1757071736.571:5): pid=8102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='Xëg¥b'
[  166.538102][ T8103] bond0: option ad_select: unable to set because the bond device is up
[  166.631891][ T8109] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  166.659013][ T8109] syzkaller0: entered promiscuous mode
[  166.669984][ T8113] netlink: 16 bytes leftover after parsing attributes in process `syz.2.612'.
[  166.680247][ T8109] syzkaller0: entered allmulticast mode
[  166.750203][ T8113] bond0: entered promiscuous mode
[  166.755789][ T8113] bond_slave_0: entered promiscuous mode
[  166.772699][ T8113] bond0: left promiscuous mode
[  166.777629][ T8113] bond_slave_0: left promiscuous mode
[  166.955992][ T8119] tipc: Resetting bearer <eth:syzkaller0>
[  167.013845][ T8107] tipc: Resetting bearer <eth:syzkaller0>
[  167.085155][ T8107] tipc: Disabling bearer <eth:syzkaller0>
[  167.826542][ T8157] netlink: 16 bytes leftover after parsing attributes in process `syz.2.625'.
[  168.486412][ T8192] lo speed is unknown, defaulting to 1000
[  168.841071][    C0] bridge0: port 1(bridge_slave_0) entered learning state
[  168.849068][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  168.851344][ T8208] netlink: 'syz.3.637': attribute type 1 has an invalid length.
[  168.972272][ T8212] netlink: ct family unspecified
[  169.020710][ T8212] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  169.225370][ T8208] 8021q: adding VLAN 0 to HW filter on device bond4
[  169.311728][ T8208] netlink: 28 bytes leftover after parsing attributes in process `syz.3.637'.
[  169.327747][ T8212] 8021q: adding VLAN 0 to HW filter on device bond4
[  169.336061][ T8212] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  169.353566][ T8212] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  169.503851][ T8223] veth3: entered promiscuous mode
[  169.531824][ T8223] bond4: (slave veth3): Enslaving as an active interface with a down link
[  169.831742][ T8236] netlink: 8 bytes leftover after parsing attributes in process `syz.0.645'.
[  169.879772][ T8239] netlink: 'syz.4.646': attribute type 3 has an invalid length.
[  170.243365][ T8252] geneve2: entered promiscuous mode
[  170.865334][ T8268] lo speed is unknown, defaulting to 1000
[  171.397449][ T8295] netlink: 16 bytes leftover after parsing attributes in process `syz.2.659'.
[  171.589277][ T8300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.659'.
[  171.694668][ T8298] lo speed is unknown, defaulting to 1000
[  171.785592][ T8310] netlink: 16 bytes leftover after parsing attributes in process `syz.1.664'.
[  172.152525][ T8320] netlink: 12 bytes leftover after parsing attributes in process `syz.3.668'.
[  172.393595][ T8327] lo speed is unknown, defaulting to 1000
[  172.440087][ T8332] netlink: 'syz.2.669': attribute type 1 has an invalid length.
[  172.590336][ T8339] netlink: 32 bytes leftover after parsing attributes in process `syz.3.670'.
[  172.696651][ T8332] bond1: entered promiscuous mode
[  172.706541][ T8332] 8021q: adding VLAN 0 to HW filter on device bond1
[  172.832801][ T8333] 8021q: adding VLAN 0 to HW filter on device bond2
[  172.848825][ T8333] bond1: (slave bond2): making interface the new active one
[  172.871475][ T8333] bond2: entered promiscuous mode
[  172.877806][ T8333] bond1: (slave bond2): Enslaving as an active interface with an up link
[  172.938380][ T8338] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  172.981100][ T8338] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  173.562305][ T8365] netlink: 44 bytes leftover after parsing attributes in process `syz.3.677'.
[  174.299579][ T8398] netlink: 8 bytes leftover after parsing attributes in process `syz.4.688'.
[  175.037279][ T8424] netlink: 16 bytes leftover after parsing attributes in process `syz.2.697'.
[  175.373193][ T8439] netlink: 48 bytes leftover after parsing attributes in process `syz.1.705'.
[  176.398716][ T8442] workqueue: name exceeds WQ_NAME_LEN. Truncating to: žÀ^–>º>ùMv^µ
â侦¸ÑKc'A¥»–
[  176.435400][ T8462] vlan2: entered promiscuous mode
[  176.446084][ T8462] macvtap0: entered promiscuous mode
[  176.592995][ T8474] netlink: 36 bytes leftover after parsing attributes in process `syz.1.707'.
[  176.718766][ T8480] netlink: 244 bytes leftover after parsing attributes in process `syz.4.709'.
[  176.944884][ T8491] netlink: 'syz.3.713': attribute type 1 has an invalid length.
[  177.023915][ T8491] bond5: entered promiscuous mode
[  177.029810][ T8491] 8021q: adding VLAN 0 to HW filter on device bond5
[  177.138693][ T8500] 8021q: adding VLAN 0 to HW filter on device bond6
[  177.149730][ T8500] bond5: (slave bond6): making interface the new active one
[  177.157586][ T8500] bond6: entered promiscuous mode
[  177.174760][ T8500] bond5: (slave bond6): Enslaving as an active interface with an up link
[  177.236608][ T8491] bond5: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  177.256394][ T8491] bond5: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  177.285982][ T8499] pim6reg1: entered promiscuous mode
[  177.292394][ T8499] pim6reg1: entered allmulticast mode
[  177.546482][ T8519] netlink: 12 bytes leftover after parsing attributes in process `syz.1.718'.
[  177.794175][ T8528] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  177.822143][ T8528] syzkaller0: entered promiscuous mode
[  177.828534][ T8528] syzkaller0: entered allmulticast mode
[  177.894233][ T8528] tipc: Resetting bearer <eth:syzkaller0>
[  177.929013][ T8525] tipc: Resetting bearer <eth:syzkaller0>
[  178.049097][ T8525] tipc: Disabling bearer <eth:syzkaller0>
[  178.591380][ T8557] tipc: Cannot configure node identity twice
[  178.608593][ T8559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.732'.
[  178.666946][ T8559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.732'.
[  178.717390][ T8564] netlink: 24 bytes leftover after parsing attributes in process `syz.4.734'.
[  178.769050][ T8568] netlink: 'syz.4.734': attribute type 10 has an invalid length.
[  178.886332][ T8572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.736'.
[  178.892879][ T8568] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  179.398109][ T8593] FAULT_INJECTION: forcing a failure.
[  179.398109][ T8593] name failslab, interval 1, probability 0, space 0, times 0
[  179.451090][ T8593] CPU: 0 UID: 0 PID: 8593 Comm: syz.2.743 Not tainted syzkaller #0 PREEMPT(full) 
[  179.451117][ T8593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.451129][ T8593] Call Trace:
[  179.451138][ T8593]  <TASK>
[  179.451147][ T8593]  dump_stack_lvl+0x189/0x250
[  179.451178][ T8593]  ? __pfx____ratelimit+0x10/0x10
[  179.451201][ T8593]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.451227][ T8593]  ? __pfx__printk+0x10/0x10
[  179.451271][ T8593]  ? __pfx___might_resched+0x10/0x10
[  179.451297][ T8593]  should_fail_ex+0x414/0x560
[  179.451331][ T8593]  should_failslab+0xa8/0x100
[  179.451364][ T8593]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  179.451394][ T8593]  ? __alloc_skb+0x112/0x2d0
[  179.451420][ T8593]  __alloc_skb+0x112/0x2d0
[  179.451446][ T8593]  netlink_sendmsg+0x5c6/0xb30
[  179.451479][ T8593]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.451504][ T8593]  ? aa_sock_msg_perm+0xf1/0x1d0
[  179.451526][ T8593]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  179.451548][ T8593]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.451571][ T8593]  __sock_sendmsg+0x21c/0x270
[  179.451604][ T8593]  ____sys_sendmsg+0x505/0x830
[  179.451634][ T8593]  ? __pfx_____sys_sendmsg+0x10/0x10
[  179.451669][ T8593]  ? import_iovec+0x74/0xa0
[  179.451697][ T8593]  ___sys_sendmsg+0x21f/0x2a0
[  179.451724][ T8593]  ? __pfx____sys_sendmsg+0x10/0x10
[  179.451787][ T8593]  ? __fget_files+0x2a/0x420
[  179.451805][ T8593]  ? __fget_files+0x3a0/0x420
[  179.451834][ T8593]  __x64_sys_sendmsg+0x19b/0x260
[  179.451862][ T8593]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  179.451896][ T8593]  ? __pfx_ksys_write+0x10/0x10
[  179.451920][ T8593]  ? rcu_is_watching+0x15/0xb0
[  179.451947][ T8593]  ? do_syscall_64+0xbe/0x3b0
[  179.451974][ T8593]  do_syscall_64+0xfa/0x3b0
[  179.451995][ T8593]  ? lockdep_hardirqs_on+0x9c/0x150
[  179.452016][ T8593]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.452036][ T8593]  ? clear_bhb_loop+0x60/0xb0
[  179.452060][ T8593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.452080][ T8593] RIP: 0033:0x7faceb18ebe9
[  179.452097][ T8593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.452113][ T8593] RSP: 002b:00007facec0a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.452135][ T8593] RAX: ffffffffffffffda RBX: 00007faceb3c5fa0 RCX: 00007faceb18ebe9
[  179.452150][ T8593] RDX: 0000000000040000 RSI: 0000200000000180 RDI: 0000000000000006
[  179.452163][ T8593] RBP: 00007facec0a0090 R08: 0000000000000000 R09: 0000000000000000
[  179.452175][ T8593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.452186][ T8593] R13: 00007faceb3c6038 R14: 00007faceb3c5fa0 R15: 00007ffd34e491c8
[  179.452218][ T8593]  </TASK>
[  179.855266][ T8608] netlink: 36 bytes leftover after parsing attributes in process `syz.3.747'.
[  180.124361][ T8619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.746'.
[  180.507063][ T8634] netlink: 28 bytes leftover after parsing attributes in process `syz.3.756'.
[  180.625464][ T8641] netlink: 4748 bytes leftover after parsing attributes in process `syz.2.759'.
[  180.637383][ T8638] netlink: 'syz.1.758': attribute type 10 has an invalid length.
[  180.690486][ T8638] netlink: 40 bytes leftover after parsing attributes in process `syz.1.758'.
[  180.790159][ T8638] team0: Port device geneve0 added
[  180.807665][ T8645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.760'.
[  180.909508][ T8651] netlink: 24 bytes leftover after parsing attributes in process `syz.4.763'.
[  181.057847][ T8651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.763'.
[  181.077668][ T8653] lo speed is unknown, defaulting to 1000
[  181.562569][ T8682] netlink: 24 bytes leftover after parsing attributes in process `syz.2.771'.
[  181.759550][ T8688] netlink: 8 bytes leftover after parsing attributes in process `syz.4.776'.
[  182.036366][ T8702] netlink: 8 bytes leftover after parsing attributes in process `syz.1.782'.
[  182.091493][ T8704] sctp: [Deprecated]: syz.4.780 (pid 8704) Use of struct sctp_assoc_value in delayed_ack socket option.
[  182.091493][ T8704] Use struct sctp_sack_info instead
[  182.534265][ T8717] can: request_module (can-proto-5) failed.
[  183.508715][ T8766] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  183.593781][ T5873] udevd[5873]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  183.603915][ T8766] syzkaller0: entered promiscuous mode
[  183.624169][ T8766] syzkaller0: entered allmulticast mode
[  183.653389][ T5873] udevd[5873]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  183.752254][ T8769] tipc: Resetting bearer <eth:syzkaller0>
[  183.790792][ T8764] tipc: Resetting bearer <eth:syzkaller0>
[  183.847742][ T8779] netlink: 'syz.3.809': attribute type 12 has an invalid length.
[  183.856666][ T8764] tipc: Disabling bearer <eth:syzkaller0>
[  183.944926][ T8782] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  184.003742][ T8775] syzkaller0: entered promiscuous mode
[  184.009965][ T8775] syzkaller0: entered allmulticast mode
[  184.066110][ T8775] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  184.175971][ T8782] netlink: 'syz.2.808': attribute type 9 has an invalid length.
[  184.201491][    C0] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.208779][    C0] bridge0: topology change detected, propagating
[  184.215580][    C0] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.222897][    C0] bridge0: topology change detected, propagating
[  184.251263][ T8781] tipc: Resetting bearer <eth:syzkaller0>
[  184.494814][ T8810] lo: entered allmulticast mode
[  184.531703][ T8774] tipc: Resetting bearer <eth:syzkaller0>
[  184.645101][ T8774] tipc: Disabling bearer <eth:syzkaller0>
[  184.844801][ T8808] lo: left allmulticast mode
[  185.023209][ T8795] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  185.379756][ T8854] __nla_validate_parse: 9 callbacks suppressed
[  185.379776][ T8854] netlink: 8 bytes leftover after parsing attributes in process `syz.3.828'.
[  185.529656][ T8860] netlink: 32 bytes leftover after parsing attributes in process `syz.0.830'.
[  186.037001][ T8880] IPVS: set_ctl: invalid protocol: 44 224.0.0.2:20001
[  186.039587][ T8881] FAULT_INJECTION: forcing a failure.
[  186.039587][ T8881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.075947][ T8881] CPU: 1 UID: 0 PID: 8881 Comm: syz.1.838 Not tainted syzkaller #0 PREEMPT(full) 
[  186.075991][ T8881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  186.076012][ T8881] Call Trace:
[  186.076026][ T8881]  <TASK>
[  186.076041][ T8881]  dump_stack_lvl+0x189/0x250
[  186.076088][ T8881]  ? __pfx____ratelimit+0x10/0x10
[  186.076127][ T8881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.076171][ T8881]  ? __pfx__printk+0x10/0x10
[  186.076221][ T8881]  ? __might_fault+0xb0/0x130
[  186.076296][ T8881]  should_fail_ex+0x414/0x560
[  186.076356][ T8881]  _copy_from_iter+0x1de/0x1790
[  186.076402][ T8881]  ? rcu_is_watching+0x15/0xb0
[  186.076424][ T8881]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  186.076453][ T8881]  ? __pfx__copy_from_iter+0x10/0x10
[  186.076476][ T8881]  ? __build_skb_around+0x257/0x3e0
[  186.076501][ T8881]  ? netlink_sendmsg+0x642/0xb30
[  186.076520][ T8881]  ? skb_put+0x11b/0x210
[  186.076546][ T8881]  netlink_sendmsg+0x6b2/0xb30
[  186.076578][ T8881]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.076604][ T8881]  ? aa_sock_msg_perm+0xf1/0x1d0
[  186.076626][ T8881]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  186.076647][ T8881]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.076670][ T8881]  __sock_sendmsg+0x21c/0x270
[  186.076704][ T8881]  ____sys_sendmsg+0x505/0x830
[  186.076735][ T8881]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.076770][ T8881]  ? import_iovec+0x74/0xa0
[  186.076798][ T8881]  ___sys_sendmsg+0x21f/0x2a0
[  186.076825][ T8881]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.076890][ T8881]  ? __fget_files+0x2a/0x420
[  186.076907][ T8881]  ? __fget_files+0x3a0/0x420
[  186.076936][ T8881]  __x64_sys_sendmsg+0x19b/0x260
[  186.076963][ T8881]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  186.076999][ T8881]  ? __pfx_ksys_write+0x10/0x10
[  186.077023][ T8881]  ? rcu_is_watching+0x15/0xb0
[  186.077049][ T8881]  ? do_syscall_64+0xbe/0x3b0
[  186.077076][ T8881]  do_syscall_64+0xfa/0x3b0
[  186.077097][ T8881]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.077117][ T8881]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.077137][ T8881]  ? clear_bhb_loop+0x60/0xb0
[  186.077161][ T8881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.077181][ T8881] RIP: 0033:0x7efec318ebe9
[  186.077198][ T8881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.077214][ T8881] RSP: 002b:00007efec3f92038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.077235][ T8881] RAX: ffffffffffffffda RBX: 00007efec33c5fa0 RCX: 00007efec318ebe9
[  186.077249][ T8881] RDX: 0000000000040000 RSI: 0000200000000180 RDI: 0000000000000006
[  186.077262][ T8881] RBP: 00007efec3f92090 R08: 0000000000000000 R09: 0000000000000000
[  186.077274][ T8881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.077285][ T8881] R13: 00007efec33c6038 R14: 00007efec33c5fa0 R15: 00007ffe14c8d918
[  186.077318][ T8881]  </TASK>
[  186.440258][ T8888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.840'.
[  186.569818][ T8895] FAULT_INJECTION: forcing a failure.
[  186.569818][ T8895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.571401][ T8888] erspan0: entered promiscuous mode
[  186.583287][ T8895] CPU: 1 UID: 0 PID: 8895 Comm: syz.1.842 Not tainted syzkaller #0 PREEMPT(full) 
[  186.583317][ T8895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  186.583329][ T8895] Call Trace:
[  186.583338][ T8895]  <TASK>
[  186.583346][ T8895]  dump_stack_lvl+0x189/0x250
[  186.583377][ T8895]  ? __pfx____ratelimit+0x10/0x10
[  186.583400][ T8895]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.583423][ T8895]  ? __pfx__printk+0x10/0x10
[  186.583471][ T8895]  should_fail_ex+0x414/0x560
[  186.583502][ T8895]  _copy_from_user+0x2d/0xb0
[  186.583533][ T8895]  sctp_setsockopt+0x19f/0x1200
[  186.583561][ T8895]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  186.583603][ T8895]  do_sock_setsockopt+0x179/0x1b0
[  186.583633][ T8895]  __x64_sys_setsockopt+0x13f/0x1b0
[  186.583666][ T8895]  do_syscall_64+0xfa/0x3b0
[  186.583691][ T8895]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.583715][ T8895]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.583737][ T8895]  ? clear_bhb_loop+0x60/0xb0
[  186.583764][ T8895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.583786][ T8895] RIP: 0033:0x7efec318ebe9
[  186.583807][ T8895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.583825][ T8895] RSP: 002b:00007efec3f92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  186.583850][ T8895] RAX: ffffffffffffffda RBX: 00007efec33c5fa0 RCX: 00007efec318ebe9
[  186.583867][ T8895] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000005
[  186.583881][ T8895] RBP: 00007efec3f92090 R08: 000000000001000f R09: 0000000000000000
[  186.583894][ T8895] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  186.583908][ T8895] R13: 00007efec33c6038 R14: 00007efec33c5fa0 R15: 00007ffe14c8d918
[  186.583963][ T8895]  </TASK>
[  186.819567][ T8888] erspan0: left promiscuous mode
[  186.931052][ T8905] netlink: 48 bytes leftover after parsing attributes in process `syz.1.843'.
[  186.960000][ T8902] netlink: 12 bytes leftover after parsing attributes in process `syz.1.843'.
[  187.323559][ T8926] netlink: 28 bytes leftover after parsing attributes in process `syz.4.849'.
[  187.362281][ T8925] openvswitch: netlink: Key type 69 is out of range max 32
[  187.386823][ T8928] FAULT_INJECTION: forcing a failure.
[  187.386823][ T8928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.438366][ T8928] CPU: 0 UID: 0 PID: 8928 Comm: syz.2.846 Not tainted syzkaller #0 PREEMPT(full) 
[  187.438394][ T8928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  187.438407][ T8928] Call Trace:
[  187.438415][ T8928]  <TASK>
[  187.438424][ T8928]  dump_stack_lvl+0x189/0x250
[  187.438456][ T8928]  ? __pfx____ratelimit+0x10/0x10
[  187.438479][ T8928]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.438504][ T8928]  ? __pfx__printk+0x10/0x10
[  187.438533][ T8928]  ? __might_fault+0xb0/0x130
[  187.438574][ T8928]  should_fail_ex+0x414/0x560
[  187.438608][ T8928]  _copy_to_iter+0x1de/0x1790
[  187.438636][ T8928]  ? __lock_acquire+0xab9/0xd20
[  187.438674][ T8928]  ? __pfx__copy_to_iter+0x10/0x10
[  187.438695][ T8928]  ? __lock_acquire+0xab9/0xd20
[  187.438739][ T8928]  __skb_datagram_iter+0x41a/0x990
[  187.438769][ T8928]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  187.438806][ T8928]  skb_copy_datagram_iter+0xc5/0x230
[  187.438838][ T8928]  mptcp_recvmsg+0x57a/0x25d0
[  187.438902][ T8928]  ? __lock_acquire+0xab9/0xd20
[  187.438932][ T8928]  ? __pfx_mptcp_recvmsg+0x10/0x10
[  187.438967][ T8928]  ? aa_sk_perm+0x81e/0x950
[  187.438997][ T8928]  ? sock_rps_record_flow+0x19/0x410
[  187.439029][ T8928]  ? __pfx_mptcp_recvmsg+0x10/0x10
[  187.439049][ T8928]  inet_recvmsg+0x24a/0x250
[  187.439082][ T8928]  ? __pfx_inet_recvmsg+0x10/0x10
[  187.439115][ T8928]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  187.439137][ T8928]  ? security_socket_recvmsg+0x7e/0x2e0
[  187.439164][ T8928]  sock_recvmsg+0x1a8/0x270
[  187.439199][ T8928]  __sys_recvfrom+0x1f6/0x340
[  187.439231][ T8928]  ? __pfx___sys_recvfrom+0x10/0x10
[  187.439251][ T8928]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  187.439289][ T8928]  ? __fget_files+0x3a0/0x420
[  187.439320][ T8928]  ? ksys_write+0x22a/0x250
[  187.439350][ T8928]  ? __pfx_ksys_write+0x10/0x10
[  187.439374][ T8928]  ? rcu_is_watching+0x15/0xb0
[  187.439401][ T8928]  __x64_sys_recvfrom+0xde/0x100
[  187.439427][ T8928]  do_syscall_64+0xfa/0x3b0
[  187.439450][ T8928]  ? lockdep_hardirqs_on+0x9c/0x150
[  187.439471][ T8928]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.439491][ T8928]  ? clear_bhb_loop+0x60/0xb0
[  187.439516][ T8928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.439535][ T8928] RIP: 0033:0x7faceb18ebe9
[  187.439553][ T8928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.439569][ T8928] RSP: 002b:00007facec07f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  187.439591][ T8928] RAX: ffffffffffffffda RBX: 00007faceb3c6090 RCX: 00007faceb18ebe9
[  187.439605][ T8928] RDX: fffffffffffffecb RSI: 0000200000000180 RDI: 0000000000000005
[  187.439618][ T8928] RBP: 00007facec07f090 R08: 0000000000000000 R09: 0000000000000000
[  187.439630][ T8928] R10: 0000000000004100 R11: 0000000000000246 R12: 0000000000000001
[  187.439642][ T8928] R13: 00007faceb3c6128 R14: 00007faceb3c6090 R15: 00007ffd34e491c8
[  187.439676][ T8928]  </TASK>
[  187.753172][ T8936] lo speed is unknown, defaulting to 1000
[  187.831508][ T8939] netlink: 'syz.0.852': attribute type 15 has an invalid length.
[  187.924962][ T8937] IPVS: set_ctl: invalid protocol: 115 172.20.20.187:20000
[  188.227195][ T8954] lo speed is unknown, defaulting to 1000
[  188.615759][ T8975] netlink: 32 bytes leftover after parsing attributes in process `syz.2.860'.
[  188.864146][ T8979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.861'.
[  188.884200][ T8990] FAULT_INJECTION: forcing a failure.
[  188.884200][ T8990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.928235][ T8982] lo speed is unknown, defaulting to 1000
[  188.949693][ T8990] CPU: 1 UID: 0 PID: 8990 Comm: syz.0.863 Not tainted syzkaller #0 PREEMPT(full) 
[  188.949721][ T8990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  188.949733][ T8990] Call Trace:
[  188.949741][ T8990]  <TASK>
[  188.949750][ T8990]  dump_stack_lvl+0x189/0x250
[  188.949778][ T8990]  ? __pfx____ratelimit+0x10/0x10
[  188.949801][ T8990]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.949825][ T8990]  ? __pfx__printk+0x10/0x10
[  188.949854][ T8990]  ? __might_fault+0xb0/0x130
[  188.949893][ T8990]  should_fail_ex+0x414/0x560
[  188.949927][ T8990]  _copy_from_iter+0x1de/0x1790
[  188.949956][ T8990]  ? rcu_is_watching+0x15/0xb0
[  188.949978][ T8990]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  188.950009][ T8990]  ? __pfx__copy_from_iter+0x10/0x10
[  188.950032][ T8990]  ? __build_skb_around+0x257/0x3e0
[  188.950058][ T8990]  ? netlink_sendmsg+0x642/0xb30
[  188.950086][ T8990]  ? skb_put+0x11b/0x210
[  188.950112][ T8990]  netlink_sendmsg+0x6b2/0xb30
[  188.950144][ T8990]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.950169][ T8990]  ? aa_sock_msg_perm+0xf1/0x1d0
[  188.950191][ T8990]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  188.950213][ T8990]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.950235][ T8990]  __sock_sendmsg+0x21c/0x270
[  188.950269][ T8990]  ____sys_sendmsg+0x505/0x830
[  188.950300][ T8990]  ? __pfx_____sys_sendmsg+0x10/0x10
[  188.950334][ T8990]  ? import_iovec+0x74/0xa0
[  188.950367][ T8990]  ___sys_sendmsg+0x21f/0x2a0
[  188.950394][ T8990]  ? __pfx____sys_sendmsg+0x10/0x10
[  188.950458][ T8990]  ? __fget_files+0x2a/0x420
[  188.950475][ T8990]  ? __fget_files+0x3a0/0x420
[  188.950503][ T8990]  __x64_sys_sendmsg+0x19b/0x260
[  188.950529][ T8990]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  188.950563][ T8990]  ? __pfx_ksys_write+0x10/0x10
[  188.950597][ T8990]  ? do_syscall_64+0xbe/0x3b0
[  188.950624][ T8990]  do_syscall_64+0xfa/0x3b0
[  188.950646][ T8990]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.950665][ T8990]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  188.950684][ T8990]  ? clear_bhb_loop+0x60/0xb0
[  188.950708][ T8990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.950727][ T8990] RIP: 0033:0x7fcedcd8ebe9
[  188.950746][ T8990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.950762][ T8990] RSP: 002b:00007fceddc9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.950783][ T8990] RAX: ffffffffffffffda RBX: 00007fcedcfc5fa0 RCX: 00007fcedcd8ebe9
[  188.950797][ T8990] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000008
[  188.950809][ T8990] RBP: 00007fceddc9a090 R08: 0000000000000000 R09: 0000000000000000
[  188.950821][ T8990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.950833][ T8990] R13: 00007fcedcfc6038 R14: 00007fcedcfc5fa0 R15: 00007ffd189a84a8
[  188.950864][ T8990]  </TASK>
[  190.014188][ T9031] macvlan2: entered allmulticast mode
[  190.050625][ T9031] veth1_vlan: entered allmulticast mode
[  190.102564][ T9031] veth1_vlan: left allmulticast mode
[  190.832768][ T9047] vxcan1: entered allmulticast mode
[  190.843443][ T9050] vxcan1: left allmulticast mode
[  191.418185][ T9082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.886'.
[  191.458207][ T9082] netlink: 12 bytes leftover after parsing attributes in process `syz.0.886'.
[  191.742516][ T9097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.891'.
[  191.782925][ T9097] : renamed from veth0_to_bond (while UP)
[  191.960520][ T9108] FAULT_INJECTION: forcing a failure.
[  191.960520][ T9108] name failslab, interval 1, probability 0, space 0, times 0
[  191.998272][ T9108] CPU: 0 UID: 0 PID: 9108 Comm: syz.4.895 Not tainted syzkaller #0 PREEMPT(full) 
[  191.998301][ T9108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  191.998314][ T9108] Call Trace:
[  191.998322][ T9108]  <TASK>
[  191.998330][ T9108]  dump_stack_lvl+0x189/0x250
[  191.998361][ T9108]  ? __pfx____ratelimit+0x10/0x10
[  191.998384][ T9108]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.998409][ T9108]  ? __pfx__printk+0x10/0x10
[  191.998452][ T9108]  should_fail_ex+0x414/0x560
[  191.998487][ T9108]  should_failslab+0xa8/0x100
[  191.998519][ T9108]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  191.998549][ T9108]  ? __alloc_skb+0x112/0x2d0
[  191.998575][ T9108]  __alloc_skb+0x112/0x2d0
[  191.998601][ T9108]  _sctp_make_chunk+0x5e/0x430
[  191.998630][ T9108]  sctp_make_strreset_req+0xef/0x620
[  191.998666][ T9108]  ? __pfx_sctp_make_strreset_req+0x10/0x10
[  191.998700][ T9108]  ? sctp_send_reset_streams+0x37c/0xd90
[  191.998736][ T9108]  sctp_send_reset_streams+0x727/0xd90
[  191.998781][ T9108]  sctp_setsockopt+0x98b/0x1200
[  191.998806][ T9108]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  191.998841][ T9108]  do_sock_setsockopt+0x179/0x1b0
[  191.998870][ T9108]  __x64_sys_setsockopt+0x13f/0x1b0
[  191.998900][ T9108]  do_syscall_64+0xfa/0x3b0
[  191.998925][ T9108]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.998944][ T9108]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  191.998964][ T9108]  ? clear_bhb_loop+0x60/0xb0
[  191.998989][ T9108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.999009][ T9108] RIP: 0033:0x7f471598ebe9
[  191.999027][ T9108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.999133][ T9108] RSP: 002b:00007f47167a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  191.999158][ T9108] RAX: ffffffffffffffda RBX: 00007f4715bc5fa0 RCX: 00007f471598ebe9
[  191.999173][ T9108] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000005
[  191.999184][ T9108] RBP: 00007f47167a3090 R08: 000000000001000f R09: 0000000000000000
[  191.999196][ T9108] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  191.999209][ T9108] R13: 00007f4715bc6038 R14: 00007f4715bc5fa0 R15: 00007fff89503f38
[  191.999245][ T9108]  </TASK>
[  192.407724][ T9116] netlink: 'syz.1.896': attribute type 16 has an invalid length.
[  192.444077][ T9116] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.896'.
[  192.469621][ T9117] netlink: 8 bytes leftover after parsing attributes in process `syz.3.900'.
[  192.532920][ T9117] erspan0: entered promiscuous mode
[  192.568232][ T9117] erspan0: left promiscuous mode
[  192.576124][ T9124] netlink: 'syz.1.901': attribute type 10 has an invalid length.
[  192.596805][ T9124] netlink: 40 bytes leftover after parsing attributes in process `syz.1.901'.
[  192.850764][ T9134] netlink: 'syz.1.903': attribute type 4 has an invalid length.
[  193.052888][ T9142] netlink: 36 bytes leftover after parsing attributes in process `syz.3.904'.
[  193.141267][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.4.908'.
[  193.155292][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.4.908'.
[  193.210776][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.4.908'.
[  193.551648][ T9161] sctp: [Deprecated]: syz.4.914 (pid 9161) Use of int in max_burst socket option.
[  193.551648][ T9161] Use struct sctp_assoc_value instead
[  194.157107][ T9179] FAULT_INJECTION: forcing a failure.
[  194.157107][ T9179] name failslab, interval 1, probability 0, space 0, times 0
[  194.230737][ T9179] CPU: 1 UID: 0 PID: 9179 Comm: syz.1.920 Not tainted syzkaller #0 PREEMPT(full) 
[  194.230766][ T9179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  194.230778][ T9179] Call Trace:
[  194.230787][ T9179]  <TASK>
[  194.230796][ T9179]  dump_stack_lvl+0x189/0x250
[  194.230834][ T9179]  ? __pfx____ratelimit+0x10/0x10
[  194.230857][ T9179]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.230880][ T9179]  ? __pfx__printk+0x10/0x10
[  194.230911][ T9179]  ? __lock_acquire+0xab9/0xd20
[  194.230951][ T9179]  should_fail_ex+0x414/0x560
[  194.230984][ T9179]  should_failslab+0xa8/0x100
[  194.231016][ T9179]  kmem_cache_alloc_noprof+0x73/0x3c0
[  194.231042][ T9179]  ? skb_clone+0x212/0x3a0
[  194.231072][ T9179]  skb_clone+0x212/0x3a0
[  194.231100][ T9179]  __netlink_deliver_tap+0x404/0x850
[  194.231136][ T9179]  ? netlink_deliver_tap+0x2e/0x1b0
[  194.231158][ T9179]  netlink_deliver_tap+0x19c/0x1b0
[  194.231180][ T9179]  netlink_unicast+0x7fa/0x9e0
[  194.231221][ T9179]  ? __pfx_netlink_unicast+0x10/0x10
[  194.231254][ T9179]  ? netlink_sendmsg+0x642/0xb30
[  194.231273][ T9179]  ? skb_put+0x11b/0x210
[  194.231298][ T9179]  netlink_sendmsg+0x805/0xb30
[  194.231330][ T9179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.231355][ T9179]  ? aa_sock_msg_perm+0xf1/0x1d0
[  194.231376][ T9179]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  194.231398][ T9179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.231420][ T9179]  __sock_sendmsg+0x21c/0x270
[  194.231454][ T9179]  ____sys_sendmsg+0x505/0x830
[  194.231485][ T9179]  ? __pfx_____sys_sendmsg+0x10/0x10
[  194.231520][ T9179]  ? import_iovec+0x74/0xa0
[  194.231549][ T9179]  ___sys_sendmsg+0x21f/0x2a0
[  194.231576][ T9179]  ? __pfx____sys_sendmsg+0x10/0x10
[  194.231642][ T9179]  ? __fget_files+0x2a/0x420
[  194.231659][ T9179]  ? __fget_files+0x3a0/0x420
[  194.231688][ T9179]  __x64_sys_sendmsg+0x19b/0x260
[  194.231716][ T9179]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  194.231751][ T9179]  ? __pfx_ksys_write+0x10/0x10
[  194.231776][ T9179]  ? rcu_is_watching+0x15/0xb0
[  194.231802][ T9179]  ? do_syscall_64+0xbe/0x3b0
[  194.231835][ T9179]  do_syscall_64+0xfa/0x3b0
[  194.231855][ T9179]  ? lockdep_hardirqs_on+0x9c/0x150
[  194.231876][ T9179]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.231895][ T9179]  ? clear_bhb_loop+0x60/0xb0
[  194.231920][ T9179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.231939][ T9179] RIP: 0033:0x7efec318ebe9
[  194.231958][ T9179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.231974][ T9179] RSP: 002b:00007efec3f92038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.231995][ T9179] RAX: ffffffffffffffda RBX: 00007efec33c5fa0 RCX: 00007efec318ebe9
[  194.232010][ T9179] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000008
[  194.232022][ T9179] RBP: 00007efec3f92090 R08: 0000000000000000 R09: 0000000000000000
[  194.232034][ T9179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.232046][ T9179] R13: 00007efec33c6038 R14: 00007efec33c5fa0 R15: 00007ffe14c8d918
[  194.232078][ T9179]  </TASK>
[  194.590929][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.597481][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  196.227795][ T9259] netlink: 'syz.2.948': attribute type 2 has an invalid length.
[  196.304716][ T9259] bridge_slave_0: left allmulticast mode
[  196.341383][ T9259] bridge_slave_0: left promiscuous mode
[  196.352986][ T9259] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.404446][ T9259] bridge_slave_1: left allmulticast mode
[  196.437054][ T9259] bridge_slave_1: left promiscuous mode
[  196.481178][ T9259] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.589967][ T9259] bond0: (slave bond_slave_0): Releasing backup interface
[  196.714677][ T9259] team0: Port device team_slave_0 removed
[  196.737088][ T9277] netlink: 'syz.3.954': attribute type 10 has an invalid length.
[  196.762553][ T9277] __nla_validate_parse: 57 callbacks suppressed
[  196.762572][ T9277] netlink: 40 bytes leftover after parsing attributes in process `syz.3.954'.
[  196.792607][ T9259] team0: Port device team_slave_1 removed
[  196.826734][ T9259] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.837632][ T9259] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.860991][ T9259] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.875755][ T9259] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.940204][ T9259] bond1: (slave bond2): Releasing backup interface
[  196.962941][ T9259] bond2: left promiscuous mode
[  197.077234][ T9261] A link change request failed with some changes committed already. Interface team_slave_1 may have been left with an inconsistent configuration, please check.
[  197.139933][ T9277] team0: Port device geneve0 added
[  197.174330][ T9275] lo speed is unknown, defaulting to 1000
[  197.447152][ T9300] netlink: 104 bytes leftover after parsing attributes in process `syz.0.960'.
[  197.691112][ T9311] netlink: 28 bytes leftover after parsing attributes in process `syz.0.964'.
[  197.705399][ T9313] netlink: 4 bytes leftover after parsing attributes in process `syz.3.965'.
[  197.840269][ T9320] netlink: 44 bytes leftover after parsing attributes in process `syz.4.967'.
[  197.993546][ T9326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.965'.
[  198.061099][ T9327] netlink: 8 bytes leftover after parsing attributes in process `syz.0.969'.
[  198.093787][ T9323] delete_channel: no stack
[  198.288108][ T9335] tipc: Enabled bearer <udp:syz2>, priority 10
[  198.524918][ T9344] netlink: 4748 bytes leftover after parsing attributes in process `syz.2.975'.
[  198.822035][ T9359] FAULT_INJECTION: forcing a failure.
[  198.822035][ T9359] name failslab, interval 1, probability 0, space 0, times 0
[  198.835337][ T9359] CPU: 1 UID: 0 PID: 9359 Comm: syz.0.983 Not tainted syzkaller #0 PREEMPT(full) 
[  198.835365][ T9359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  198.835377][ T9359] Call Trace:
[  198.835392][ T9359]  <TASK>
[  198.835401][ T9359]  dump_stack_lvl+0x189/0x250
[  198.835431][ T9359]  ? __pfx____ratelimit+0x10/0x10
[  198.835453][ T9359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.835478][ T9359]  ? __pfx__printk+0x10/0x10
[  198.835509][ T9359]  ? __pfx___might_resched+0x10/0x10
[  198.835529][ T9359]  ? fs_reclaim_acquire+0x7d/0x100
[  198.835554][ T9359]  should_fail_ex+0x414/0x560
[  198.835587][ T9359]  should_failslab+0xa8/0x100
[  198.835620][ T9359]  __kmalloc_noprof+0xcb/0x4f0
[  198.835646][ T9359]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  198.835680][ T9359]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  198.835732][ T9359]  genl_family_rcv_msg_doit+0xb8/0x300
[  198.835768][ T9359]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  198.835804][ T9359]  ? apparmor_capable+0x137/0x1b0
[  198.835832][ T9359]  ? bpf_lsm_capable+0x9/0x20
[  198.835859][ T9359]  ? security_capable+0x7e/0x2e0
[  198.835896][ T9359]  genl_rcv_msg+0x60e/0x790
[  198.835931][ T9359]  ? __pfx_genl_rcv_msg+0x10/0x10
[  198.835957][ T9359]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  198.835984][ T9359]  ? __asan_memcpy+0x40/0x70
[  198.836006][ T9359]  ? __pfx_ref_tracker_free+0x10/0x10
[  198.836045][ T9359]  netlink_rcv_skb+0x205/0x470
[  198.836063][ T9359]  ? __lock_acquire+0xab9/0xd20
[  198.836093][ T9359]  ? __pfx_genl_rcv_msg+0x10/0x10
[  198.836121][ T9359]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  198.836164][ T9359]  ? down_read+0x1ad/0x2e0
[  198.836192][ T9359]  genl_rcv+0x28/0x40
[  198.836216][ T9359]  netlink_unicast+0x82f/0x9e0
[  198.836256][ T9359]  ? __pfx_netlink_unicast+0x10/0x10
[  198.836289][ T9359]  ? netlink_sendmsg+0x642/0xb30
[  198.836308][ T9359]  ? skb_put+0x11b/0x210
[  198.836335][ T9359]  netlink_sendmsg+0x805/0xb30
[  198.836367][ T9359]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.836399][ T9359]  ? aa_sock_msg_perm+0xf1/0x1d0
[  198.836421][ T9359]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  198.836443][ T9359]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.836465][ T9359]  __sock_sendmsg+0x21c/0x270
[  198.836497][ T9359]  ____sys_sendmsg+0x505/0x830
[  198.836527][ T9359]  ? __pfx_____sys_sendmsg+0x10/0x10
[  198.836561][ T9359]  ? import_iovec+0x74/0xa0
[  198.836590][ T9359]  ___sys_sendmsg+0x21f/0x2a0
[  198.836618][ T9359]  ? __pfx____sys_sendmsg+0x10/0x10
[  198.836685][ T9359]  ? __fget_files+0x2a/0x420
[  198.836702][ T9359]  ? __fget_files+0x3a0/0x420
[  198.836733][ T9359]  __x64_sys_sendmsg+0x19b/0x260
[  198.836760][ T9359]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  198.836797][ T9359]  ? __pfx_ksys_write+0x10/0x10
[  198.836821][ T9359]  ? rcu_is_watching+0x15/0xb0
[  198.836848][ T9359]  ? do_syscall_64+0xbe/0x3b0
[  198.836876][ T9359]  do_syscall_64+0xfa/0x3b0
[  198.836897][ T9359]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.836918][ T9359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.836939][ T9359]  ? clear_bhb_loop+0x60/0xb0
[  198.836977][ T9359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.836996][ T9359] RIP: 0033:0x7fcedcd8ebe9
[  198.837013][ T9359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.837028][ T9359] RSP: 002b:00007fceddc9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.837049][ T9359] RAX: ffffffffffffffda RBX: 00007fcedcfc5fa0 RCX: 00007fcedcd8ebe9
[  198.837064][ T9359] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000008
[  198.837076][ T9359] RBP: 00007fceddc9a090 R08: 0000000000000000 R09: 0000000000000000
[  198.837088][ T9359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.837100][ T9359] R13: 00007fcedcfc6038 R14: 00007fcedcfc5fa0 R15: 00007ffd189a84a8
[  198.837134][ T9359]  </TASK>
[  199.282812][ T9349] syzkaller0: entered promiscuous mode
[  199.288352][ T9349] syzkaller0: entered allmulticast mode
[  199.302966][    T9] tipc: Node number set to 3338524937
[  199.496034][ T9376] netlink: 12 bytes leftover after parsing attributes in process `syz.0.984'.
[  199.591946][ T9378] netlink: 'syz.3.985': attribute type 2 has an invalid length.
[  201.111941][ T9392] netlink: 20 bytes leftover after parsing attributes in process `syz.4.992'.
[  201.647451][ T5876] udevd[5876]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  201.916636][ T9427] netlink: 'syz.3.1004': attribute type 13 has an invalid length.
[  202.312558][ T9427] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.319866][ T9427] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.535961][ T9427] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.551804][ T9427] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.744380][ T9427] veth0_macvtap: left allmulticast mode
[  202.920701][ T3504] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.929687][ T3504] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.969267][ T3504] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  203.027218][ T3504] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  203.778771][ T9497] __nla_validate_parse: 2 callbacks suppressed
[  203.778793][ T9497] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1024'.
[  203.837065][ T9501] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1025'.
[  204.403430][ T9530] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  204.403667][ T9528] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1034'.
[  204.763117][ T9536] veth3: entered promiscuous mode
[  204.995776][ T9548] FAULT_INJECTION: forcing a failure.
[  204.995776][ T9548] name failslab, interval 1, probability 0, space 0, times 0
[  205.030099][ T9548] CPU: 1 UID: 0 PID: 9548 Comm: syz.1.1040 Not tainted syzkaller #0 PREEMPT(full) 
[  205.030128][ T9548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  205.030140][ T9548] Call Trace:
[  205.030148][ T9548]  <TASK>
[  205.030157][ T9548]  dump_stack_lvl+0x189/0x250
[  205.030187][ T9548]  ? __pfx____ratelimit+0x10/0x10
[  205.030209][ T9548]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.030234][ T9548]  ? __pfx__printk+0x10/0x10
[  205.030265][ T9548]  ? __pfx___might_resched+0x10/0x10
[  205.030285][ T9548]  ? fs_reclaim_acquire+0x7d/0x100
[  205.030310][ T9548]  should_fail_ex+0x414/0x560
[  205.030348][ T9548]  should_failslab+0xa8/0x100
[  205.030379][ T9548]  __kmalloc_noprof+0xcb/0x4f0
[  205.030405][ T9548]  ? ethnl_default_set_doit+0x168/0x890
[  205.030436][ T9548]  ethnl_default_set_doit+0x168/0x890
[  205.030459][ T9548]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  205.030487][ T9548]  ? genl_family_rcv_msg_attrs_parse+0x212/0x2a0
[  205.030524][ T9548]  genl_family_rcv_msg_doit+0x212/0x300
[  205.030559][ T9548]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  205.030602][ T9548]  ? bpf_lsm_capable+0x9/0x20
[  205.030629][ T9548]  ? security_capable+0x7e/0x2e0
[  205.030667][ T9548]  genl_rcv_msg+0x60e/0x790
[  205.030702][ T9548]  ? __pfx_genl_rcv_msg+0x10/0x10
[  205.030728][ T9548]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  205.030754][ T9548]  ? __asan_memcpy+0x40/0x70
[  205.030777][ T9548]  ? __pfx_ref_tracker_free+0x10/0x10
[  205.030815][ T9548]  netlink_rcv_skb+0x205/0x470
[  205.030833][ T9548]  ? __lock_acquire+0xab9/0xd20
[  205.030872][ T9548]  ? __pfx_genl_rcv_msg+0x10/0x10
[  205.030901][ T9548]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  205.030943][ T9548]  ? down_read+0x1ad/0x2e0
[  205.030971][ T9548]  genl_rcv+0x28/0x40
[  205.030995][ T9548]  netlink_unicast+0x82f/0x9e0
[  205.031037][ T9548]  ? __pfx_netlink_unicast+0x10/0x10
[  205.031069][ T9548]  ? netlink_sendmsg+0x642/0xb30
[  205.031088][ T9548]  ? skb_put+0x11b/0x210
[  205.031116][ T9548]  netlink_sendmsg+0x805/0xb30
[  205.031148][ T9548]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.031174][ T9548]  ? aa_sock_msg_perm+0xf1/0x1d0
[  205.031196][ T9548]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  205.031217][ T9548]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.031240][ T9548]  __sock_sendmsg+0x21c/0x270
[  205.031273][ T9548]  ____sys_sendmsg+0x505/0x830
[  205.031304][ T9548]  ? __pfx_____sys_sendmsg+0x10/0x10
[  205.031340][ T9548]  ? import_iovec+0x74/0xa0
[  205.031369][ T9548]  ___sys_sendmsg+0x21f/0x2a0
[  205.031396][ T9548]  ? __pfx____sys_sendmsg+0x10/0x10
[  205.031463][ T9548]  ? __fget_files+0x2a/0x420
[  205.031480][ T9548]  ? __fget_files+0x3a0/0x420
[  205.031511][ T9548]  __x64_sys_sendmsg+0x19b/0x260
[  205.031539][ T9548]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  205.031576][ T9548]  ? __pfx_ksys_write+0x10/0x10
[  205.031600][ T9548]  ? rcu_is_watching+0x15/0xb0
[  205.031626][ T9548]  ? do_syscall_64+0xbe/0x3b0
[  205.031654][ T9548]  do_syscall_64+0xfa/0x3b0
[  205.031674][ T9548]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.031694][ T9548]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.031714][ T9548]  ? clear_bhb_loop+0x60/0xb0
[  205.031738][ T9548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.031758][ T9548] RIP: 0033:0x7efec318ebe9
[  205.031776][ T9548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.031792][ T9548] RSP: 002b:00007efec3f92038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.031813][ T9548] RAX: ffffffffffffffda RBX: 00007efec33c5fa0 RCX: 00007efec318ebe9
[  205.031828][ T9548] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000008
[  205.031846][ T9548] RBP: 00007efec3f92090 R08: 0000000000000000 R09: 0000000000000000
[  205.031858][ T9548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.031870][ T9548] R13: 00007efec33c6038 R14: 00007efec33c5fa0 R15: 00007ffe14c8d918
[  205.031904][ T9548]  </TASK>
[  205.447803][ T9552] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1041'.
[  205.505291][ T9552] bond0: entered promiscuous mode
[  205.520246][ T9552] 
: entered promiscuous mode
[  205.605920][ T9552] bond_slave_1: entered promiscuous mode
[  205.637411][ T9552] bond0: left promiscuous mode
[  205.642369][ T9552] 
: left promiscuous mode
[  205.647529][ T9552] bond_slave_1: left promiscuous mode
[  205.938261][ T9568] af_packet: tpacket_rcv: packet too big, clamped from 3956 to 3952. macoff=96
[  206.888372][ T9605] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1057'.
[  206.902676][ T9606] netlink: 'syz.2.1058': attribute type 1 has an invalid length.
[  207.050095][ T9606] bond3: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  207.065534][ T9606] bond3: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  207.083426][ T9606] bond3: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  207.808165][ T9638] netlink: 'syz.3.1070': attribute type 10 has an invalid length.
[  207.867125][ T9638] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  208.088344][ T9646] mac80211_hwsim hwsim9 wlan0: entered promiscuous mode
[  208.131299][ T9646] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1072'.
[  208.155811][ T9646] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  208.293779][ T9661] ipvlan1: entered allmulticast mode
[  208.299146][ T9661] veth0_vlan: entered allmulticast mode
[  208.358273][ T9660] ipvlan1: left allmulticast mode
[  208.387932][ T9660] veth0_vlan: left allmulticast mode
[  209.013134][ T9684] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  209.072268][ T9684] syzkaller0: entered promiscuous mode
[  209.098154][ T9684] syzkaller0: entered allmulticast mode
[  209.117658][ T9687] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  209.227864][ T9688] tipc: Resetting bearer <eth:syzkaller0>
[  209.277878][ T9692] tipc: Resetting bearer <eth:syzkaller0>
[  209.296899][ T9682] tipc: Resetting bearer <eth:syzkaller0>
[  209.349950][ T9682] tipc: Disabling bearer <eth:syzkaller0>
[  209.406074][ T9686] tipc: Disabling bearer <eth:syzkaller0>
[  210.234693][ T9720] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1104'.
[  210.426211][ T9726] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1107'.
[  211.063072][ T9748] netlink: 1296 bytes leftover after parsing attributes in process `syz.0.1116'.
[  211.176518][ T9750] syzkaller1: entered promiscuous mode
[  211.221802][ T9750] syzkaller1: entered allmulticast mode
[  211.371521][ T9760] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1123'.
[  211.561088][ T9765] netlink: 'syz.1.1125': attribute type 1 has an invalid length.
[  211.774000][ T9772] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1125'.
[  211.832066][ T9772] 8021q: adding VLAN 0 to HW filter on device bond3
[  212.461037][ T9800] netlink: 'syz.0.1139': attribute type 4 has an invalid length.
[  212.468844][ T9800] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1139'.
[  212.518961][ T9800] wlan1: mtu less than device minimum
[  213.490263][ T9837] 8021q: adding VLAN 0 to HW filter on device bond4
[  213.580074][ T9837] bond_slave_0: entered promiscuous mode
[  213.586075][ T9837] bond_slave_1: entered promiscuous mode
[  213.591880][ T9837] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  213.666912][ T9837] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  213.684920][ T9837] bond4: (slave macvlan2): Enslaving as an active interface with an up link
[  213.825025][ T9853] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1162'.
[  213.915684][ T9855] netlink: 'syz.2.1164': attribute type 11 has an invalid length.
[  213.978225][ T9858] netlink: 'syz.4.1165': attribute type 1 has an invalid length.
[  214.233142][ T9860] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  214.247336][ T9860] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  214.258407][ T9860] bond1: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  214.341035][ T9869] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  214.384703][ T9872] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[  214.413791][ T9872] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[  214.472301][ T9875] lo: entered allmulticast mode
[  214.504788][ T9868] tipc: Resetting bearer <eth:syzkaller0>
[  214.555539][ T9875] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1170'.
[  214.753763][ T9870] lo: left allmulticast mode
[  214.799171][ T9886] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1175'.
[  215.188040][ T9898] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1181'.
[  215.371570][ T5938] tipc: Node number set to 951990938
[  215.435381][ T9908] netlink: 'syz.3.1187': attribute type 4 has an invalid length.
[  215.614111][ T9915] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1188'.
[  215.765367][ T9917] lo: entered allmulticast mode
[  215.792855][ T9916] lo: left allmulticast mode
[  216.344134][ T9949] netlink: 'syz.1.1204': attribute type 1 has an invalid length.
[  216.748752][ T9969] veth0_to_bridge: entered promiscuous mode
[  216.768918][ T9968] veth0_to_bridge: left promiscuous mode
[  216.886386][ T9975] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1215'.
[  217.007790][ T5874] Bluetooth: hci2: command 0x0406 tx timeout
[  217.013903][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  217.013929][ T5868] Bluetooth: hci3: command 0x0406 tx timeout
[  217.019924][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  217.121795][ T9983] netlink: 'syz.2.1222': attribute type 1 has an invalid length.
[  217.673605][T10008] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1230'.
[  217.703044][T10011] ieee802154 phy0 wpan0: encryption failed: -22
[  217.878491][T10016] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  217.908610][T10016] syzkaller0: entered promiscuous mode
[  217.938404][T10016] syzkaller0: entered allmulticast mode
[  217.974482][T10016] tipc: Resetting bearer <eth:syzkaller0>
[  218.010102][T10026] netlink: 'syz.2.1238': attribute type 1 has an invalid length.
[  218.020075][T10022] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  218.034299][T10022] batman_adv: batadv0: Adding interface: gretap1
[  218.043695][T10022] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.081137][T10022] batman_adv: batadv0: Interface activated: gretap1
[  218.089932][T10012] tipc: Resetting bearer <eth:syzkaller0>
[  218.140886][T10012] tipc: Disabling bearer <eth:syzkaller0>
[  218.230186][T10025] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  218.264585][T10032] bond5: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  218.350036][T10032] bond5: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  218.368881][T10032] bond5: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  218.415385][T10046] IPVS: set_ctl: invalid protocol: 108 172.20.20.170:20003
[  219.036173][T10077] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1255'.
[  219.446419][T10094] netlink: 'syz.3.1261': attribute type 10 has an invalid length.
[  219.456169][T10094] team0: entered promiscuous mode
[  219.475746][T10094] team_slave_0: entered promiscuous mode
[  219.494542][T10094] team_slave_1: entered promiscuous mode
[  219.535441][T10094] bond1: entered promiscuous mode
[  219.571453][T10094] geneve0: entered promiscuous mode
[  219.608426][T10094] 8021q: adding VLAN 0 to HW filter on device team0
[  219.636916][T10094] bond0: (slave team0): Enslaving as an active interface with an up link
[  219.840101][T10108] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1266'.
[  219.868528][T10111] netlink: 'syz.0.1267': attribute type 1 has an invalid length.
[  219.962375][T10111] 8021q: adding VLAN 0 to HW filter on device bond2
[  220.008694][T10120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1270'.
[  220.111436][T10117] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1267'.
[  220.188651][T10111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.207434][T10111] batadv_slave_1: entered promiscuous mode
[  220.280748][T10111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  220.309842][T10111] bond2: (slave batadv_slave_1): making interface the new active one
[  220.335257][T10111] bond2: (slave batadv_slave_1): Enslaving as an active interface with an up link
[  220.559815][T10139] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  221.057982][T10162] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1286'.
[  221.291940][T10177] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1293'.
[  221.537472][T10188] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1299'.
[  221.547099][T10187] ipvlan1: entered allmulticast mode
[  221.562937][T10187] veth0_vlan: entered allmulticast mode
[  221.572591][T10186] ipvlan1: left allmulticast mode
[  221.580516][T10186] veth0_vlan: left allmulticast mode
[  221.797677][T10194] ------------[ cut here ]------------
[  221.800607][T10200] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1302'.
[  221.803894][T10194] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x2, 0x0] s64=[0x2, 0x0] u32=[0x2, 0x0] s32=[0x2, 0x0] var_off=(0x0, 0x0)(1)
[  221.845974][T10194] WARNING: CPU: 0 PID: 10194 at kernel/bpf/verifier.c:2733 reg_bounds_sanity_check+0x6e6/0xc20
[  221.856636][T10194] Modules linked in:
[  221.861063][T10194] CPU: 0 UID: 0 PID: 10194 Comm: syz.0.1303 Not tainted syzkaller #0 PREEMPT(full) 
[  221.871031][T10194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  221.881529][T10194] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20
[  221.887836][T10194] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 ef 31 aa ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08
[  221.907883][T10194] RSP: 0018:ffffc9000ad0ef08 EFLAGS: 00010282
[  221.914365][T10194] RAX: 7d131cb172796f00 RBX: 0000000000000000 RCX: 0000000000080000
[  221.922434][T10194] RDX: ffffc9000bbfa000 RSI: 0000000000020099 RDI: 000000000002009a
[  221.930487][T10194] RBP: 0000000000000002 R08: 0000000000000003 R09: 0000000000000004
[  221.938488][T10194] R10: dffffc0000000000 R11: fffffbfff1bfa1f4 R12: ffff888057aa5348
[  221.947022][T10194] R13: ffff888057aa5368 R14: ffff888057aa5380 R15: 0000000000000000
[  221.955268][T10194] FS:  00007fceddc9a6c0(0000) GS:ffff888125c14000(0000) knlGS:0000000000000000
[  221.965029][T10194] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.972792][T10194] CR2: 00007f87daaf56c0 CR3: 000000007e1fc000 CR4: 00000000003526f0
[  221.980894][T10194] Call Trace:
[  221.984215][T10194]  <TASK>
[  221.987206][T10194]  reg_set_min_max+0x264/0x300
[  221.992075][T10194]  check_cond_jmp_op+0x159b/0x2910
[  221.997269][T10194]  ? __pfx_check_cond_jmp_op+0x10/0x10
[  222.003144][T10194]  ? push_jmp_history+0x1dd/0x6f0
[  222.008234][T10194]  do_check+0x6751/0xe520
[  222.012712][T10194]  ? __kasan_kmalloc+0x93/0xb0
[  222.017530][T10194]  ? do_check_common+0x209/0x24f0
[  222.022769][T10194]  ? __pfx_do_check+0x10/0x10
[  222.027489][T10194]  ? init_func_state+0x1ddf/0x2d20
[  222.033002][T10194]  do_check_common+0x1949/0x24f0
[  222.038003][T10194]  bpf_check+0x1746a/0x1d2d0
[  222.043228][T10194]  ? is_bpf_text_address+0x26/0x2b0
[  222.048490][T10194]  ? kernel_text_address+0xa5/0xe0
[  222.054032][T10194]  ? __kernel_text_address+0xd/0x40
[  222.059349][T10194]  ? __lock_acquire+0xab9/0xd20
[  222.065127][T10194]  ? __mutex_trylock_common+0x153/0x260
[  222.071303][T10194]  ? __pfx___mutex_trylock_common+0x10/0x10
[  222.077259][T10194]  ? css_rstat_updated+0x23a/0x4f0
[  222.082497][T10194]  ? __lock_acquire+0xab9/0xd20
[  222.087498][T10194]  ? __pfx_bpf_check+0x10/0x10
[  222.092703][T10194]  ? ktime_get_with_offset+0x8c/0x2a0
[  222.098141][T10194]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  222.104503][T10194]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.107070][T10203] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  222.109739][T10194]  ? ktime_get_with_offset+0x8c/0x2a0
[  222.109772][T10194]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  222.109801][T10194]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  222.137257][T10194]  ? __asan_memset+0x22/0x50
[  222.141952][T10194]  ? bpf_obj_name_cpy+0x194/0x1e0
[  222.147020][T10194]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  222.152613][T10194]  ? security_bpf_prog_load+0x7f/0x310
[  222.158144][T10194]  bpf_prog_load+0x1318/0x1930
[  222.163038][T10194]  ? __pfx_bpf_prog_load+0x10/0x10
[  222.168657][T10194]  ? bpf_lsm_bpf+0x9/0x20
[  222.173651][T10194]  ? security_bpf+0x7e/0x300
[  222.178308][T10194]  __sys_bpf+0x528/0x870
[  222.182985][T10194]  ? __pfx___sys_bpf+0x10/0x10
[  222.187825][T10194]  ? __pfx___se_sys_futex+0x10/0x10
[  222.193247][T10194]  ? rcu_is_watching+0x15/0xb0
[  222.198060][T10194]  __x64_sys_bpf+0x7c/0x90
[  222.202690][T10194]  do_syscall_64+0xfa/0x3b0
[  222.207252][T10194]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.212820][T10194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.218934][T10194]  ? clear_bhb_loop+0x60/0xb0
[  222.223715][T10194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.229648][T10194] RIP: 0033:0x7fcedcd8ebe9
[  222.234189][T10194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.254205][T10194] RSP: 002b:00007fceddc9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  222.262751][T10194] RAX: ffffffffffffffda RBX: 00007fcedcfc5fa0 RCX: 00007fcedcd8ebe9
[  222.271275][T10194] RDX: 0000000000000048 RSI: 0000200000000100 RDI: 0000000000000005
[  222.279283][T10194] RBP: 00007fcedce11e19 R08: 0000000000000000 R09: 0000000000000000
[  222.287848][T10194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.296447][T10194] R13: 00007fcedcfc6038 R14: 00007fcedcfc5fa0 R15: 00007ffd189a84a8
[  222.304598][T10194]  </TASK>
[  222.307764][T10194] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  222.315072][T10194] CPU: 0 UID: 0 PID: 10194 Comm: syz.0.1303 Not tainted syzkaller #0 PREEMPT(full) 
[  222.324455][T10194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  222.334525][T10194] Call Trace:
[  222.337814][T10194]  <TASK>
[  222.340755][T10194]  dump_stack_lvl+0x99/0x250
[  222.345361][T10194]  ? __asan_memcpy+0x40/0x70
[  222.349964][T10194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.355189][T10194]  ? __pfx__printk+0x10/0x10
[  222.359828][T10194]  vpanic+0x281/0x750
[  222.363844][T10194]  ? __pfx__printk+0x10/0x10
[  222.368464][T10194]  ? __pfx_vpanic+0x10/0x10
[  222.372994][T10194]  ? is_bpf_text_address+0x26/0x2b0
[  222.378262][T10194]  panic+0xb9/0xc0
[  222.382040][T10194]  ? __pfx_panic+0x10/0x10
[  222.386500][T10194]  __warn+0x31b/0x4b0
[  222.390497][T10194]  ? reg_bounds_sanity_check+0x6e6/0xc20
[  222.396188][T10194]  ? reg_bounds_sanity_check+0x6e6/0xc20
[  222.401836][T10194]  report_bug+0x2be/0x4f0
[  222.406175][T10194]  ? reg_bounds_sanity_check+0x6e6/0xc20
[  222.411816][T10194]  ? reg_bounds_sanity_check+0x6e6/0xc20
[  222.417483][T10194]  ? reg_bounds_sanity_check+0x6e8/0xc20
[  222.423163][T10194]  handle_bug+0x84/0x160
[  222.427434][T10194]  exc_invalid_op+0x1a/0x50
[  222.431961][T10194]  asm_exc_invalid_op+0x1a/0x20
[  222.436840][T10194] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20
[  222.443101][T10194] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 ef 31 aa ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08
[  222.462737][T10194] RSP: 0018:ffffc9000ad0ef08 EFLAGS: 00010282
[  222.468825][T10194] RAX: 7d131cb172796f00 RBX: 0000000000000000 RCX: 0000000000080000
[  222.476809][T10194] RDX: ffffc9000bbfa000 RSI: 0000000000020099 RDI: 000000000002009a
[  222.484792][T10194] RBP: 0000000000000002 R08: 0000000000000003 R09: 0000000000000004
[  222.492820][T10194] R10: dffffc0000000000 R11: fffffbfff1bfa1f4 R12: ffff888057aa5348
[  222.500843][T10194] R13: ffff888057aa5368 R14: ffff888057aa5380 R15: 0000000000000000
[  222.508885][T10194]  reg_set_min_max+0x264/0x300
[  222.513699][T10194]  check_cond_jmp_op+0x159b/0x2910
[  222.518868][T10194]  ? __pfx_check_cond_jmp_op+0x10/0x10
[  222.524363][T10194]  ? push_jmp_history+0x1dd/0x6f0
[  222.529419][T10194]  do_check+0x6751/0xe520
[  222.533784][T10194]  ? __kasan_kmalloc+0x93/0xb0
[  222.538576][T10194]  ? do_check_common+0x209/0x24f0
[  222.543662][T10194]  ? __pfx_do_check+0x10/0x10
[  222.548353][T10194]  ? init_func_state+0x1ddf/0x2d20
[  222.553498][T10194]  do_check_common+0x1949/0x24f0
[  222.558483][T10194]  bpf_check+0x1746a/0x1d2d0
[  222.563090][T10194]  ? is_bpf_text_address+0x26/0x2b0
[  222.568352][T10194]  ? kernel_text_address+0xa5/0xe0
[  222.573503][T10194]  ? __kernel_text_address+0xd/0x40
[  222.578752][T10194]  ? __lock_acquire+0xab9/0xd20
[  222.583637][T10194]  ? __mutex_trylock_common+0x153/0x260
[  222.589203][T10194]  ? __pfx___mutex_trylock_common+0x10/0x10
[  222.595308][T10194]  ? css_rstat_updated+0x23a/0x4f0
[  222.600457][T10194]  ? __lock_acquire+0xab9/0xd20
[  222.605360][T10194]  ? __pfx_bpf_check+0x10/0x10
[  222.610187][T10194]  ? ktime_get_with_offset+0x8c/0x2a0
[  222.615595][T10194]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  222.621860][T10194]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.627076][T10194]  ? ktime_get_with_offset+0x8c/0x2a0
[  222.632466][T10194]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  222.638748][T10194]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  222.645388][T10194]  ? __asan_memset+0x22/0x50
[  222.650010][T10194]  ? bpf_obj_name_cpy+0x194/0x1e0
[  222.655047][T10194]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  222.660269][T10194]  ? security_bpf_prog_load+0x7f/0x310
[  222.665770][T10194]  bpf_prog_load+0x1318/0x1930
[  222.670581][T10194]  ? __pfx_bpf_prog_load+0x10/0x10
[  222.675745][T10194]  ? bpf_lsm_bpf+0x9/0x20
[  222.680121][T10194]  ? security_bpf+0x7e/0x300
[  222.684770][T10194]  __sys_bpf+0x528/0x870
[  222.689055][T10194]  ? __pfx___sys_bpf+0x10/0x10
[  222.693862][T10194]  ? __pfx___se_sys_futex+0x10/0x10
[  222.699122][T10194]  ? rcu_is_watching+0x15/0xb0
[  222.703905][T10194]  __x64_sys_bpf+0x7c/0x90
[  222.708337][T10194]  do_syscall_64+0xfa/0x3b0
[  222.712887][T10194]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.718095][T10194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.724257][T10194]  ? clear_bhb_loop+0x60/0xb0
[  222.728992][T10194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.734926][T10194] RIP: 0033:0x7fcedcd8ebe9
[  222.739370][T10194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.759009][T10194] RSP: 002b:00007fceddc9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  222.767470][T10194] RAX: ffffffffffffffda RBX: 00007fcedcfc5fa0 RCX: 00007fcedcd8ebe9
[  222.775496][T10194] RDX: 0000000000000048 RSI: 0000200000000100 RDI: 0000000000000005
[  222.783509][T10194] RBP: 00007fcedce11e19 R08: 0000000000000000 R09: 0000000000000000
[  222.791519][T10194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.799541][T10194] R13: 00007fcedcfc6038 R14: 00007fcedcfc5fa0 R15: 00007ffd189a84a8
[  222.807588][T10194]  </TASK>
[  222.810967][T10194] Kernel Offset: disabled
[  222.815303][T10194] Rebooting in 86400 seconds..