last executing test programs:

3.712131187s ago: executing program 0 (id=2785):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000529f0a50c1a671520ad9230ba42e2e7026b623e77000000000a27ec08dbdf7050000003573201e4d64371c46a91d4db5486a8e2efae6f561c6641a812fdacac2d67a91890589d1b7a1ec4e0c81cb943d90e5f7ce3306eeb444f7dcb1915df31ccf625e0fe8d98e5367d53e1880a6d2c791cd78a321b439e41d9d1755a4fb6c399e6ec9eada6a80daac7ffb56c6ddc886f324931838fbc32c0b7a"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0x3)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffffffff8500000010000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x6, 0x4, 0x6, 0x3, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x82, 0xca, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r6, &(0x7f0000000200), 0xf000)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000540)={0x1, <r7=>0x0}, 0x8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000640)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0xffff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000600), r6)
sendmsg$TIPC_NL_BEARER_GET(r6, &(0x7f00000008c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)={0x30, r10, 0x400, 0x70bd27, 0x5d, {}, [@TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000006c0)=@o_path={&(0x7f0000000580)='./file0\x00', 0x0, 0x4000, r4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x7, &(0x7f0000000040)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @map_fd={0x18, 0x2, 0x1, 0x0, r6}, @call={0x85, 0x0, 0x0, 0x54}, @cb_func={0x18, 0x4, 0x4, 0x0, 0x6}, @alu={0x7, 0x1, 0xc, 0x4, 0xb, 0xffffffffffffffc0, 0x1}], &(0x7f0000000180)='GPL\x00', 0x2, 0x7c, &(0x7f00000004c0)=""/124, 0x41100, 0x1, '\x00', 0x0, @fallback=0x29, r5, 0x8, &(0x7f00000001c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x3, 0x1, 0x873d}, 0x10, r7, r0, 0x4, &(0x7f0000000700)=[0xffffffffffffffff, r8, r9, r11], &(0x7f0000000740)=[{0x3, 0x5, 0xb, 0x4}, {0x2, 0x2, 0x7, 0x4}, {0x1, 0x2, 0x1, 0x7}, {0x0, 0x4, 0x10, 0x2}], 0x10, 0x9, @void, @value}, 0x94)
ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

3.473737412s ago: executing program 0 (id=2789):
socket(0x2000000000000021, 0x2, 0x10000000000002)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x18)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r3}, 0x80, &(0x7f00000004c0), 0x0, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

3.308146162s ago: executing program 0 (id=2791):
unshare(0x62040200)
openat$tun(0xffffffffffffff9c, 0x0, 0x1abb01, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x80)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r2}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000140), 0x8)
close(r3)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0], 0x50)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000001e0000000018110000", @ANYRES32=r4, @ANYBLOB="000000000000f7ffb702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r5, 0x0, 0x0}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000a00)={r4, &(0x7f0000000140), 0x0}, 0x20)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r7 = socket$xdp(0x2c, 0x3, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x8012, r7, 0x22b14000)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x4e)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r8, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r8, &(0x7f0000000480)="34dabf1466811cd42ef515109f85aa3259fead10896430204cfafed596a865f6eb252465747b1c8ee35a930700a33727a2997fb3a19daaff3606aab1a14e67f660", 0x41, 0x809b, 0x0, 0x0)

3.016306123s ago: executing program 0 (id=2795):
r0 = socket(0x2, 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x33, &(0x7f00000002c0)="d5", 0x1)
getsockopt$inet_dccp_int(r0, 0x21, 0xa, &(0x7f0000000940), &(0x7f0000000980)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0})
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6f, 0x6f, 0x6, [@datasec={0xa, 0x7, 0x0, 0xf, 0x3, [{0x3, 0x7, 0x4}, {0x5, 0x0, 0x8}, {0x3, 0x8, 0x3}, {0x5, 0x2, 0x7a61dbcf}, {0x2}, {0x4, 0x2, 0x4}, {0x3, 0x0, 0xe455}], "3603c3"}, @restrict={0x7, 0x0, 0x0, 0xb, 0x5}]}, {0x0, [0x30, 0x5f, 0x30, 0x2e]}}, &(0x7f0000000580)=""/198, 0x8e, 0xc6, 0x1, 0x6, 0x10000, @value}, 0x28)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0xdc}}, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x20, &(0x7f00000007c0)={&(0x7f00000006c0)=""/196, 0xc4, <r6=>0x0, &(0x7f0000001480)=""/4096, 0x1000}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xf, 0x6, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x101}, [@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x1, 0x0, 0x8, 0xfffffffffffffffe, 0xffffffffffffffff}]}, &(0x7f0000000300)='GPL\x00', 0x0, 0xe9, &(0x7f0000000340)=""/233, 0x41000, 0x10, '\x00', r3, @cgroup_device=0x6, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x2, 0x0, 0x10001, 0x9}, 0x10, r6, r1, 0x3, 0x0, &(0x7f0000000840)=[{0x3, 0x3, 0x6, 0x5}, {0x2, 0x4, 0x2, 0x1}, {0x5, 0x5, 0xc, 0xb}], 0x10, 0x80000001, @void, @value}, 0x94)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r3, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r2], 0x40c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0xd8, 0xfffffffffffffffe}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800ebff0007000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe55a10a000b000140020203600e41b0000900ac0006031100000016001500090002000000035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)

2.852774918s ago: executing program 0 (id=2797):
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r3=>0x0})
r4 = gettid()
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x30, r2, 0xd66771a5e8224ded, 0x100, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0xfff, 0x48}}}}, [@NL80211_ATTR_PID={0x8, 0x52, r4}]}, 0x30}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
write$cgroup_pid(r0, &(0x7f0000000040)=r4, 0x12)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r5, 0x1, 0xc, 0x0, 0x0)

2.616778201s ago: executing program 0 (id=2801):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="270300000000000000000000000008000100", @ANYRES64=r2], 0x1c}}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000640)={0x60, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x38, 0x8, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x2000}, @WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)

2.520049812s ago: executing program 4 (id=2804):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4)
close(r0)

2.465672307s ago: executing program 2 (id=2807):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={0x0}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="38000000070a01040000000000000000020000000c0003403c100000000000020900020073797a32000000000900010073797a30"], 0x38}}, 0x0)

2.303873529s ago: executing program 2 (id=2810):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
r3 = socket$inet(0x2, 0x80002, 0x1)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x2, 0x4)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x0, @empty}, 0x10)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=@newchain={0x24, 0x2e, 0x901, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x0, 0xfff1}}}, 0x24}}, 0x0)

2.064929874s ago: executing program 2 (id=2813):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x1abb01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000000)={@void, @void, @eth={@broadcast, @broadcast, @val={@void, {0x8100, 0x1, 0x1, 0x2}}, {@ipv6={0x86dd, @udp={0x1, 0x6, "c313a0", 0x76, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x10, 0x0}}, @mcast2, {[], {0x4e23, 0x4e24, 0x76, 0x0, @opaque="5629263e10e9981b957fca205432582398a5eb73e1d2173ae381eb479087c0531cf5796ee2dbf3c57bb3a38e896bef70ae7e6d8201df6babd34c727d9f51bf12f5699f77298aa811f7eb3541a288d935e6799c558ef0aa37157efc701891bc181cb140d741d39278308676937b77"}}}}}}}, 0xb0)

1.484788977s ago: executing program 4 (id=2820):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000940)=[{{&(0x7f00000004c0)={0xa, 0x4e1d, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f00000007c0)={0xa, 0x4e28, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="200000000000000029000000370000002f00000000000000c204000000070000200000000000000034000000360000007300000000000000c204000000090000140000000000000029000000080000000000003f000000001400000000000000290000003400000080000000000000001400000000000000290000000b000000000004010000000020000000000000002900000037000000080000000000000000010004010000e3170000000000000029000000040000002b0000000000000014"], 0xd8}}], 0x2, 0x0)

1.474187462s ago: executing program 4 (id=2821):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f00000000c0), 0x4)
setsockopt$sock_int(r2, 0x1, 0x21, &(0x7f0000000040)=0x4010004, 0x4)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newlink={0x50, 0x10, 0xffffff1f, 0x2, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, r4, 0x4061, 0xc}}}}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x50}}, 0x0)

1.300536125s ago: executing program 1 (id=2823):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000001da63a2e0053d09377ceb9bd36af376332350a86741fe0291f860b000bf91edd1045e0aca220aace432ec99a7327c802c490271aafd279078b323649dcaddf7c309bb09ce8c4ce07c02b6bd7e1d7bb732d97b0cec8047016663764be598f648c", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af0ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.260993549s ago: executing program 1 (id=2825):
socket$kcm(0x29, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000c00)=ANY=[@ANYBLOB="b400000002000000660000000000000073019c000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22702000000e63bde9e4a0587536a966992ae7011d6e6c03175717e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b38000000bc4da4a9b3d5cc9e0000f6a7a729009973ff07000000000000ac79e5d84abbec7d96629490727375b853f6308a980fba61fbe0131f3c7a026d8f000008000000000000000b20d7ac2df89d7989bf53bec908213d396edf24e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7c138b3ec6ee9b83edcc55d3403acd5c50e2740a7ab7069790da79b7ab45184caffff00009bab066bf7a4ab148d44c7e2e4d219cdd7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320def97ebac25b929b3c15e33be6e7d54e622b427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b97c200000096a1cbe81a38a23f03bd741a3e60c2e294f828e06f1b2cb70328f151f949e369efed52a28b87aae9d7d2800c8eff7f93c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a131ff1f6acb9439f2d95a746291641b38333ce1c84b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb000000044a6458c31431d58973c93f5e9452258a7098bc3d014afe638a40948498fa9561213bc20845526e054d6b3ba5ca8f357df67c41acc28edacb31d38994544c3511ea1e8a448e66039425cfb03efb5d5eb81a306746adb8809ef969187763c00085e2dc401325327e54cbfceb400c2663466cd4a79c94b62c9882626499a8a29c564464f2a7aee6a929f831c93d23005787d272b5eaf0c6e11a7f0f1f39f68df44f6bf2d9b51d99c89e327b4bf7b96ad33abbd3a8b5814b5e7f85d1a47ee604ccef20bda53c9ce06910568fc200eee12fc6ef2734a6e9af5132f0c507e277fd97f9b48c840697289d38e454467f4d2f94b2f76d06edd083dafefd76deb251b5818de9c27d0df6e7b8862fe42f6c453f551f35b6d76395a1d205f276ae628fbdb8081905a1d7c2805532d3387b88f2997e8ce41c5dca83659cfb7f3a1c7b2bec8a7575dc4241dde6c680ee9a27b197739f4ad86f3bad3e42d4954bef864586ad02c27858d63efc495bcfb6ed49a5ca8987b0f2a8b14054e30f30fedf536d63769a196fc3b472195d0a1a13ecf803136d751cefb0edb5794cab8681214b39f86d88f3aebea4d465ef05f975b09f264d6c8d8e3bb6ea7d21c6602bcc8f76f2546cccc074f55c22aa8b502968040000000000000047c8a50036dd268a1aeff951f5090492b5e941feb1d3785aafe1655876e5a36c40fb5afcfd1eb28952662782097836a4d1aa3de0c06bb7dc27cf1a546b6aa6ce9932f3c6a013bc3791da4d8a33680ba8f1334d75a43e991ebd4582d786ec05cdd3152d52ab15fc7595cbd339f730d2ec8e37e6c500c4c30280a6af986f62a22d9c5c275e7798c165545abfcd304243274db15924a136a0896d56576ed7de90b1bda90f4024b9a0b3b33f688db8e38f784ae3942aba874f95d10c47e2405ceb0438cc272133fac718a6553710e4ca97df646b21d02652c54eade2e99344e11a2671cf274d397650fba8fcfb7e51a926e37b3980a1732111175dd99b9d979042b3ea411a7b4f9081ae9b82974d5eb6fd4e4bcd95e4f897dfba4e44777e6d02a896b650a66d9139696b926c36a33eb3bdc092bf4586bfab34002f802bbfe6a7679cec20cc25e01f129bbe92a65961fac7bffa3d8feda2ac927743d2bce57ee39b671948576337535180aa754e035421cf1709bc1b5e46c35515fb1fcda637a6405e9b216d2ca09795c5d2f27665da5b17bcf0f387e6dd58202a3a1148e46e55ac7ea027eb3022eee4a000ca543ab566921e5db4f741a762e5705f942855a9fa30b912045f78ab1e3fdeada84bc8ac36cc1223901e56f6ecbabbc3263098c9c47a1f505a8299b5715a455e834ddddc430f387cafa07bf915522f9a42e34eea5169b796320e892d27924045bcf56135684ca96ada82749371d5766c0d0cae8772f140eef001ca39dc28aef8a5236393fce29b0531cbd3265c209761ed41a2e473fbd84ca9b67e3ceb58a4b774ee127628faba8702c0a73f8311d269429aaadf74c439404fc9f864e69807dfe257c0c4a26c60bfa77f89bae2bd4c498a10d4e17dddb1f7539bfeb392e22e7b93d0ecf66cd253a4062bbc8a437f8924ee7a89ab73dd7c11be13707482c369f02d7b6f242599f95dbfcb55bea158665231f8fe04ed2a8c407fed1a8702e2486386f2ae6347231128be789186ff5651208c80781f85d3fb51bd28b939a8bc88a471c36fa17fd04c3fbdbd3f7bf144b1466014a77c582aa0380e612cd101d557dd1e5b7bae3da3ea2659f66a3641eaa3b008b9788a63c8f7009f9149fd9c740eddd300000000000000000000e620e3657ac82a5bd27dfa4f2add31a402346571e87b2644edb73d4affdcbbe2b8e2539b44554c10dc0ac8ba67ab9901c8e9564b4c26a87cf59b11978a86d4938ca4db01a9d8426aed32eb0d0d1dd894bbf3197f3b5744b5a4f813fd7330"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000002c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x47)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000100))
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000040a01040002000000000000020000000900030073797a32000000000900010073797a30"], 0x2c}}, 0x0)
sendto$inet(r0, &(0x7f0000000280)='!', 0x1, 0x2400c005, &(0x7f0000000040)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040), 0xc)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0}, 0xffffffff}], 0x1, 0x2, 0x0)
connect$qrtr(r4, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x5411, 0x0)
writev(r4, &(0x7f0000000680)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="04002bbd7000fddbdf251200000100000000050002000c00000005000100070000000500010001000000050002000600000005000200b70000000500c200ff00000006001000a5030000050074000200000006001a0101000000"], 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x1)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r6=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x4, 0x0, 0x9, 0xfffffff9, r6}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r7, 0x84, 0x21, &(0x7f00000001c0)=0x7, 0x4)

1.084135778s ago: executing program 4 (id=2826):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="0142070be500000000000800170004000480"], 0x18}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x40000000015, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000100050005000700000000000800090000003f0014002000ff250100100000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)

1.083169035s ago: executing program 3 (id=2827):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010003b15000000000000000000004888", @ANYRES32=0x0, @ANYBLOB="d530d995212cf95a2000128008000100687372001400028008000200", @ANYRES32=r0, @ANYBLOB="080001"], 0x40}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000002e24001280090001007866726d0000084214000280040003"], 0x44}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="9803593ae29d542e8f1800000000000000000000000000f40085000000970000041811000005b3feb3", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000710000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000070000850000008200000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r4, 0x800000010d, 0x3, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000040), 0x4)

967.132572ms ago: executing program 1 (id=2828):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000080)=0x5, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
bind$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0xffffffff, @private2, 0x2, 0x3}, 0x20)

939.312049ms ago: executing program 4 (id=2829):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4)
close(r0)

822.188966ms ago: executing program 2 (id=2830):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000003940), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r1, &(0x7f0000003bc0)={0x0, 0x0, &(0x7f0000003b80)={&(0x7f0000003980)={0x58, r2, 0x11, 0x0, 0x0, {0x34}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x68, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x4}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_CIDR={0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x68}}, 0x0)

821.525981ms ago: executing program 3 (id=2831):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={0x0}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="38000000070a01040000000000000000020000000c0003403c100000000000020900020073797a32000000000900010073797a30"], 0x38}}, 0x0) (fail_nth: 2)

656.609911ms ago: executing program 3 (id=2832):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair(0x10, 0x80000, 0x8, &(0x7f0000000380)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000340)={0x0, 'pim6reg0\x00', {0x4}, 0x3})
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r4, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(r6, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/188, 0xbc, 0xdf0e}}], 0x1800, 0x2002, 0x0)
tee(r7, r1, 0x5, 0x8)
close(r5)
getsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f0000000040)=0xfdc, &(0x7f00000002c0)=0x4)
sendmsg$inet(r1, &(0x7f0000000b00)={0x0, 0xf22fff7f, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c49", 0xc00e}], 0x9, &(0x7f00000001c0)=ANY=[@ANYBLOB="000026d5f47f000000000000010000000000020000000000140000000000000000000000020000000000000000000100140000000000000000000000020000000000000000000000110000000000000000000000010000000000000000000000110000000000000002000000010000000000000000000000000000000000000000000000070000008300000000960000206a77bdd1a004129054e7704a000002"], 0xf}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0), 0xffffffffffffffff)
socket$qrtr(0x2a, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r8, 0x8)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9, 0x0, 0x8000000000000000}, 0x18)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000040))
accept4$inet(r8, &(0x7f0000000100), 0x0, 0x80000)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x0)

611.531726ms ago: executing program 1 (id=2833):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = accept4$rose(0xffffffffffffffff, &(0x7f0000000000)=@short={0xb, @dev, @netrom, 0x1, @netrom}, &(0x7f0000000040)=0x1c, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000080)={'bond_slave_0\x00', 0x8000})
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x48, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @loopback}, @IFLA_IPTUN_FLAGS={0x6, 0x8, 0x3}]}}}]}, 0x48}}, 0x0)

551.383844ms ago: executing program 2 (id=2834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_audit(0x10, 0x3, 0x9)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
socket$key(0xf, 0x3, 0x2)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff000000001700000044000680ff00040067636d2861657329000000000000000000000000000000000000000000e3ffff13000000e3de3d7b4cd07ec3ee777de774fc7987cca4198904000500"], 0x58}}, 0x4000000)
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x18c, r2, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x50, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}, @TIPC_NLA_NODE={0x7c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ID={0x27, 0x3, "48364d7fbc9ac371a9539fd9679466c9c622b6239b846a625404260ed797e6a7b15564"}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "5c86a279d3f0c82ba5ac8e0b8d345146455438fa54"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x901f}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7ff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x37d}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}]}, @TIPC_NLA_NODE={0x6c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0xfffffffffffffd80}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x40, 0x4, {'gcm(aes)\x00', 0x18, "1a203c3ac44da40b63585707fd3afa4affb42e4e5515d364"}}, @TIPC_NLA_NODE_ID={0x1e, 0x3, "7170f0f5c136d2e7b86f752d018dd99246bd90feb800e28dbaca"}]}, @TIPC_NLA_NET={0x4}]}, 0x18c}}, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004a00), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000007000000080001006e00000008000300", @ANYRES32=r7, @ANYBLOB="0c0099000000000000000000050053000100000014000400776c616e310000000000000000000000140006"], 0x60}}, 0x0)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x28, r5, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x80}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x24000040}, 0x4000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

316.622778ms ago: executing program 1 (id=2835):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000b00000008500000087000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x7, 0x0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48810}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x15, &(0x7f0000000200)=@raw=[@func, @func, @func, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @func, @snprintf, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffb}], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000005c0)=@newlink={0x5c, 0x10, 0x1, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2102}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_LINKMODE={0x5, 0x11, 0x72}, @IFLA_VFINFO_LIST={0x20, 0x16, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x18, 0xc, 0x0, 0x1, [{0x14, 0x1, {0x40, 0x367, 0xe6, 0x88a8}}]}]}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x6004004}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xc)
sendmsg$L2TP_CMD_TUNNEL_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040}, 0x20040000)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r5, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f0000000000), 0x400000000000235, 0x0)

315.056509ms ago: executing program 3 (id=2836):
r0 = socket$netlink(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r0) (async)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r0)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x24, r2, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4008000)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYRESOCT=r1], 0x80}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
syz_emit_ethernet(0x15d, &(0x7f0000000440)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x21, 0x4, 0x0, 0x2, 0xfffffffffffffece, 0x65, 0x0, 0xe5, 0x11, 0x0, @private=0xa010102, @multicast2, {[@timestamp_addr={0x44, 0x44, 0xb7, 0x1, 0xc, [{@private=0xa010102}, {@private=0xa010100, 0x80000001}, {@remote, 0xb453}, {@local, 0x8}, {@broadcast, 0x66}, {@empty, 0x2}, {@broadcast, 0xffffff7f}, {@dev={0xac, 0x14, 0x14, 0x1d}, 0x6}]}, @ssrr={0x89, 0x1f, 0xf6, [@empty, @dev={0xac, 0x14, 0x14, 0x13}, @remote, @private=0xa010100, @private=0xa010100, @empty, @multicast2]}, @timestamp={0x44, 0xc, 0x1f, 0x0, 0x5, [0x1, 0x10000]}]}}, "f70295a478379e8f21a89aee178bca90cd518dd972af08d4be6b8908724e7092ab6a53786c2c75249ed9bb5186b94c19614eefea88b1695825ac77cfd974b60ec6325da08972bdf55b8bc29f441795bdf6678d494a5003b45007a1317cf16edacd75ff67ba3252a9b45a6bc5444c0df68d2c3d950ebd7ef9771bcc0b889228f1ffd414b5077c5f83c10e0a5b11c21085fc4ff25c846c08836d87c911561790e203424350ff489f5a4078e41f521f5806c3fdaba0382b98c42e4b16089099a2926fd3827d150b8955042e66"}}}}, 0x0) (async)
syz_emit_ethernet(0x15d, &(0x7f0000000440)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x21, 0x4, 0x0, 0x2, 0xfffffffffffffece, 0x65, 0x0, 0xe5, 0x11, 0x0, @private=0xa010102, @multicast2, {[@timestamp_addr={0x44, 0x44, 0xb7, 0x1, 0xc, [{@private=0xa010102}, {@private=0xa010100, 0x80000001}, {@remote, 0xb453}, {@local, 0x8}, {@broadcast, 0x66}, {@empty, 0x2}, {@broadcast, 0xffffff7f}, {@dev={0xac, 0x14, 0x14, 0x1d}, 0x6}]}, @ssrr={0x89, 0x1f, 0xf6, [@empty, @dev={0xac, 0x14, 0x14, 0x13}, @remote, @private=0xa010100, @private=0xa010100, @empty, @multicast2]}, @timestamp={0x44, 0xc, 0x1f, 0x0, 0x5, [0x1, 0x10000]}]}}, "f70295a478379e8f21a89aee178bca90cd518dd972af08d4be6b8908724e7092ab6a53786c2c75249ed9bb5186b94c19614eefea88b1695825ac77cfd974b60ec6325da08972bdf55b8bc29f441795bdf6678d494a5003b45007a1317cf16edacd75ff67ba3252a9b45a6bc5444c0df68d2c3d950ebd7ef9771bcc0b889228f1ffd414b5077c5f83c10e0a5b11c21085fc4ff25c846c08836d87c911561790e203424350ff489f5a4078e41f521f5806c3fdaba0382b98c42e4b16089099a2926fd3827d150b8955042e66"}}}}, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c000280050001000000000044000f800800014000000006080003400000002b080003400000000808000240000000400800014000000000fb0001400000000708000140000044f10800034000000003080007"], 0xa8}}, 0x0)

268.275712ms ago: executing program 2 (id=2837):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f0000000080), 0x24)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, &(0x7f0000000200), 0x806000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000040)={0x80000004})
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
r6 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r6, &(0x7f0000000040)=@in6={0x21, 0x0, 0x2, 0x2, {0xa, 0x0, 0x0, @dev}}, 0x24)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000004c0)=ANY=[@ANYRESDEC=r3, @ANYRES16=r3, @ANYRESHEX=r6, @ANYRES32=r5, @ANYBLOB="4400028040001500240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f616463617374000000"], 0x60}, 0x1, 0x0, 0x0, 0x4008401}, 0x44084)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={0x0, @multicast2, @private}, &(0x7f0000000140)=0xc)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'gre0\x00', &(0x7f0000000280)={'erspan0\x00', 0x0, 0x7, 0x8, 0x155d8955, 0x8001, {{0x38, 0x4, 0x0, 0x1, 0xe0, 0x65, 0x0, 0xc1, 0x4, 0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x23, 0xf, [@dev={0xac, 0x14, 0x14, 0x26}, @local, @multicast1, @dev={0xac, 0x14, 0x14, 0x39}, @empty, @broadcast, @private=0xa010100, @multicast2]}, @rr={0x7, 0x17, 0x9f, [@empty, @local, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @timestamp_prespec={0x44, 0x4c, 0xb, 0x3, 0xe, [{@remote, 0x943c}, {@loopback, 0x78b}, {@rand_addr=0x64010102}, {@broadcast, 0x7}, {@empty, 0x4e9}, {@multicast1, 0x28}, {@local, 0x8001}, {@multicast2, 0xfffffff9}, {@multicast2, 0x80}]}, @timestamp_addr={0x44, 0x2c, 0xce, 0x1, 0x6, [{@multicast2, 0x7}, {@empty, 0x9}, {@local, 0x7}, {@multicast2, 0x8}, {@local, 0x6}]}, @rr={0x7, 0x7, 0x2e, [@remote]}, @rr={0x7, 0xb, 0x42, [@broadcast, @local]}, @ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x29, 0x8, 0xf, 0x7, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x40, 0x7880, 0xf5d, 0x49d}})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv4_newrule={0x2c, 0x20, 0x1, 0x70bd2b, 0x25dfdbff, {0x2, 0x20, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3}, [@FRA_DST={0x8, 0x1, @empty}, @FRA_SRC={0x8, 0x2, @local}]}, 0x2c}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x8, 0x0, r4, 0x5, '\x00', 0x0, r4, 0x1, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r8, &(0x7f00000005c0)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e24, 0xffffffff, @empty, 0x45e4}}, 0x24)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bind$rxrpc(r8, &(0x7f0000000000)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x24)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r11=>0x0})
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x60, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r11, 0x800, 0x55007}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_MCAST_SNOOPING={0x5}, @IFLA_BR_AGEING_TIME={0x8, 0x4, 0x81}, @IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x1}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0)

140.729134ms ago: executing program 3 (id=2838):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x7, 0x0)
close(r0)
ioctl$int_in(r1, 0x541b, 0x0)
close(r1)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000002c0)="68f5", 0x2}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000004340)={0x5, 0x4, &(0x7f00000007c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

16.792514ms ago: executing program 1 (id=2839):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'/17, @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000008d00)={0x2, 'macvlan0\x00', 0x3}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x2c}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
splice(r4, 0x0, r5, 0x0, 0x1, 0x0)
vmsplice(r5, &(0x7f00000005c0)=[{&(0x7f0000000180)="0400", 0x2}], 0x1, 0x6)
ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3ff, 0xfffffffffffffffd, 0x8, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x2, 0x9, 0x0, 0xffffffffffffffff, 0x8467, 0x8}, 0x0, 0x0)
write(r3, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_DPORT={0x6, 0x1d, 0xfffe}, @RTA_SPORT={0x6, 0x1c, 0x4e24}]}, 0x2c}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="010005"])
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})

3.935578ms ago: executing program 3 (id=2840):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @broadcast, 'geneve0\x00'}}, 0x1e)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x0, @private=0x4}})
ioctl$sock_inet_SIOCSIFADDR(r1, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0xfffe, @empty}})
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'ip_vti0\x00'}}, 0x1e)
close(r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000008000c3a000000100000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0x99, &(0x7f0000000a40)=""/153, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ctinfo={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x0, 0x0, 0x800000}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x2}]}, {0xffffffffffffff93}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, r6, 0x11, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @key_params=[@NL80211_ATTR_KEY_IDX={0x5}], @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x3}, @key_params=[@NL80211_ATTR_MAC={0xa, 0x6, @device_b}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random}]]}, 0x4c}}, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x2c, r9, 0x15, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}}, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x4c, r13, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_FRAME={0x27, 0x33, @reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x1}, {}, @device_b, @device_a, @random="37e6fc966e04", {0x0, 0x7}}, 0x4c00, 0x5d, @default, @val={0x1, 0x3, [{0x18, 0x1}, {0x16, 0x1}, {0x1b, 0x1}]}, @void}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$NL80211_CMD_STOP_NAN(r3, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r6, 0x100, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r11}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x8000)

0s ago: executing program 4 (id=2841):
unshare(0xc040480)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x2c, 0x2, [@TCA_HTB_DIRECT_QLEN={0x8, 0x5, 0x8}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x100, 0xfffff9e9}}, @TCA_HTB_DIRECT_QLEN={0x8}]}}]}, 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=@newtfilter={0x4c, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {}, {0x2, 0xe}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}]}}]}, 0x4c}}, 0x80)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r7=>0x0})
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r8)
r9 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r9, 0x114, 0x8, &(0x7f0000000080), 0x4)
bind$inet(r9, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r10 = socket(0x10, 0x3, 0x0)
sendto$inet6(r10, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f000c200a0000000d0085a168d0bf46d32345653600648d0a00120002000a0000005ade4a460c89b6ec0cff3959547f509058ba86c902000000", 0x5a, 0x0, 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x1, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, 0x64e10, 0x16201}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MCAST_FLOOD={0x5, 0x1b, 0x1}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x404c000}, 0x2)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x40001}, 0x4000)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r11, &(0x7f0000004bc0)=[{{&(0x7f0000000200)={0xa, 0x4e21, 0xa4de, @loopback, 0x91}, 0x1c, 0x0, 0x0, &(0x7f0000000900)=[@rthdrdstopts={{0x18, 0x29, 0x37, {0x16}}}, @dontfrag={{0x18, 0x29, 0x3e, 0xfff}}], 0x30}}], 0x1, 0x0)
syz_emit_ethernet(0xab, &(0x7f0000000400)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x9d, 0x0, 0x0, 0x4, 0x11, 0x0, @private, @multicast1}, {0x4000, 0x17c1, 0x89, 0x0, @opaque="1b1c5c9fdf629815eb051d37300f37cbb1778448768330cd6e30ac4593411632916b9b5f7f4344035658633e5843399f1c27460329200131a7e997b30e93c2f87c3f04d31fc3ceb9ea9df260b499a25690ecda5e249ab527b53888a08c7abad2fc7b64d195772704e41022f2f593bf7c9f5e7b70d1eb74dccdb0b8ca76030094d0"}}}}}, 0x0)
recvmmsg(r4, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000380)=""/188, 0xbc}, {&(0x7f0000000840)=""/239, 0xef}, {&(0x7f00000002c0)=""/35, 0x23}, {&(0x7f0000000940)=""/4096, 0x1061}, {&(0x7f0000000040)=""/74, 0x4a}, {&(0x7f00000006c0)=""/243, 0xf3}], 0x6}, 0x80400000}], 0x4, 0x20, 0x0)
r12 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
writev(r12, &(0x7f0000000640)=[{&(0x7f0000001e80)="fb5c", 0x2}, {0x0, 0x34}], 0x2)
ioctl$FICLONE(r0, 0x40049409, r4)

kernel console output (not intermixed with test programs):

T12709]  ? __pfx__printk+0x10/0x10
[  256.439432][T12709]  ? __pfx_lock_release+0x10/0x10
[  256.439461][T12709]  should_fail_ex+0x3b0/0x4e0
[  256.439482][T12709]  _copy_from_user+0x2d/0xb0
[  256.439505][T12709]  copy_msghdr_from_user+0xae/0x680
[  256.439529][T12709]  ? __pfx___might_resched+0x10/0x10
[  256.439549][T12709]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  256.439576][T12709]  ? do_recvmmsg+0x44e/0xab0
[  256.439595][T12709]  ? __might_fault+0xaa/0x120
[  256.439618][T12709]  do_recvmmsg+0x3bd/0xab0
[  256.439648][T12709]  ? __pfx_do_recvmmsg+0x10/0x10
[  256.439686][T12709]  ? ksys_write+0x22a/0x2b0
[  256.439705][T12709]  ? __pfx_lock_release+0x10/0x10
[  256.439730][T12709]  ? sb_end_write+0xe9/0x1c0
[  256.439752][T12709]  ? vfs_write+0x730/0xd30
[  256.439772][T12709]  ? __mutex_unlock_slowpath+0x227/0x800
[  256.439804][T12709]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  256.439826][T12709]  ? __fget_files+0x2a/0x410
[  256.439862][T12709]  __x64_sys_recvmmsg+0x199/0x250
[  256.439884][T12709]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  256.439904][T12709]  ? do_syscall_64+0x100/0x230
[  256.439923][T12709]  ? do_syscall_64+0xb6/0x230
[  256.439942][T12709]  do_syscall_64+0xf3/0x230
[  256.439957][T12709]  ? clear_bhb_loop+0x35/0x90
[  256.439977][T12709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.439994][T12709] RIP: 0033:0x7eff3e58cd29
[  256.440010][T12709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.440024][T12709] RSP: 002b:00007eff3f31c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  256.440042][T12709] RAX: ffffffffffffffda RBX: 00007eff3e7a5fa0 RCX: 00007eff3e58cd29
[  256.440054][T12709] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  256.440064][T12709] RBP: 00007eff3f31c090 R08: 0000000000000000 R09: 0000000000000000
[  256.440074][T12709] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  256.440083][T12709] R13: 0000000000000000 R14: 00007eff3e7a5fa0 R15: 00007ffe220ef5f8
[  256.440109][T12709]  </TASK>
[  256.838874][T12718] netlink: 'syz.1.1984': attribute type 5 has an invalid length.
[  256.867318][T12723] __nla_validate_parse: 10 callbacks suppressed
[  256.867338][T12723] netlink: 1296 bytes leftover after parsing attributes in process `syz.3.1986'.
[  256.929626][T12723] openvswitch: netlink: Flow key attr not present in new flow.
[  257.267403][T12743] FAULT_INJECTION: forcing a failure.
[  257.267403][T12743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.305674][T12743] CPU: 1 UID: 0 PID: 12743 Comm: syz.3.1990 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  257.305700][T12743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  257.305710][T12743] Call Trace:
[  257.305716][T12743]  <TASK>
[  257.305723][T12743]  dump_stack_lvl+0x241/0x360
[  257.305753][T12743]  ? __pfx_dump_stack_lvl+0x10/0x10
[  257.305775][T12743]  ? __pfx__printk+0x10/0x10
[  257.305797][T12743]  ? __pfx_lock_release+0x10/0x10
[  257.305825][T12743]  should_fail_ex+0x3b0/0x4e0
[  257.305846][T12743]  _copy_from_user+0x2d/0xb0
[  257.305868][T12743]  copy_msghdr_from_user+0xae/0x680
[  257.305891][T12743]  ? __pfx___might_resched+0x10/0x10
[  257.305914][T12743]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  257.305940][T12743]  ? do_recvmmsg+0x44e/0xab0
[  257.305957][T12743]  ? __might_fault+0xaa/0x120
[  257.305979][T12743]  do_recvmmsg+0x3bd/0xab0
[  257.306007][T12743]  ? __pfx_do_recvmmsg+0x10/0x10
[  257.306044][T12743]  ? ksys_write+0x22a/0x2b0
[  257.306062][T12743]  ? __pfx_lock_release+0x10/0x10
[  257.306087][T12743]  ? sb_end_write+0xe9/0x1c0
[  257.306108][T12743]  ? vfs_write+0x730/0xd30
[  257.306127][T12743]  ? __mutex_unlock_slowpath+0x227/0x800
[  257.306158][T12743]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  257.306179][T12743]  ? __fget_files+0x2a/0x410
[  257.306221][T12743]  __x64_sys_recvmmsg+0x199/0x250
[  257.306243][T12743]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  257.306263][T12743]  ? do_syscall_64+0x100/0x230
[  257.306281][T12743]  ? do_syscall_64+0xb6/0x230
[  257.306300][T12743]  do_syscall_64+0xf3/0x230
[  257.306314][T12743]  ? clear_bhb_loop+0x35/0x90
[  257.306334][T12743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.306349][T12743] RIP: 0033:0x7f09eef8cd29
[  257.306362][T12743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.306374][T12743] RSP: 002b:00007f09efe4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  257.306391][T12743] RAX: ffffffffffffffda RBX: 00007f09ef1a5fa0 RCX: 00007f09eef8cd29
[  257.306402][T12743] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  257.306411][T12743] RBP: 00007f09efe4c090 R08: 0000000000000000 R09: 0000000000000000
[  257.306421][T12743] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  257.306429][T12743] R13: 0000000000000000 R14: 00007f09ef1a5fa0 R15: 00007ffd35241048
[  257.306452][T12743]  </TASK>
[  257.815509][T12769] macsec1: entered promiscuous mode
[  257.823283][T12769] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  257.836935][T12769] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  257.892380][T12767] FAULT_INJECTION: forcing a failure.
[  257.892380][T12767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  257.917346][T12767] CPU: 0 UID: 0 PID: 12767 Comm: syz.1.1997 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  257.917372][T12767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  257.917381][T12767] Call Trace:
[  257.917386][T12767]  <TASK>
[  257.917393][T12767]  dump_stack_lvl+0x241/0x360
[  257.917432][T12767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  257.917453][T12767]  ? __pfx__printk+0x10/0x10
[  257.917474][T12767]  ? __pfx_lock_release+0x10/0x10
[  257.917501][T12767]  should_fail_ex+0x3b0/0x4e0
[  257.917521][T12767]  _copy_from_user+0x2d/0xb0
[  257.917543][T12767]  copy_msghdr_from_user+0xae/0x680
[  257.917564][T12767]  ? __pfx___might_resched+0x10/0x10
[  257.917585][T12767]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  257.917610][T12767]  ? do_recvmmsg+0x44e/0xab0
[  257.917628][T12767]  ? __might_fault+0xaa/0x120
[  257.917650][T12767]  do_recvmmsg+0x3bd/0xab0
[  257.917680][T12767]  ? __pfx_do_recvmmsg+0x10/0x10
[  257.917717][T12767]  ? ksys_write+0x22a/0x2b0
[  257.917735][T12767]  ? __pfx_lock_release+0x10/0x10
[  257.917760][T12767]  ? sb_end_write+0xe9/0x1c0
[  257.917781][T12767]  ? vfs_write+0x730/0xd30
[  257.917800][T12767]  ? __mutex_unlock_slowpath+0x227/0x800
[  257.917831][T12767]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  257.917852][T12767]  ? __fget_files+0x2a/0x410
[  257.917887][T12767]  __x64_sys_recvmmsg+0x199/0x250
[  257.917909][T12767]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  257.917929][T12767]  ? do_syscall_64+0x100/0x230
[  257.917948][T12767]  ? do_syscall_64+0xb6/0x230
[  257.917965][T12767]  do_syscall_64+0xf3/0x230
[  257.917980][T12767]  ? clear_bhb_loop+0x35/0x90
[  257.918001][T12767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.918016][T12767] RIP: 0033:0x7f23d4f8cd29
[  257.918031][T12767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.918045][T12767] RSP: 002b:00007f23d5e99038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  257.918064][T12767] RAX: ffffffffffffffda RBX: 00007f23d51a5fa0 RCX: 00007f23d4f8cd29
[  257.918076][T12767] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  257.918086][T12767] RBP: 00007f23d5e99090 R08: 0000000000000000 R09: 0000000000000000
[  257.918096][T12767] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  257.918105][T12767] R13: 0000000000000000 R14: 00007f23d51a5fa0 R15: 00007fffa8e7ca68
[  257.918130][T12767]  </TASK>
[  258.340814][T12777] netlink: 'syz.4.1999': attribute type 5 has an invalid length.
[  258.545728][T12785] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2004'.
[  258.561794][T12787] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2005'.
[  258.568754][T12785] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  258.600810][T12789] FAULT_INJECTION: forcing a failure.
[  258.600810][T12789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.614427][T12789] CPU: 0 UID: 0 PID: 12789 Comm: syz.1.2006 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  258.614449][T12789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  258.614459][T12789] Call Trace:
[  258.614465][T12789]  <TASK>
[  258.614471][T12789]  dump_stack_lvl+0x241/0x360
[  258.614500][T12789]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.614521][T12789]  ? __pfx__printk+0x10/0x10
[  258.614542][T12789]  ? __pfx_lock_release+0x10/0x10
[  258.614570][T12789]  should_fail_ex+0x3b0/0x4e0
[  258.614591][T12789]  _copy_from_user+0x2d/0xb0
[  258.614613][T12789]  copy_msghdr_from_user+0xae/0x680
[  258.614636][T12789]  ? __pfx___might_resched+0x10/0x10
[  258.614659][T12789]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  258.614685][T12789]  ? do_recvmmsg+0x44e/0xab0
[  258.614704][T12789]  ? __might_fault+0xaa/0x120
[  258.614726][T12789]  do_recvmmsg+0x3bd/0xab0
[  258.614756][T12789]  ? __pfx_do_recvmmsg+0x10/0x10
[  258.614794][T12789]  ? ksys_write+0x22a/0x2b0
[  258.614812][T12789]  ? __pfx_lock_release+0x10/0x10
[  258.614837][T12789]  ? sb_end_write+0xe9/0x1c0
[  258.614858][T12789]  ? vfs_write+0x730/0xd30
[  258.614879][T12789]  ? __mutex_unlock_slowpath+0x227/0x800
[  258.614910][T12789]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  258.614931][T12789]  ? __fget_files+0x2a/0x410
[  258.614967][T12789]  __x64_sys_recvmmsg+0x199/0x250
[  258.614988][T12789]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  258.615007][T12789]  ? do_syscall_64+0x100/0x230
[  258.615026][T12789]  ? do_syscall_64+0xb6/0x230
[  258.615043][T12789]  do_syscall_64+0xf3/0x230
[  258.615058][T12789]  ? clear_bhb_loop+0x35/0x90
[  258.615087][T12789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.615103][T12789] RIP: 0033:0x7f23d4f8cd29
[  258.615118][T12789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.615132][T12789] RSP: 002b:00007f23d5e99038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  258.615150][T12789] RAX: ffffffffffffffda RBX: 00007f23d51a5fa0 RCX: 00007f23d4f8cd29
[  258.615162][T12789] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  258.615172][T12789] RBP: 00007f23d5e99090 R08: 0000000000000000 R09: 0000000000000000
[  258.615183][T12789] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  258.615192][T12789] R13: 0000000000000000 R14: 00007f23d51a5fa0 R15: 00007fffa8e7ca68
[  258.615218][T12789]  </TASK>
[  259.229811][T12812] tipc: Enabling <eth:lo> not permitted
[  259.231685][T12795] delete_channel: no stack
[  259.240963][T12812] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  259.384653][T12817] netlink: 1296 bytes leftover after parsing attributes in process `syz.1.2015'.
[  259.409870][T12817] openvswitch: netlink: Flow key attr not present in new flow.
[  259.442618][T12819] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2017'.
[  259.593517][T12828] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2017'.
[  259.611656][T12828] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2017'.
[  259.647299][T12830] netlink: 'syz.2.2023': attribute type 5 has an invalid length.
[  260.210289][T12849] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2032'.
[  260.226708][T12849] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  260.247740][T12853] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2029'.
[  260.568213][T12877] netlink: 'syz.3.2039': attribute type 5 has an invalid length.
[  260.727684][T12882] netlink: 'syz.3.2041': attribute type 18 has an invalid length.
[  260.748903][T12885] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2042'.
[  260.759268][T12882] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  260.767625][T12882] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  260.775933][T12882] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  260.784258][T12882] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  261.183512][T12910] netlink: 'syz.3.2052': attribute type 5 has an invalid length.
[  261.239769][T12915] bridge3: entered promiscuous mode
[  261.268237][T12915] bridge3: entered allmulticast mode
[  261.429477][T12926] openvswitch: netlink: Flow key attr not present in new flow.
[  262.052352][T12959] netlink: 'syz.1.2068': attribute type 1 has an invalid length.
[  262.099687][T12959] 8021q: adding VLAN 0 to HW filter on device bond0
[  262.150996][T12965] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 1, id = 0
[  262.170968][T12959] __nla_validate_parse: 2 callbacks suppressed
[  262.170984][T12959] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2068'.
[  262.187678][T12957] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2066'.
[  262.255677][T12967] netlink: 1296 bytes leftover after parsing attributes in process `syz.4.2070'.
[  262.281128][T12967] openvswitch: netlink: Flow key attr not present in new flow.
[  262.556377][T12986] FAULT_INJECTION: forcing a failure.
[  262.556377][T12986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.661183][T12986] CPU: 1 UID: 0 PID: 12986 Comm: syz.2.2075 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  262.661210][T12986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  262.661220][T12986] Call Trace:
[  262.661226][T12986]  <TASK>
[  262.661234][T12986]  dump_stack_lvl+0x241/0x360
[  262.661263][T12986]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.661285][T12986]  ? __pfx__printk+0x10/0x10
[  262.661307][T12986]  ? __pfx_lock_release+0x10/0x10
[  262.661335][T12986]  should_fail_ex+0x3b0/0x4e0
[  262.661357][T12986]  _copy_from_user+0x2d/0xb0
[  262.661379][T12986]  copy_msghdr_from_user+0xae/0x680
[  262.661401][T12986]  ? __pfx___might_resched+0x10/0x10
[  262.661423][T12986]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  262.661449][T12986]  ? do_recvmmsg+0x44e/0xab0
[  262.661467][T12986]  ? __might_fault+0xaa/0x120
[  262.661490][T12986]  do_recvmmsg+0x3bd/0xab0
[  262.661517][T12986]  ? __pfx_do_recvmmsg+0x10/0x10
[  262.661554][T12986]  ? ksys_write+0x22a/0x2b0
[  262.661572][T12986]  ? __pfx_lock_release+0x10/0x10
[  262.661597][T12986]  ? sb_end_write+0xe9/0x1c0
[  262.661618][T12986]  ? vfs_write+0x730/0xd30
[  262.661638][T12986]  ? __mutex_unlock_slowpath+0x227/0x800
[  262.661669][T12986]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  262.661690][T12986]  ? __fget_files+0x2a/0x410
[  262.661724][T12986]  __x64_sys_recvmmsg+0x199/0x250
[  262.661744][T12986]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  262.661764][T12986]  ? do_syscall_64+0x100/0x230
[  262.661781][T12986]  ? do_syscall_64+0xb6/0x230
[  262.661798][T12986]  do_syscall_64+0xf3/0x230
[  262.661812][T12986]  ? clear_bhb_loop+0x35/0x90
[  262.661832][T12986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.661849][T12986] RIP: 0033:0x7fa3a318cd29
[  262.661864][T12986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.661877][T12986] RSP: 002b:00007fa3a4063038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  262.661896][T12986] RAX: ffffffffffffffda RBX: 00007fa3a33a5fa0 RCX: 00007fa3a318cd29
[  262.661908][T12986] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  262.661918][T12986] RBP: 00007fa3a4063090 R08: 0000000000000000 R09: 0000000000000000
[  262.661928][T12986] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  262.661938][T12986] R13: 0000000000000000 R14: 00007fa3a33a5fa0 R15: 00007ffc0f216478
[  262.661964][T12986]  </TASK>
[  263.052827][T13011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2082'.
[  263.072056][T12998] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  263.142073][T13015] ax25_connect(): syz.0.2084 uses autobind, please contact jreuter@yaina.de
[  263.319154][T13031] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.2087'.
[  263.526012][T13049] FAULT_INJECTION: forcing a failure.
[  263.526012][T13049] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  263.556778][T13047] FAULT_INJECTION: forcing a failure.
[  263.556778][T13047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.581343][T13047] CPU: 0 UID: 0 PID: 13047 Comm: syz.2.2092 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  263.581369][T13047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  263.581377][T13047] Call Trace:
[  263.581383][T13047]  <TASK>
[  263.581390][T13047]  dump_stack_lvl+0x241/0x360
[  263.581417][T13047]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.581436][T13047]  ? __pfx__printk+0x10/0x10
[  263.581456][T13047]  ? __pfx_lock_release+0x10/0x10
[  263.581480][T13047]  should_fail_ex+0x3b0/0x4e0
[  263.581498][T13047]  _copy_from_user+0x2d/0xb0
[  263.581518][T13047]  copy_msghdr_from_user+0xae/0x680
[  263.581538][T13047]  ? __pfx___might_resched+0x10/0x10
[  263.581557][T13047]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  263.581580][T13047]  ? do_recvmmsg+0x44e/0xab0
[  263.581596][T13047]  ? __might_fault+0xaa/0x120
[  263.581614][T13047]  do_recvmmsg+0x3bd/0xab0
[  263.581639][T13047]  ? __pfx_do_recvmmsg+0x10/0x10
[  263.581671][T13047]  ? ksys_write+0x22a/0x2b0
[  263.581687][T13047]  ? __pfx_lock_release+0x10/0x10
[  263.581715][T13047]  ? sb_end_write+0xe9/0x1c0
[  263.581734][T13047]  ? vfs_write+0x730/0xd30
[  263.581750][T13047]  ? __mutex_unlock_slowpath+0x227/0x800
[  263.581778][T13047]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  263.581796][T13047]  ? __fget_files+0x2a/0x410
[  263.581827][T13047]  __x64_sys_recvmmsg+0x199/0x250
[  263.581845][T13047]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  263.581863][T13047]  ? do_syscall_64+0x100/0x230
[  263.581879][T13047]  ? do_syscall_64+0xb6/0x230
[  263.581894][T13047]  do_syscall_64+0xf3/0x230
[  263.581906][T13047]  ? clear_bhb_loop+0x35/0x90
[  263.581924][T13047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.581938][T13047] RIP: 0033:0x7fa3a318cd29
[  263.581952][T13047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.581964][T13047] RSP: 002b:00007fa3a4063038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  263.581980][T13047] RAX: ffffffffffffffda RBX: 00007fa3a33a5fa0 RCX: 00007fa3a318cd29
[  263.581991][T13047] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  263.582000][T13047] RBP: 00007fa3a4063090 R08: 0000000000000000 R09: 0000000000000000
[  263.582008][T13047] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  263.582017][T13047] R13: 0000000000000000 R14: 00007fa3a33a5fa0 R15: 00007ffc0f216478
[  263.582039][T13047]  </TASK>
[  263.582046][T13049] CPU: 1 UID: 0 PID: 13049 Comm: syz.3.2093 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  263.582063][T13049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  263.582071][T13049] Call Trace:
[  263.582076][T13049]  <TASK>
[  263.582083][T13049]  dump_stack_lvl+0x241/0x360
[  263.582106][T13049]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.582127][T13049]  ? __pfx__printk+0x10/0x10
[  263.582149][T13049]  ? register_lock_class+0x102/0x980
[  263.582172][T13049]  should_fail_ex+0x3b0/0x4e0
[  263.582191][T13049]  prepare_alloc_pages+0x1da/0x5b0
[  263.582220][T13049]  __alloc_pages_noprof+0x16f/0x710
[  263.582243][T13049]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  263.582283][T13049]  alloc_pages_mpol_noprof+0x3e1/0x780
[  263.582311][T13049]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  263.582333][T13049]  ? rcu_is_watching+0x15/0xb0
[  263.582355][T13049]  ? trace_contention_end+0x3c/0x120
[  263.582380][T13049]  ? alloc_pages_noprof+0xef/0x170
[  263.582404][T13049]  __pmd_alloc+0x91/0x6b0
[  263.582420][T13049]  ? down_read+0x82b/0xa40
[  263.582434][T13049]  ? __pfx___pmd_alloc+0x10/0x10
[  263.582452][T13049]  ? hugetlb_fault+0x4d6/0x3360
[  263.582478][T13049]  huge_pte_alloc+0x4c7/0x520
[  263.582502][T13049]  ? __pfx_huge_pte_alloc+0x10/0x10
[  263.582533][T13049]  hugetlb_fault+0x681/0x3360
[  263.582577][T13049]  ? __pfx_hugetlb_fault+0x10/0x10
[  263.582625][T13049]  ? __pfx_lock_release+0x10/0x10
[  263.582652][T13049]  handle_mm_fault+0x18fe/0x1bb0
[  263.582667][T13049]  ? mt_find+0x2a9/0x920
[  263.582693][T13049]  ? __pfx_mt_find+0x10/0x10
[  263.582716][T13049]  ? __pfx_handle_mm_fault+0x10/0x10
[  263.582738][T13049]  ? find_vma+0xf9/0x170
[  263.582752][T13049]  ? __pfx_find_vma+0x10/0x10
[  263.582767][T13049]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  263.582792][T13049]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  263.582809][T13049]  exc_page_fault+0x2b9/0x8b0
[  263.582829][T13049]  ? __might_fault+0xaa/0x120
[  263.582847][T13049]  asm_exc_page_fault+0x26/0x30
[  263.582862][T13049] RIP: 0010:__get_user_4+0x18/0x30
[  263.582879][T13049] Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00
[  263.582891][T13049] RSP: 0018:ffffc900049bfd60 EFLAGS: 00050283
[  263.582904][T13049] RAX: 0000000020001580 RBX: ffffc900049bfde0 RCX: ffffc900049bfc03
[  263.582915][T13049] RDX: 00007ffffffff000 RSI: ffffffff8c0aa620 RDI: ffffffff8c6014a0
[  263.582925][T13049] RBP: ffffc900049bfed8 R08: ffffffff901ba4b7 R09: 1ffffffff2037496
[  263.582935][T13049] R10: dffffc0000000000 R11: fffffbfff2037497 R12: 0000000020001580
[  263.582977][T13049] R13: 000000000000000c R14: 0000000000000000 R15: ffffc900049bfde0
[  263.583004][T13049]  move_addr_to_user+0x4e/0x1d0
[  263.583023][T13049]  __sys_getpeername+0x1ce/0x270
[  263.583041][T13049]  ? __pfx___sys_getpeername+0x10/0x10
[  263.583067][T13049]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  263.583086][T13049]  ? do_syscall_64+0x100/0x230
[  263.583104][T13049]  __x64_sys_getpeername+0x7b/0x90
[  263.583121][T13049]  do_syscall_64+0xf3/0x230
[  263.583134][T13049]  ? clear_bhb_loop+0x35/0x90
[  263.583153][T13049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.583166][T13049] RIP: 0033:0x7f09eef8cd29
[  263.583179][T13049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.583192][T13049] RSP: 002b:00007f09efe4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000034
[  263.583206][T13049] RAX: ffffffffffffffda RBX: 00007f09ef1a5fa0 RCX: 00007f09eef8cd29
[  263.583217][T13049] RDX: 0000000020001580 RSI: 0000000000000000 RDI: 0000000000000003
[  263.583226][T13049] RBP: 00007f09efe4c090 R08: 0000000000000000 R09: 0000000000000000
[  263.583234][T13049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.583243][T13049] R13: 0000000000000000 R14: 00007f09ef1a5fa0 R15: 00007ffd35241048
[  263.583268][T13049]  </TASK>
[  264.249010][T13055] lo speed is unknown, defaulting to 1000
[  264.393900][T13065] lo speed is unknown, defaulting to 1000
[  264.474932][T13066] netlink: 'syz.3.2095': attribute type 10 has an invalid length.
[  264.498831][T13066] mac80211_hwsim hwsim6 wlan1: entered promiscuous mode
[  264.506401][T13066] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  264.519863][T13060] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.774559][T13065] lo speed is unknown, defaulting to 1000
[  265.008977][T13095] FAULT_INJECTION: forcing a failure.
[  265.008977][T13095] name failslab, interval 1, probability 0, space 0, times 0
[  265.050327][T13095] CPU: 1 UID: 0 PID: 13095 Comm: syz.4.2105 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  265.050359][T13095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  265.050368][T13095] Call Trace:
[  265.050375][T13095]  <TASK>
[  265.050382][T13095]  dump_stack_lvl+0x241/0x360
[  265.050435][T13095]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.050457][T13095]  ? __pfx__printk+0x10/0x10
[  265.050482][T13095]  ? kmem_cache_alloc_noprof+0x48/0x380
[  265.050506][T13095]  ? __pfx___might_resched+0x10/0x10
[  265.050531][T13095]  should_fail_ex+0x3b0/0x4e0
[  265.050554][T13095]  should_failslab+0xac/0x100
[  265.050577][T13095]  ? __pmd_alloc+0x10b/0x6b0
[  265.050592][T13095]  kmem_cache_alloc_noprof+0x70/0x380
[  265.050613][T13095]  ? trace_contention_end+0x3c/0x120
[  265.050640][T13095]  __pmd_alloc+0x10b/0x6b0
[  265.050658][T13095]  ? down_read+0x82b/0xa40
[  265.050675][T13095]  ? __pfx___pmd_alloc+0x10/0x10
[  265.050694][T13095]  ? hugetlb_fault+0x4d6/0x3360
[  265.050722][T13095]  huge_pte_alloc+0x4c7/0x520
[  265.050746][T13095]  ? __pfx_huge_pte_alloc+0x10/0x10
[  265.050778][T13095]  hugetlb_fault+0x681/0x3360
[  265.050833][T13095]  ? __pfx_hugetlb_fault+0x10/0x10
[  265.050885][T13095]  ? __pfx_lock_release+0x10/0x10
[  265.050916][T13095]  handle_mm_fault+0x18fe/0x1bb0
[  265.050932][T13095]  ? mt_find+0x2a9/0x920
[  265.050959][T13095]  ? __pfx_mt_find+0x10/0x10
[  265.050984][T13095]  ? __pfx_handle_mm_fault+0x10/0x10
[  265.051008][T13095]  ? find_vma+0xf9/0x170
[  265.051024][T13095]  ? __pfx_find_vma+0x10/0x10
[  265.051040][T13095]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  265.051068][T13095]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  265.051088][T13095]  exc_page_fault+0x2b9/0x8b0
[  265.051112][T13095]  ? __might_fault+0xaa/0x120
[  265.051132][T13095]  asm_exc_page_fault+0x26/0x30
[  265.051150][T13095] RIP: 0010:__get_user_4+0x18/0x30
[  265.051169][T13095] Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00
[  265.051183][T13095] RSP: 0018:ffffc90004b67d60 EFLAGS: 00050283
[  265.051199][T13095] RAX: 0000000020001580 RBX: ffffc90004b67de0 RCX: ffffc90004b67c03
[  265.051210][T13095] RDX: 00007ffffffff000 RSI: ffffffff8c0aa620 RDI: ffffffff8c6014a0
[  265.051222][T13095] RBP: ffffc90004b67ed8 R08: ffffffff901ba4b7 R09: 1ffffffff2037496
[  265.051234][T13095] R10: dffffc0000000000 R11: fffffbfff2037497 R12: 0000000020001580
[  265.051246][T13095] R13: 000000000000000c R14: 0000000000000000 R15: ffffc90004b67de0
[  265.051274][T13095]  move_addr_to_user+0x4e/0x1d0
[  265.051295][T13095]  __sys_getpeername+0x1ce/0x270
[  265.051315][T13095]  ? __pfx___sys_getpeername+0x10/0x10
[  265.051346][T13095]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  265.051368][T13095]  ? do_syscall_64+0x100/0x230
[  265.051388][T13095]  __x64_sys_getpeername+0x7b/0x90
[  265.051407][T13095]  do_syscall_64+0xf3/0x230
[  265.051423][T13095]  ? clear_bhb_loop+0x35/0x90
[  265.051443][T13095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.051459][T13095] RIP: 0033:0x7eff3e58cd29
[  265.051473][T13095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.051487][T13095] RSP: 002b:00007eff3f31c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000034
[  265.051503][T13095] RAX: ffffffffffffffda RBX: 00007eff3e7a5fa0 RCX: 00007eff3e58cd29
[  265.051514][T13095] RDX: 0000000020001580 RSI: 0000000000000000 RDI: 0000000000000003
[  265.051524][T13095] RBP: 00007eff3f31c090 R08: 0000000000000000 R09: 0000000000000000
[  265.051534][T13095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.051543][T13095] R13: 0000000000000000 R14: 00007eff3e7a5fa0 R15: 00007ffe220ef5f8
[  265.051571][T13095]  </TASK>
[  265.571939][T13100] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2108'.
[  265.582159][T13100] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2108'.
[  265.591879][T13100] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2108'.
[  265.592554][T13097] FAULT_INJECTION: forcing a failure.
[  265.592554][T13097] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.649690][T13097] CPU: 0 UID: 0 PID: 13097 Comm: syz.3.2106 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  265.649718][T13097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  265.649728][T13097] Call Trace:
[  265.649735][T13097]  <TASK>
[  265.649743][T13097]  dump_stack_lvl+0x241/0x360
[  265.649773][T13097]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.649794][T13097]  ? __pfx__printk+0x10/0x10
[  265.649816][T13097]  ? __pfx_lock_release+0x10/0x10
[  265.649845][T13097]  should_fail_ex+0x3b0/0x4e0
[  265.649867][T13097]  _copy_from_user+0x2d/0xb0
[  265.649889][T13097]  copy_msghdr_from_user+0xae/0x680
[  265.649912][T13097]  ? __pfx___might_resched+0x10/0x10
[  265.649934][T13097]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  265.649960][T13097]  ? do_recvmmsg+0x44e/0xab0
[  265.649979][T13097]  ? __might_fault+0xaa/0x120
[  265.650001][T13097]  do_recvmmsg+0x3bd/0xab0
[  265.650030][T13097]  ? __pfx_do_recvmmsg+0x10/0x10
[  265.650068][T13097]  ? ksys_write+0x22a/0x2b0
[  265.650087][T13097]  ? __pfx_lock_release+0x10/0x10
[  265.650111][T13097]  ? sb_end_write+0xe9/0x1c0
[  265.650133][T13097]  ? vfs_write+0x730/0xd30
[  265.650153][T13097]  ? __mutex_unlock_slowpath+0x227/0x800
[  265.650185][T13097]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  265.650206][T13097]  ? __fget_files+0x2a/0x410
[  265.650242][T13097]  __x64_sys_recvmmsg+0x199/0x250
[  265.650264][T13097]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  265.650284][T13097]  ? do_syscall_64+0x100/0x230
[  265.650302][T13097]  ? do_syscall_64+0xb6/0x230
[  265.650320][T13097]  do_syscall_64+0xf3/0x230
[  265.650339][T13097]  ? clear_bhb_loop+0x35/0x90
[  265.650377][T13097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.650391][T13097] RIP: 0033:0x7f09eef8cd29
[  265.650406][T13097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.650417][T13097] RSP: 002b:00007f09efe4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  265.650434][T13097] RAX: ffffffffffffffda RBX: 00007f09ef1a5fa0 RCX: 00007f09eef8cd29
[  265.650444][T13097] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  265.650453][T13097] RBP: 00007f09efe4c090 R08: 0000000000000000 R09: 0000000000000000
[  265.650463][T13097] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  265.650473][T13097] R13: 0000000000000000 R14: 00007f09ef1a5fa0 R15: 00007ffd35241048
[  265.650499][T13097]  </TASK>
[  265.940259][T13105] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2109'.
[  266.587891][T13127] lo speed is unknown, defaulting to 1000
[  267.131754][T13144] netlink: 1296 bytes leftover after parsing attributes in process `syz.4.2124'.
[  267.190984][T13144] openvswitch: netlink: Flow key attr not present in new flow.
[  268.267905][T13189] FAULT_INJECTION: forcing a failure.
[  268.267905][T13189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.330747][T13189] CPU: 1 UID: 0 PID: 13189 Comm: syz.4.2137 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  268.330773][T13189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  268.330783][T13189] Call Trace:
[  268.330789][T13189]  <TASK>
[  268.330796][T13189]  dump_stack_lvl+0x241/0x360
[  268.330830][T13189]  ? __pfx_dump_stack_lvl+0x10/0x10
[  268.330852][T13189]  ? __pfx__printk+0x10/0x10
[  268.330875][T13189]  ? __pfx_lock_release+0x10/0x10
[  268.330904][T13189]  should_fail_ex+0x3b0/0x4e0
[  268.330925][T13189]  _copy_from_user+0x2d/0xb0
[  268.330948][T13189]  copy_msghdr_from_user+0xae/0x680
[  268.330968][T13189]  ? __pfx___might_resched+0x10/0x10
[  268.330989][T13189]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  268.331014][T13189]  ? do_recvmmsg+0x44e/0xab0
[  268.331033][T13189]  ? __might_fault+0xaa/0x120
[  268.331055][T13189]  do_recvmmsg+0x3bd/0xab0
[  268.331085][T13189]  ? __pfx_do_recvmmsg+0x10/0x10
[  268.331124][T13189]  ? ksys_write+0x22a/0x2b0
[  268.331143][T13189]  ? __pfx_lock_release+0x10/0x10
[  268.331168][T13189]  ? sb_end_write+0xe9/0x1c0
[  268.331191][T13189]  ? vfs_write+0x730/0xd30
[  268.331210][T13189]  ? __mutex_unlock_slowpath+0x227/0x800
[  268.331242][T13189]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  268.331264][T13189]  ? __fget_files+0x2a/0x410
[  268.331300][T13189]  __x64_sys_recvmmsg+0x199/0x250
[  268.331320][T13189]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  268.331340][T13189]  ? do_syscall_64+0x100/0x230
[  268.331359][T13189]  ? do_syscall_64+0xb6/0x230
[  268.331377][T13189]  do_syscall_64+0xf3/0x230
[  268.331393][T13189]  ? clear_bhb_loop+0x35/0x90
[  268.331413][T13189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.331429][T13189] RIP: 0033:0x7eff3e58cd29
[  268.331444][T13189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.331458][T13189] RSP: 002b:00007eff3f31c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  268.331477][T13189] RAX: ffffffffffffffda RBX: 00007eff3e7a5fa0 RCX: 00007eff3e58cd29
[  268.331489][T13189] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  268.331500][T13189] RBP: 00007eff3f31c090 R08: 0000000000000000 R09: 0000000000000000
[  268.331510][T13189] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  268.331520][T13189] R13: 0000000000000000 R14: 00007eff3e7a5fa0 R15: 00007ffe220ef5f8
[  268.331546][T13189]  </TASK>
[  268.683310][T13185] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2135'.
[  268.758829][T13206] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2144'.
[  269.143065][T13229] bridge_slave_0: entered promiscuous mode
[  269.177333][T13229] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  269.209891][T13229] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2153'.
[  269.236149][T13233] netlink: 1296 bytes leftover after parsing attributes in process `syz.0.2154'.
[  269.252482][T13233] openvswitch: netlink: Flow key attr not present in new flow.
[  269.296663][T13239] netlink: 'syz.1.2155': attribute type 4 has an invalid length.
[  269.412562][T13245] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  269.420933][T13245] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  269.429136][T13245] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  269.437667][T13245] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  269.455167][T13245] vxlan0: entered promiscuous mode
[  269.466760][T13245] vxlan0: entered allmulticast mode
[  269.479401][T13245] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  269.488043][T13245] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  269.496557][T13245] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  269.505532][T13245] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  269.562371][T13256] sctp: [Deprecated]: syz.1.2159 (pid 13256) Use of struct sctp_assoc_value in delayed_ack socket option.
[  269.562371][T13256] Use struct sctp_sack_info instead
[  269.772765][T13245] netlink: 'syz.0.2158': attribute type 39 has an invalid length.
[  269.775674][T13266] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2165'.
[  269.795855][T13266] batadv1: entered promiscuous mode
[  269.810565][T13266] batadv1: entered allmulticast mode
[  269.897918][T13270] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2165'.
[  270.181938][T13278] netlink: 1296 bytes leftover after parsing attributes in process `syz.1.2169'.
[  270.212808][T13278] openvswitch: netlink: Flow key attr not present in new flow.
[  270.303505][T13284] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2172'.
[  270.310550][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  270.322951][T13284] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2172'.
[  270.355233][T13284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  270.380512][T13284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.404906][T13284] dummy0: entered promiscuous mode
[  270.417815][T13284] bond0: entered promiscuous mode
[  270.431724][T13284] bond_slave_0: entered promiscuous mode
[  270.439579][T13284] bond_slave_1: entered promiscuous mode
[  270.446125][T13284] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  270.465744][T13284] Cannot create hsr debugfs directory
[  270.472573][T13284] hsr1: Slave A (dummy0) is not up; please bring it up to get a fully working HSR network
[  270.492061][T13284] hsr1: Slave B (bond0) is not up; please bring it up to get a fully working HSR network
[  270.506791][T13296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.577508][T13296] netlink: 'syz.2.2177': attribute type 10 has an invalid length.
[  270.632521][T13300] FAULT_INJECTION: forcing a failure.
[  270.632521][T13300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.691384][T13300] CPU: 0 UID: 0 PID: 13300 Comm: syz.1.2179 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  270.691418][T13300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  270.691429][T13300] Call Trace:
[  270.691435][T13300]  <TASK>
[  270.691442][T13300]  dump_stack_lvl+0x241/0x360
[  270.691475][T13300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  270.691493][T13300]  ? __pfx__printk+0x10/0x10
[  270.691515][T13300]  ? __pfx_lock_release+0x10/0x10
[  270.691541][T13300]  should_fail_ex+0x3b0/0x4e0
[  270.691562][T13300]  _copy_from_user+0x2d/0xb0
[  270.691585][T13300]  copy_msghdr_from_user+0xae/0x680
[  270.691607][T13300]  ? __pfx___might_resched+0x10/0x10
[  270.691628][T13300]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  270.691655][T13300]  ? do_recvmmsg+0x44e/0xab0
[  270.691674][T13300]  ? __might_fault+0xaa/0x120
[  270.691696][T13300]  do_recvmmsg+0x3bd/0xab0
[  270.691725][T13300]  ? __pfx_do_recvmmsg+0x10/0x10
[  270.691762][T13300]  ? ksys_write+0x22a/0x2b0
[  270.691781][T13300]  ? __pfx_lock_release+0x10/0x10
[  270.691804][T13300]  ? sb_end_write+0xe9/0x1c0
[  270.691826][T13300]  ? vfs_write+0x730/0xd30
[  270.691845][T13300]  ? __mutex_unlock_slowpath+0x227/0x800
[  270.691878][T13300]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  270.691897][T13300]  ? __fget_files+0x2a/0x410
[  270.691932][T13300]  __x64_sys_recvmmsg+0x199/0x250
[  270.691954][T13300]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  270.691974][T13300]  ? do_syscall_64+0x100/0x230
[  270.691992][T13300]  ? do_syscall_64+0xb6/0x230
[  270.692009][T13300]  do_syscall_64+0xf3/0x230
[  270.692025][T13300]  ? clear_bhb_loop+0x35/0x90
[  270.692046][T13300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.692063][T13300] RIP: 0033:0x7f23d4f8cd29
[  270.692079][T13300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.692093][T13300] RSP: 002b:00007f23d5e99038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  270.692112][T13300] RAX: ffffffffffffffda RBX: 00007f23d51a5fa0 RCX: 00007f23d4f8cd29
[  270.692123][T13300] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  270.692134][T13300] RBP: 00007f23d5e99090 R08: 0000000000000000 R09: 0000000000000000
[  270.692144][T13300] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  270.692154][T13300] R13: 0000000000000000 R14: 00007f23d51a5fa0 R15: 00007fffa8e7ca68
[  270.692180][T13300]  </TASK>
[  271.077366][T13316] netlink: 1296 bytes leftover after parsing attributes in process `syz.1.2186'.
[  271.095778][T13316] openvswitch: netlink: Flow key attr not present in new flow.
[  271.201328][T13311] FAULT_INJECTION: forcing a failure.
[  271.201328][T13311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.232821][T13311] CPU: 1 UID: 0 PID: 13311 Comm: syz.3.2184 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  271.232847][T13311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  271.232856][T13311] Call Trace:
[  271.232862][T13311]  <TASK>
[  271.232869][T13311]  dump_stack_lvl+0x241/0x360
[  271.232901][T13311]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.232921][T13311]  ? __pfx__printk+0x10/0x10
[  271.232943][T13311]  ? __pfx_lock_release+0x10/0x10
[  271.232970][T13311]  should_fail_ex+0x3b0/0x4e0
[  271.232991][T13311]  _copy_from_user+0x2d/0xb0
[  271.233014][T13311]  copy_msghdr_from_user+0xae/0x680
[  271.233038][T13311]  ? __pfx___might_resched+0x10/0x10
[  271.233060][T13311]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  271.233085][T13311]  ? do_recvmmsg+0x44e/0xab0
[  271.233102][T13311]  ? __might_fault+0xaa/0x120
[  271.233125][T13311]  do_recvmmsg+0x3bd/0xab0
[  271.233152][T13311]  ? __pfx_do_recvmmsg+0x10/0x10
[  271.233188][T13311]  ? ksys_write+0x22a/0x2b0
[  271.233207][T13311]  ? __pfx_lock_release+0x10/0x10
[  271.233231][T13311]  ? sb_end_write+0xe9/0x1c0
[  271.233252][T13311]  ? vfs_write+0x730/0xd30
[  271.233270][T13311]  ? __mutex_unlock_slowpath+0x227/0x800
[  271.233302][T13311]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  271.233322][T13311]  ? __fget_files+0x2a/0x410
[  271.233365][T13311]  __x64_sys_recvmmsg+0x199/0x250
[  271.233385][T13311]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  271.233404][T13311]  ? do_syscall_64+0x100/0x230
[  271.233422][T13311]  ? do_syscall_64+0xb6/0x230
[  271.233439][T13311]  do_syscall_64+0xf3/0x230
[  271.233453][T13311]  ? clear_bhb_loop+0x35/0x90
[  271.233474][T13311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.233490][T13311] RIP: 0033:0x7f09eef8cd29
[  271.233504][T13311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.233517][T13311] RSP: 002b:00007f09efe4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  271.233535][T13311] RAX: ffffffffffffffda RBX: 00007f09ef1a5fa0 RCX: 00007f09eef8cd29
[  271.233547][T13311] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  271.233556][T13311] RBP: 00007f09efe4c090 R08: 0000000000000000 R09: 0000000000000000
[  271.233566][T13311] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  271.233576][T13311] R13: 0000000000000000 R14: 00007f09ef1a5fa0 R15: 00007ffd35241048
[  271.233601][T13311]  </TASK>
[  271.727560][T13346] FAULT_INJECTION: forcing a failure.
[  271.727560][T13346] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.763496][T13346] CPU: 0 UID: 0 PID: 13346 Comm: syz.3.2197 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  271.763525][T13346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  271.763535][T13346] Call Trace:
[  271.763542][T13346]  <TASK>
[  271.763549][T13346]  dump_stack_lvl+0x241/0x360
[  271.763583][T13346]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.763605][T13346]  ? __pfx__printk+0x10/0x10
[  271.763628][T13346]  ? __pfx_lock_release+0x10/0x10
[  271.763657][T13346]  should_fail_ex+0x3b0/0x4e0
[  271.763678][T13346]  _copy_from_user+0x2d/0xb0
[  271.763700][T13346]  copy_msghdr_from_user+0xae/0x680
[  271.763722][T13346]  ? __pfx___might_resched+0x10/0x10
[  271.763743][T13346]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  271.763770][T13346]  ? do_recvmmsg+0x44e/0xab0
[  271.763788][T13346]  ? __might_fault+0xaa/0x120
[  271.763810][T13346]  do_recvmmsg+0x3bd/0xab0
[  271.763839][T13346]  ? __pfx_do_recvmmsg+0x10/0x10
[  271.763878][T13346]  ? ksys_write+0x22a/0x2b0
[  271.763896][T13346]  ? __pfx_lock_release+0x10/0x10
[  271.763920][T13346]  ? sb_end_write+0xe9/0x1c0
[  271.763942][T13346]  ? vfs_write+0x730/0xd30
[  271.763961][T13346]  ? __mutex_unlock_slowpath+0x227/0x800
[  271.763992][T13346]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  271.764014][T13346]  ? __fget_files+0x2a/0x410
[  271.764071][T13346]  __x64_sys_recvmmsg+0x199/0x250
[  271.764093][T13346]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  271.764113][T13346]  ? do_syscall_64+0x100/0x230
[  271.764133][T13346]  ? do_syscall_64+0xb6/0x230
[  271.764150][T13346]  do_syscall_64+0xf3/0x230
[  271.764166][T13346]  ? clear_bhb_loop+0x35/0x90
[  271.764186][T13346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.764203][T13346] RIP: 0033:0x7f09eef8cd29
[  271.764218][T13346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.764231][T13346] RSP: 002b:00007f09efe4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  271.764249][T13346] RAX: ffffffffffffffda RBX: 00007f09ef1a5fa0 RCX: 00007f09eef8cd29
[  271.764261][T13346] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  271.764272][T13346] RBP: 00007f09efe4c090 R08: 0000000000000000 R09: 0000000000000000
[  271.764282][T13346] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  271.764292][T13346] R13: 0000000000000000 R14: 00007f09ef1a5fa0 R15: 00007ffd35241048
[  271.764317][T13346]  </TASK>
[  272.197370][T13361] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  272.353673][T13369] batadv0: entered promiscuous mode
[  272.361482][T13369] batadv0: entered allmulticast mode
[  272.433065][T13372] FAULT_INJECTION: forcing a failure.
[  272.433065][T13372] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.447178][T13372] CPU: 1 UID: 0 PID: 13372 Comm: syz.1.2206 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  272.447201][T13372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  272.447211][T13372] Call Trace:
[  272.447217][T13372]  <TASK>
[  272.447224][T13372]  dump_stack_lvl+0x241/0x360
[  272.447253][T13372]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.447275][T13372]  ? __pfx__printk+0x10/0x10
[  272.447297][T13372]  ? __pfx_lock_release+0x10/0x10
[  272.447326][T13372]  should_fail_ex+0x3b0/0x4e0
[  272.447348][T13372]  _copy_from_user+0x2d/0xb0
[  272.447370][T13372]  copy_msghdr_from_user+0xae/0x680
[  272.447393][T13372]  ? __pfx___might_resched+0x10/0x10
[  272.447414][T13372]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  272.447441][T13372]  ? do_recvmmsg+0x44e/0xab0
[  272.447460][T13372]  ? __might_fault+0xaa/0x120
[  272.447482][T13372]  do_recvmmsg+0x3bd/0xab0
[  272.447511][T13372]  ? __pfx_do_recvmmsg+0x10/0x10
[  272.447550][T13372]  ? ksys_write+0x22a/0x2b0
[  272.447568][T13372]  ? __pfx_lock_release+0x10/0x10
[  272.447592][T13372]  ? sb_end_write+0xe9/0x1c0
[  272.447614][T13372]  ? vfs_write+0x730/0xd30
[  272.447633][T13372]  ? __mutex_unlock_slowpath+0x227/0x800
[  272.447665][T13372]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  272.447686][T13372]  ? __fget_files+0x2a/0x410
[  272.447722][T13372]  __x64_sys_recvmmsg+0x199/0x250
[  272.447744][T13372]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  272.447765][T13372]  ? do_syscall_64+0x100/0x230
[  272.447783][T13372]  ? do_syscall_64+0xb6/0x230
[  272.447801][T13372]  do_syscall_64+0xf3/0x230
[  272.447816][T13372]  ? clear_bhb_loop+0x35/0x90
[  272.447837][T13372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.447854][T13372] RIP: 0033:0x7f23d4f8cd29
[  272.447868][T13372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.447883][T13372] RSP: 002b:00007f23d5e99038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  272.447901][T13372] RAX: ffffffffffffffda RBX: 00007f23d51a5fa0 RCX: 00007f23d4f8cd29
[  272.447913][T13372] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  272.447923][T13372] RBP: 00007f23d5e99090 R08: 0000000000000000 R09: 0000000000000000
[  272.447937][T13372] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  272.447947][T13372] R13: 0000000000000000 R14: 00007f23d51a5fa0 R15: 00007fffa8e7ca68
[  272.447974][T13372]  </TASK>
[  272.784292][T13384] netlink: 'syz.1.2210': attribute type 2 has an invalid length.
[  272.792866][T13384] netlink: 'syz.1.2210': attribute type 9 has an invalid length.
[  272.809162][T13384] dvmrp5: entered allmulticast mode
[  272.819109][T13382] dvmrp5: left allmulticast mode
[  272.906405][T13387] FAULT_INJECTION: forcing a failure.
[  272.906405][T13387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.920564][T13387] CPU: 1 UID: 0 PID: 13387 Comm: syz.0.2211 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  272.920589][T13387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  272.920598][T13387] Call Trace:
[  272.920605][T13387]  <TASK>
[  272.920612][T13387]  dump_stack_lvl+0x241/0x360
[  272.920641][T13387]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.920662][T13387]  ? __pfx__printk+0x10/0x10
[  272.920685][T13387]  ? __pfx_lock_release+0x10/0x10
[  272.920713][T13387]  should_fail_ex+0x3b0/0x4e0
[  272.920734][T13387]  _copy_from_user+0x2d/0xb0
[  272.920757][T13387]  copy_msghdr_from_user+0xae/0x680
[  272.920779][T13387]  ? __pfx___might_resched+0x10/0x10
[  272.920801][T13387]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  272.920827][T13387]  ? do_recvmmsg+0x44e/0xab0
[  272.920846][T13387]  ? __might_fault+0xaa/0x120
[  272.920868][T13387]  do_recvmmsg+0x3bd/0xab0
[  272.920897][T13387]  ? __pfx_do_recvmmsg+0x10/0x10
[  272.920936][T13387]  ? ksys_write+0x22a/0x2b0
[  272.920955][T13387]  ? __pfx_lock_release+0x10/0x10
[  272.920987][T13387]  ? sb_end_write+0xe9/0x1c0
[  272.921009][T13387]  ? vfs_write+0x730/0xd30
[  272.921032][T13387]  ? __mutex_unlock_slowpath+0x227/0x800
[  272.921064][T13387]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  272.921085][T13387]  ? __fget_files+0x2a/0x410
[  272.921121][T13387]  __x64_sys_recvmmsg+0x199/0x250
[  272.921142][T13387]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  272.921161][T13387]  ? do_syscall_64+0x100/0x230
[  272.921179][T13387]  ? do_syscall_64+0xb6/0x230
[  272.921197][T13387]  do_syscall_64+0xf3/0x230
[  272.921211][T13387]  ? clear_bhb_loop+0x35/0x90
[  272.921232][T13387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.921249][T13387] RIP: 0033:0x7fc44a78cd29
[  272.921264][T13387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.921278][T13387] RSP: 002b:00007fc44b6b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  272.921296][T13387] RAX: ffffffffffffffda RBX: 00007fc44a9a5fa0 RCX: 00007fc44a78cd29
[  272.921308][T13387] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  272.921318][T13387] RBP: 00007fc44b6b8090 R08: 0000000000000000 R09: 0000000000000000
[  272.921329][T13387] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  272.921339][T13387] R13: 0000000000000000 R14: 00007fc44a9a5fa0 R15: 00007ffdb8fb2018
[  272.921365][T13387]  </TASK>
[  273.498418][T13412] batadv1: entered promiscuous mode
[  273.506257][T13412] batadv1: entered allmulticast mode
[  273.638214][T13414] FAULT_INJECTION: forcing a failure.
[  273.638214][T13414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  273.669514][T13414] CPU: 0 UID: 0 PID: 13414 Comm: syz.4.2220 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  273.669541][T13414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  273.669552][T13414] Call Trace:
[  273.669558][T13414]  <TASK>
[  273.669566][T13414]  dump_stack_lvl+0x241/0x360
[  273.669596][T13414]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.669618][T13414]  ? __pfx__printk+0x10/0x10
[  273.669641][T13414]  ? __pfx_lock_release+0x10/0x10
[  273.669670][T13414]  should_fail_ex+0x3b0/0x4e0
[  273.669691][T13414]  _copy_from_user+0x2d/0xb0
[  273.669714][T13414]  copy_msghdr_from_user+0xae/0x680
[  273.669757][T13414]  ? __pfx___might_resched+0x10/0x10
[  273.669777][T13414]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  273.669804][T13414]  ? do_recvmmsg+0x44e/0xab0
[  273.669822][T13414]  ? __might_fault+0xaa/0x120
[  273.669844][T13414]  do_recvmmsg+0x3bd/0xab0
[  273.669873][T13414]  ? __pfx_do_recvmmsg+0x10/0x10
[  273.669910][T13414]  ? ksys_write+0x22a/0x2b0
[  273.669928][T13414]  ? __pfx_lock_release+0x10/0x10
[  273.669953][T13414]  ? sb_end_write+0xe9/0x1c0
[  273.669975][T13414]  ? vfs_write+0x730/0xd30
[  273.669994][T13414]  ? __mutex_unlock_slowpath+0x227/0x800
[  273.670026][T13414]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  273.670048][T13414]  ? __fget_files+0x2a/0x410
[  273.670084][T13414]  __x64_sys_recvmmsg+0x199/0x250
[  273.670106][T13414]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  273.670127][T13414]  ? do_syscall_64+0x100/0x230
[  273.670146][T13414]  ? do_syscall_64+0xb6/0x230
[  273.670172][T13414]  do_syscall_64+0xf3/0x230
[  273.670187][T13414]  ? clear_bhb_loop+0x35/0x90
[  273.670207][T13414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.670223][T13414] RIP: 0033:0x7eff3e58cd29
[  273.670238][T13414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.670251][T13414] RSP: 002b:00007eff3f31c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  273.670269][T13414] RAX: ffffffffffffffda RBX: 00007eff3e7a5fa0 RCX: 00007eff3e58cd29
[  273.670282][T13414] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  273.670292][T13414] RBP: 00007eff3f31c090 R08: 0000000000000000 R09: 0000000000000000
[  273.670303][T13414] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  273.670313][T13414] R13: 0000000000000000 R14: 00007eff3e7a5fa0 R15: 00007ffe220ef5f8
[  273.670342][T13414]  </TASK>
[  273.734078][T13423] (unnamed net_device) (uninitialized): up delay (3) is not a multiple of miimon (100), value rounded to 0 ms
[  273.951501][T13420] bond0: left promiscuous mode
[  273.971047][T13420] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  274.016834][T13420] bond0: left allmulticast mode
[  274.039931][T13420] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[  274.073573][T13420] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  274.096211][T13428] FAULT_INJECTION: forcing a failure.
[  274.096211][T13428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  274.129052][T13428] CPU: 0 UID: 0 PID: 13428 Comm: syz.0.2224 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  274.129080][T13428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  274.129090][T13428] Call Trace:
[  274.129096][T13428]  <TASK>
[  274.129103][T13428]  dump_stack_lvl+0x241/0x360
[  274.129132][T13428]  ? __pfx_dump_stack_lvl+0x10/0x10
[  274.129153][T13428]  ? __pfx__printk+0x10/0x10
[  274.129176][T13428]  ? __pfx_lock_release+0x10/0x10
[  274.129204][T13428]  should_fail_ex+0x3b0/0x4e0
[  274.129224][T13428]  _copy_from_user+0x2d/0xb0
[  274.129247][T13428]  copy_msghdr_from_user+0xae/0x680
[  274.129269][T13428]  ? __pfx___might_resched+0x10/0x10
[  274.129291][T13428]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  274.129318][T13428]  ? do_recvmmsg+0x44e/0xab0
[  274.129335][T13428]  ? __might_fault+0xaa/0x120
[  274.129354][T13428]  do_recvmmsg+0x3bd/0xab0
[  274.129381][T13428]  ? __pfx_do_recvmmsg+0x10/0x10
[  274.129413][T13428]  ? ksys_write+0x22a/0x2b0
[  274.129430][T13428]  ? __pfx_lock_release+0x10/0x10
[  274.129452][T13428]  ? sb_end_write+0xe9/0x1c0
[  274.129472][T13428]  ? vfs_write+0x730/0xd30
[  274.129491][T13428]  ? __mutex_unlock_slowpath+0x227/0x800
[  274.129520][T13428]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  274.129540][T13428]  ? __fget_files+0x2a/0x410
[  274.129576][T13428]  __x64_sys_recvmmsg+0x199/0x250
[  274.129597][T13428]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  274.129617][T13428]  ? do_syscall_64+0x100/0x230
[  274.129635][T13428]  ? do_syscall_64+0xb6/0x230
[  274.129650][T13428]  do_syscall_64+0xf3/0x230
[  274.129665][T13428]  ? clear_bhb_loop+0x35/0x90
[  274.129703][T13428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.129719][T13428] RIP: 0033:0x7fc44a78cd29
[  274.129733][T13428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.129745][T13428] RSP: 002b:00007fc44b6b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  274.129762][T13428] RAX: ffffffffffffffda RBX: 00007fc44a9a5fa0 RCX: 00007fc44a78cd29
[  274.129773][T13428] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  274.129784][T13428] RBP: 00007fc44b6b8090 R08: 0000000000000000 R09: 0000000000000000
[  274.129794][T13428] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  274.129805][T13428] R13: 0000000000000000 R14: 00007fc44a9a5fa0 R15: 00007ffdb8fb2018
[  274.129831][T13428]  </TASK>
[  274.763951][T13440] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  274.780548][T13447] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  275.026071][T13452] __nla_validate_parse: 7 callbacks suppressed
[  275.026093][T13452] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2231'.
[  275.207207][T13463] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.2236'.
[  275.226678][T13460] FAULT_INJECTION: forcing a failure.
[  275.226678][T13460] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.246951][T13460] CPU: 1 UID: 0 PID: 13460 Comm: syz.0.2235 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  275.246979][T13460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  275.246989][T13460] Call Trace:
[  275.246995][T13460]  <TASK>
[  275.247002][T13460]  dump_stack_lvl+0x241/0x360
[  275.247032][T13460]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.247053][T13460]  ? __pfx__printk+0x10/0x10
[  275.247073][T13460]  ? __pfx_lock_release+0x10/0x10
[  275.247099][T13460]  should_fail_ex+0x3b0/0x4e0
[  275.247120][T13460]  _copy_from_user+0x2d/0xb0
[  275.247142][T13460]  copy_msghdr_from_user+0xae/0x680
[  275.247164][T13460]  ? __pfx___might_resched+0x10/0x10
[  275.247184][T13460]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  275.247210][T13460]  ? do_recvmmsg+0x44e/0xab0
[  275.247229][T13460]  ? __might_fault+0xaa/0x120
[  275.247251][T13460]  do_recvmmsg+0x3bd/0xab0
[  275.247279][T13460]  ? __pfx_do_recvmmsg+0x10/0x10
[  275.247316][T13460]  ? ksys_write+0x22a/0x2b0
[  275.247335][T13460]  ? __pfx_lock_release+0x10/0x10
[  275.247359][T13460]  ? sb_end_write+0xe9/0x1c0
[  275.247379][T13460]  ? vfs_write+0x730/0xd30
[  275.247398][T13460]  ? __mutex_unlock_slowpath+0x227/0x800
[  275.247429][T13460]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  275.247449][T13460]  ? __fget_files+0x2a/0x410
[  275.247486][T13460]  __x64_sys_recvmmsg+0x199/0x250
[  275.247508][T13460]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  275.247527][T13460]  ? do_syscall_64+0x100/0x230
[  275.247544][T13460]  ? do_syscall_64+0xb6/0x230
[  275.247560][T13460]  do_syscall_64+0xf3/0x230
[  275.247575][T13460]  ? clear_bhb_loop+0x35/0x90
[  275.247594][T13460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.247611][T13460] RIP: 0033:0x7fc44a78cd29
[  275.247625][T13460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.247639][T13460] RSP: 002b:00007fc44b6b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  275.247656][T13460] RAX: ffffffffffffffda RBX: 00007fc44a9a5fa0 RCX: 00007fc44a78cd29
[  275.247668][T13460] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  275.247681][T13460] RBP: 00007fc44b6b8090 R08: 0000000000000000 R09: 0000000000000000
[  275.247691][T13460] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  275.247700][T13460] R13: 0000000000000000 R14: 00007fc44a9a5fa0 R15: 00007ffdb8fb2018
[  275.247724][T13460]  </TASK>
[  275.248294][T13466] FAULT_INJECTION: forcing a failure.
[  275.248294][T13466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  275.501743][T13466] CPU: 1 UID: 0 PID: 13466 Comm: syz.2.2237 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  275.501775][T13466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  275.501785][T13466] Call Trace:
[  275.501791][T13466]  <TASK>
[  275.501798][T13466]  dump_stack_lvl+0x241/0x360
[  275.501826][T13466]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.501846][T13466]  ? __pfx__printk+0x10/0x10
[  275.501868][T13466]  ? __pfx_lock_release+0x10/0x10
[  275.501893][T13466]  should_fail_ex+0x3b0/0x4e0
[  275.501915][T13466]  _copy_from_user+0x2d/0xb0
[  275.501937][T13466]  do_sock_getsockopt+0x1d1/0x7e0
[  275.501960][T13466]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  275.501974][T13466]  ? __fget_files+0x2a/0x410
[  275.501995][T13466]  ? __fget_files+0x395/0x410
[  275.502013][T13466]  ? __fget_files+0x2a/0x410
[  275.502039][T13466]  __x64_sys_getsockopt+0x2a1/0x370
[  275.502062][T13466]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  275.502080][T13466]  ? do_syscall_64+0x100/0x230
[  275.502098][T13466]  ? do_syscall_64+0xb6/0x230
[  275.502115][T13466]  do_syscall_64+0xf3/0x230
[  275.502129][T13466]  ? clear_bhb_loop+0x35/0x90
[  275.502150][T13466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.502163][T13466] RIP: 0033:0x7fa3a318cd29
[  275.502178][T13466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.502190][T13466] RSP: 002b:00007fa3a4063038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  275.502208][T13466] RAX: ffffffffffffffda RBX: 00007fa3a33a5fa0 RCX: 00007fa3a318cd29
[  275.502219][T13466] RDX: 000000000000001c RSI: 0000000000000006 RDI: 0000000000000003
[  275.502229][T13466] RBP: 00007fa3a4063090 R08: 0000000020000100 R09: 0000000000000000
[  275.502239][T13466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.502249][T13466] R13: 0000000000000000 R14: 00007fa3a33a5fa0 R15: 00007ffc0f216478
[  275.502272][T13466]  </TASK>
[  276.075112][T13494] sctp: [Deprecated]: syz.3.2246 (pid 13494) Use of int in max_burst socket option.
[  276.075112][T13494] Use struct sctp_assoc_value instead
[  276.242800][T13504] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.2250'.
[  276.339549][T13509] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input9
[  276.467188][T13512] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2251'.
[  276.714169][T13516] FAULT_INJECTION: forcing a failure.
[  276.714169][T13516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.755131][T13516] CPU: 1 UID: 0 PID: 13516 Comm: syz.1.2253 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  276.755156][T13516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  276.755166][T13516] Call Trace:
[  276.755172][T13516]  <TASK>
[  276.755179][T13516]  dump_stack_lvl+0x241/0x360
[  276.755210][T13516]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.755232][T13516]  ? __pfx__printk+0x10/0x10
[  276.755255][T13516]  ? __pfx_lock_release+0x10/0x10
[  276.755283][T13516]  should_fail_ex+0x3b0/0x4e0
[  276.755305][T13516]  _copy_from_user+0x2d/0xb0
[  276.755328][T13516]  copy_msghdr_from_user+0xae/0x680
[  276.755351][T13516]  ? __pfx___might_resched+0x10/0x10
[  276.755372][T13516]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  276.755399][T13516]  ? do_recvmmsg+0x44e/0xab0
[  276.755417][T13516]  ? __might_fault+0xaa/0x120
[  276.755439][T13516]  do_recvmmsg+0x3bd/0xab0
[  276.755469][T13516]  ? __pfx_do_recvmmsg+0x10/0x10
[  276.755514][T13516]  ? ksys_write+0x22a/0x2b0
[  276.755533][T13516]  ? __pfx_lock_release+0x10/0x10
[  276.755558][T13516]  ? sb_end_write+0xe9/0x1c0
[  276.755580][T13516]  ? vfs_write+0x730/0xd30
[  276.755600][T13516]  ? __mutex_unlock_slowpath+0x227/0x800
[  276.755632][T13516]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  276.755652][T13516]  ? __fget_files+0x2a/0x410
[  276.755693][T13516]  __x64_sys_recvmmsg+0x199/0x250
[  276.755715][T13516]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  276.755736][T13516]  ? do_syscall_64+0x100/0x230
[  276.755755][T13516]  ? do_syscall_64+0xb6/0x230
[  276.755773][T13516]  do_syscall_64+0xf3/0x230
[  276.755788][T13516]  ? clear_bhb_loop+0x35/0x90
[  276.755808][T13516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.755825][T13516] RIP: 0033:0x7f23d4f8cd29
[  276.755839][T13516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.755852][T13516] RSP: 002b:00007f23d5e99038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  276.755871][T13516] RAX: ffffffffffffffda RBX: 00007f23d51a5fa0 RCX: 00007f23d4f8cd29
[  276.755883][T13516] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000009
[  276.755893][T13516] RBP: 00007f23d5e99090 R08: 0000000000000000 R09: 0000000000000000
[  276.755903][T13516] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  276.755913][T13516] R13: 0000000000000000 R14: 00007f23d51a5fa0 R15: 00007fffa8e7ca68
[  276.755939][T13516]  </TASK>
[  276.998280][T13521] FAULT_INJECTION: forcing a failure.
[  276.998280][T13521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.065412][T13521] CPU: 0 UID: 0 PID: 13521 Comm: syz.4.2255 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  277.065438][T13521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  277.065448][T13521] Call Trace:
[  277.065454][T13521]  <TASK>
[  277.065461][T13521]  dump_stack_lvl+0x241/0x360
[  277.065483][T13521]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.065496][T13521]  ? __pfx__printk+0x10/0x10
[  277.065516][T13521]  ? __pfx_lock_release+0x10/0x10
[  277.065533][T13521]  should_fail_ex+0x3b0/0x4e0
[  277.065545][T13521]  _copy_from_user+0x2d/0xb0
[  277.065560][T13521]  copy_msghdr_from_user+0xae/0x680
[  277.065575][T13521]  ? __pfx___might_resched+0x10/0x10
[  277.065588][T13521]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  277.065603][T13521]  ? do_recvmmsg+0x44e/0xab0
[  277.065614][T13521]  ? __might_fault+0xaa/0x120
[  277.065627][T13521]  do_recvmmsg+0x3bd/0xab0
[  277.065651][T13521]  ? __pfx_do_recvmmsg+0x10/0x10
[  277.065673][T13521]  ? ksys_write+0x22a/0x2b0
[  277.065684][T13521]  ? __pfx_lock_release+0x10/0x10
[  277.065698][T13521]  ? sb_end_write+0xe9/0x1c0
[  277.065712][T13521]  ? vfs_write+0x730/0xd30
[  277.065723][T13521]  ? __mutex_unlock_slowpath+0x227/0x800
[  277.065743][T13521]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  277.065756][T13521]  ? __fget_files+0x2a/0x410
[  277.065778][T13521]  __x64_sys_recvmmsg+0x199/0x250
[  277.065790][T13521]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  277.065802][T13521]  ? do_syscall_64+0x100/0x230
[  277.065813][T13521]  ? do_syscall_64+0xb6/0x230
[  277.065823][T13521]  do_syscall_64+0xf3/0x230
[  277.065831][T13521]  ? clear_bhb_loop+0x35/0x90
[  277.065844][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.065854][T13521] RIP: 0033:0x7eff3e58cd29
[  277.065863][T13521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.065871][T13521] RSP: 002b:00007eff3f31c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  277.065883][T13521] RAX: ffffffffffffffda RBX: 00007eff3e7a5fa0 RCX: 00007eff3e58cd29
[  277.065892][T13521] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  277.065898][T13521] RBP: 00007eff3f31c090 R08: 0000000000000000 R09: 0000000000000000
[  277.065904][T13521] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  277.065909][T13521] R13: 0000000000000000 R14: 00007eff3e7a5fa0 R15: 00007ffe220ef5f8
[  277.065924][T13521]  </TASK>
[  277.234773][T13535] netlink: 1296 bytes leftover after parsing attributes in process `syz.4.2261'.
[  277.344308][T13535] openvswitch: netlink: Flow key attr not present in new flow.
[  277.386767][T13543] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2259'.
[  277.397688][T13543] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2259'.
[  277.407508][T13543] netlink: 'syz.1.2259': attribute type 6 has an invalid length.
[  277.430776][T13543] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2259'.
[  277.453521][T13544] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2263'.
[  277.464861][T13544] macsec0: entered promiscuous mode
[  277.481907][T13546] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2264'.
[  277.491728][T13544] macsec0: left promiscuous mode
[  277.539348][T13546] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  277.925600][T13562] lo speed is unknown, defaulting to 1000
[  278.029059][T13561] lo speed is unknown, defaulting to 1000
[  278.491266][T13571] netlink: 'syz.2.2270': attribute type 1 has an invalid length.
[  278.509325][T13573] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.555987][T13575] (unnamed net_device) (uninitialized): up delay (3) is not a multiple of miimon (100), value rounded to 0 ms
[  278.607908][T13573] netlink: 'syz.1.2271': attribute type 10 has an invalid length.
[  278.666987][T13573] 
: (slave wlan1): Enslaving as an active interface with an up link
[  278.748830][T13581] FAULT_INJECTION: forcing a failure.
[  278.748830][T13581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.762469][T13581] CPU: 0 UID: 0 PID: 13581 Comm: syz.4.2275 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  278.762493][T13581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  278.762503][T13581] Call Trace:
[  278.762509][T13581]  <TASK>
[  278.762516][T13581]  dump_stack_lvl+0x241/0x360
[  278.762553][T13581]  ? __pfx_dump_stack_lvl+0x10/0x10
[  278.762575][T13581]  ? __pfx__printk+0x10/0x10
[  278.762598][T13581]  ? __pfx_lock_release+0x10/0x10
[  278.762627][T13581]  should_fail_ex+0x3b0/0x4e0
[  278.762648][T13581]  _copy_from_user+0x2d/0xb0
[  278.762670][T13581]  copy_msghdr_from_user+0xae/0x680
[  278.762692][T13581]  ? __pfx___might_resched+0x10/0x10
[  278.762714][T13581]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  278.762740][T13581]  ? do_recvmmsg+0x44e/0xab0
[  278.762759][T13581]  ? __might_fault+0xaa/0x120
[  278.762781][T13581]  do_recvmmsg+0x3bd/0xab0
[  278.762811][T13581]  ? __pfx_do_recvmmsg+0x10/0x10
[  278.762850][T13581]  ? ksys_write+0x22a/0x2b0
[  278.762868][T13581]  ? __pfx_lock_release+0x10/0x10
[  278.762894][T13581]  ? sb_end_write+0xe9/0x1c0
[  278.762915][T13581]  ? vfs_write+0x730/0xd30
[  278.762935][T13581]  ? __mutex_unlock_slowpath+0x227/0x800
[  278.762967][T13581]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  278.762988][T13581]  ? __fget_files+0x2a/0x410
[  278.763025][T13581]  __x64_sys_recvmmsg+0x199/0x250
[  278.763047][T13581]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  278.763067][T13581]  ? do_syscall_64+0x100/0x230
[  278.763086][T13581]  ? do_syscall_64+0xb6/0x230
[  278.763104][T13581]  do_syscall_64+0xf3/0x230
[  278.763119][T13581]  ? clear_bhb_loop+0x35/0x90
[  278.763139][T13581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.763154][T13581] RIP: 0033:0x7eff3e58cd29
[  278.763168][T13581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.763180][T13581] RSP: 002b:00007eff3f31c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  278.763198][T13581] RAX: ffffffffffffffda RBX: 00007eff3e7a5fa0 RCX: 00007eff3e58cd29
[  278.763210][T13581] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  278.763220][T13581] RBP: 00007eff3f31c090 R08: 0000000000000000 R09: 0000000000000000
[  278.763230][T13581] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  278.763240][T13581] R13: 0000000000000000 R14: 00007eff3e7a5fa0 R15: 00007ffe220ef5f8
[  278.763267][T13581]  </TASK>
[  279.138990][T13590] netlink: 'syz.3.2278': attribute type 5 has an invalid length.
[  279.183971][T13591] lo speed is unknown, defaulting to 1000
[  279.254805][T13595] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  279.786663][T13610] netlink: 'syz.1.2283': attribute type 10 has an invalid length.
[  280.079793][T13614] netlink: 'syz.1.2284': attribute type 5 has an invalid length.
[  280.145114][T13615] lo speed is unknown, defaulting to 1000
[  280.371884][T13622] __nla_validate_parse: 4 callbacks suppressed
[  280.371902][T13622] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2287'.
[  280.455614][T13622] batadv1: entered promiscuous mode
[  280.490501][T13622] batadv1: entered allmulticast mode
[  280.548351][T13627] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2287'.
[  280.693607][T13631] netlink: 'syz.0.2290': attribute type 5 has an invalid length.
[  280.873583][T13637] openvswitch: netlink: Message has 1247 unknown bytes.
[  280.885319][T13637] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  281.186217][T13649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2295'.
[  281.231103][T13649] macvtap1: entered promiscuous mode
[  281.241439][T13649] macvtap1: entered allmulticast mode
[  281.312836][T13656] netlink: 'syz.4.2296': attribute type 5 has an invalid length.
[  281.383127][T13661] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2299'.
[  281.458499][T13657] lo speed is unknown, defaulting to 1000
[  281.504268][T13664] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2300'.
[  281.728924][T13673] FAULT_INJECTION: forcing a failure.
[  281.728924][T13673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.748612][T13673] CPU: 1 UID: 0 PID: 13673 Comm: syz.0.2302 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  281.748641][T13673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  281.748651][T13673] Call Trace:
[  281.748657][T13673]  <TASK>
[  281.748665][T13673]  dump_stack_lvl+0x241/0x360
[  281.748696][T13673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.748718][T13673]  ? __pfx__printk+0x10/0x10
[  281.748741][T13673]  ? __pfx_lock_release+0x10/0x10
[  281.748770][T13673]  should_fail_ex+0x3b0/0x4e0
[  281.748792][T13673]  _copy_from_user+0x2d/0xb0
[  281.748814][T13673]  copy_msghdr_from_user+0xae/0x680
[  281.748842][T13673]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  281.748862][T13673]  ? __fget_files+0x2a/0x410
[  281.748887][T13673]  ? __fget_files+0x2a/0x410
[  281.748917][T13673]  __sys_sendmsg+0x209/0x350
[  281.748940][T13673]  ? __pfx___sys_sendmsg+0x10/0x10
[  281.748971][T13673]  ? do_sys_openat2+0x17a/0x1d0
[  281.749018][T13673]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  281.749040][T13673]  ? do_syscall_64+0x100/0x230
[  281.749059][T13673]  ? do_syscall_64+0xb6/0x230
[  281.749077][T13673]  do_syscall_64+0xf3/0x230
[  281.749113][T13673]  ? clear_bhb_loop+0x35/0x90
[  281.749133][T13673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.749150][T13673] RIP: 0033:0x7fc44a78cd29
[  281.749165][T13673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.749179][T13673] RSP: 002b:00007fc44b6b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.749197][T13673] RAX: ffffffffffffffda RBX: 00007fc44a9a5fa0 RCX: 00007fc44a78cd29
[  281.749209][T13673] RDX: 0000000000000010 RSI: 0000000020000100 RDI: 0000000000000003
[  281.749219][T13673] RBP: 00007fc44b6b8090 R08: 0000000000000000 R09: 0000000000000000
[  281.749228][T13673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.749238][T13673] R13: 0000000000000000 R14: 00007fc44a9a5fa0 R15: 00007ffdb8fb2018
[  281.749271][T13673]  </TASK>
[  282.007117][T13680] sit0: entered promiscuous mode
[  282.012425][T13680] netlink: 'syz.0.2305': attribute type 1 has an invalid length.
[  282.020290][T13680] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2305'.
[  282.033284][T13680] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2305'.
[  282.042633][T13680] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2305'.
[  282.104805][T13683] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2306'.
[  282.124992][T13686] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2304'.
[  282.137425][T13687] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  282.255873][T13683] macsec0: entered promiscuous mode
[  282.263993][T13683] syz_tun: entered promiscuous mode
[  282.577236][T13695] sctp: [Deprecated]: syz.0.2311 (pid 13695) Use of int in maxseg socket option.
[  282.577236][T13695] Use struct sctp_assoc_value instead
[  282.605077][T13707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.616022][T13713] netlink: 'syz.2.2314': attribute type 10 has an invalid length.
[  282.684954][T13716] openvswitch: netlink: Flow key attr not present in new flow.
[  282.785513][T13721] netlink: 'syz.2.2326': attribute type 2 has an invalid length.
[  282.866278][T13720] lo speed is unknown, defaulting to 1000
[  283.102595][T13726] netlink: 'syz.2.2318': attribute type 5 has an invalid length.
[  283.351741][T13738] netlink: 'syz.2.2323': attribute type 2 has an invalid length.
[  283.608203][T13733] siw: device registration error -23
[  283.645593][T13759] openvswitch: netlink: Flow key attr not present in new flow.
[  283.764765][T13767] sctp: [Deprecated]: syz.2.2329 (pid 13767) Use of struct sctp_assoc_value in delayed_ack socket option.
[  283.764765][T13767] Use struct sctp_sack_info instead
[  283.838920][T13770] sctp: [Deprecated]: syz.2.2329 (pid 13770) Use of struct sctp_assoc_value in delayed_ack socket option.
[  283.838920][T13770] Use struct sctp_sack_info instead
[  284.123689][T13786] sctp: [Deprecated]: syz.2.2334 (pid 13786) Use of struct sctp_assoc_value in delayed_ack socket option.
[  284.123689][T13786] Use struct sctp_sack_info instead
[  284.345682][T13797] openvswitch: netlink: Flow key attr not present in new flow.
[  284.561801][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  285.185392][T13844] netlink: 'syz.4.2355': attribute type 1 has an invalid length.
[  285.230540][T13844] netlink: 'syz.4.2355': attribute type 4 has an invalid length.
[  285.565973][T13859] syzkaller1: entered promiscuous mode
[  285.575059][T13862] __nla_validate_parse: 9 callbacks suppressed
[  285.575076][T13862] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2357'.
[  285.576128][T13859] syzkaller1: entered allmulticast mode
[  285.600284][T13857] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2357'.
[  285.936779][T13874] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2361'.
[  285.988616][T13870] lo speed is unknown, defaulting to 1000
[  286.021531][T13871] lo speed is unknown, defaulting to 1000
[  286.127341][T13883] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2365'.
[  286.156197][T13883] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2365'.
[  286.177741][T13883] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2365'.
[  286.203830][T13883] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2365'.
[  286.561454][T13899] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2369'.
[  287.106588][T13918] ip6gretap1: entered promiscuous mode
[  287.124942][T13918] ip6gretap1: entered allmulticast mode
[  287.368227][T13930] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2380'.
[  287.425472][T13930] batadv0: entered promiscuous mode
[  287.458431][T13934] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2380'.
[  287.486938][T13930] batadv0: entered allmulticast mode
[  287.727568][T13946] netlink: 'syz.4.2384': attribute type 10 has an invalid length.
[  287.742764][T13946] bond0: entered allmulticast mode
[  287.775219][T13946] bond_slave_0: entered allmulticast mode
[  287.786856][T13946] bond_slave_1: entered allmulticast mode
[  287.803112][T13946] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.824048][T13946] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  287.917010][T13950] netlink: 'syz.1.2383': attribute type 12 has an invalid length.
[  288.115608][T13964] xt_bpf: check failed: parse error
[  288.555797][T13990] batadv1: entered promiscuous mode
[  288.588037][T13990] batadv1: entered allmulticast mode
[  289.061340][T14010] netlink: 'syz.1.2402': attribute type 9 has an invalid length.
[  289.070097][T14010] netlink: 'syz.1.2402': attribute type 6 has an invalid length.
[  289.330674][T14029] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  290.081641][T14080] openvswitch: netlink: Flow key attr not present in new flow.
[  290.184414][T14085] netlink: 'syz.0.2422': attribute type 12 has an invalid length.
[  290.515785][T14102] IPVS: Unknown mcast interface: wg0
[  290.595702][T14108] __nla_validate_parse: 9 callbacks suppressed
[  290.595722][T14108] netlink: 1296 bytes leftover after parsing attributes in process `syz.2.2432'.
[  290.638643][T14108] openvswitch: netlink: Flow key attr not present in new flow.
[  290.777260][T14113] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2433'.
[  290.809687][T14113] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2433'.
[  290.855954][T14113] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2433'.
[  290.885490][T14113] A link change request failed with some changes committed already. Interface veth1_to_hsr may have been left with an inconsistent configuration, please check.
[  290.929748][T14124] set match dimension is over the limit!
[  290.974844][T14124] pim6reg: entered allmulticast mode
[  291.040608][T14134] FAULT_INJECTION: forcing a failure.
[  291.040608][T14134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.085225][T14134] CPU: 1 UID: 0 PID: 14134 Comm: syz.0.2440 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  291.085250][T14134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  291.085260][T14134] Call Trace:
[  291.085266][T14134]  <TASK>
[  291.085273][T14134]  dump_stack_lvl+0x241/0x360
[  291.085303][T14134]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.085323][T14134]  ? __pfx__printk+0x10/0x10
[  291.085345][T14134]  ? __pfx_lock_release+0x10/0x10
[  291.085364][T14134]  ? __lock_acquire+0x1397/0x2100
[  291.085390][T14134]  should_fail_ex+0x3b0/0x4e0
[  291.085411][T14134]  _copy_from_user+0x2d/0xb0
[  291.085435][T14134]  kstrtouint_from_user+0xc6/0x190
[  291.085457][T14134]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  291.085479][T14134]  ? __pfx_lock_acquire+0x10/0x10
[  291.085508][T14134]  proc_fail_nth_write+0xaa/0x2d0
[  291.085530][T14134]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  291.085547][T14134]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  291.085573][T14134]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  291.085595][T14134]  vfs_write+0x2a3/0xd30
[  291.085615][T14134]  ? fdget_pos+0x254/0x320
[  291.085635][T14134]  ? __mutex_unlock_slowpath+0x227/0x800
[  291.085660][T14134]  ? __pfx_vfs_write+0x10/0x10
[  291.085676][T14134]  ? do_sys_openat2+0x17a/0x1d0
[  291.085700][T14134]  ? __fget_files+0x2a/0x410
[  291.085722][T14134]  ? __fget_files+0x395/0x410
[  291.085741][T14134]  ? __fget_files+0x2a/0x410
[  291.085773][T14134]  ksys_write+0x18f/0x2b0
[  291.085801][T14134]  ? __pfx_ksys_write+0x10/0x10
[  291.085820][T14134]  ? do_syscall_64+0x100/0x230
[  291.085838][T14134]  ? do_syscall_64+0xb6/0x230
[  291.085857][T14134]  do_syscall_64+0xf3/0x230
[  291.085873][T14134]  ? clear_bhb_loop+0x35/0x90
[  291.085894][T14134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.085910][T14134] RIP: 0033:0x7fc44a78b7df
[  291.085926][T14134] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  291.085939][T14134] RSP: 002b:00007fc44b6b8030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  291.085957][T14134] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc44a78b7df
[  291.085968][T14134] RDX: 0000000000000001 RSI: 00007fc44b6b80a0 RDI: 0000000000000005
[  291.085979][T14134] RBP: 00007fc44b6b8090 R08: 0000000000000000 R09: 0000000000000000
[  291.085989][T14134] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  291.085999][T14134] R13: 0000000000000000 R14: 00007fc44a9a5fa0 R15: 00007ffdb8fb2018
[  291.086028][T14134]  </TASK>
[  291.504607][T14158] netlink: 596 bytes leftover after parsing attributes in process `syz.3.2448'.
[  291.514903][T14156] netlink: 1296 bytes leftover after parsing attributes in process `syz.0.2446'.
[  291.538582][T14156] openvswitch: netlink: Flow key attr not present in new flow.
[  291.685411][T14171] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2449'.
[  291.749600][T14169] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2452'.
[  291.798458][T14175] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  291.929959][T14187] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input10
[  292.065184][T14186] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input11
[  292.271747][T14210] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2461'.
[  292.322993][T14215] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2465'.
[  292.473418][T14227] netlink: 'syz.1.2468': attribute type 2 has an invalid length.
[  292.483700][T14227] batman_adv: batadv0: Interface deactivated: dummy0
[  292.525549][T14227] batman_adv: batadv0: Removing interface: dummy0
[  293.397086][T14278] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input12
[  293.495065][T14284] netlink: 'syz.2.2481': attribute type 10 has an invalid length.
[  293.539370][T14281] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  293.777982][T14296] netlink: 'syz.4.2487': attribute type 5 has an invalid length.
[  294.658930][T14335] netlink: 'syz.3.2500': attribute type 5 has an invalid length.
[  294.672695][T14332] FAULT_INJECTION: forcing a failure.
[  294.672695][T14332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.713823][T14332] CPU: 1 UID: 0 PID: 14332 Comm: syz.2.2499 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  294.713851][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  294.713861][T14332] Call Trace:
[  294.713867][T14332]  <TASK>
[  294.713875][T14332]  dump_stack_lvl+0x241/0x360
[  294.713903][T14332]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.713925][T14332]  ? __pfx__printk+0x10/0x10
[  294.713947][T14332]  ? __pfx_lock_release+0x10/0x10
[  294.713975][T14332]  should_fail_ex+0x3b0/0x4e0
[  294.713996][T14332]  _copy_from_user+0x2d/0xb0
[  294.714018][T14332]  copy_msghdr_from_user+0xae/0x680
[  294.714041][T14332]  ? __pfx___might_resched+0x10/0x10
[  294.714061][T14332]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  294.714086][T14332]  ? do_recvmmsg+0x44e/0xab0
[  294.714105][T14332]  ? __might_fault+0xaa/0x120
[  294.714127][T14332]  do_recvmmsg+0x3bd/0xab0
[  294.714156][T14332]  ? __pfx_do_recvmmsg+0x10/0x10
[  294.714195][T14332]  ? ksys_write+0x22a/0x2b0
[  294.714214][T14332]  ? __pfx_lock_release+0x10/0x10
[  294.714238][T14332]  ? sb_end_write+0xe9/0x1c0
[  294.714271][T14332]  ? vfs_write+0x730/0xd30
[  294.714290][T14332]  ? __mutex_unlock_slowpath+0x227/0x800
[  294.714322][T14332]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  294.714343][T14332]  ? __fget_files+0x2a/0x410
[  294.714378][T14332]  __x64_sys_recvmmsg+0x199/0x250
[  294.714400][T14332]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  294.714421][T14332]  ? do_syscall_64+0x100/0x230
[  294.714440][T14332]  ? do_syscall_64+0xb6/0x230
[  294.714457][T14332]  do_syscall_64+0xf3/0x230
[  294.714472][T14332]  ? clear_bhb_loop+0x35/0x90
[  294.714493][T14332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.714509][T14332] RIP: 0033:0x7fa3a318cd29
[  294.714523][T14332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.714537][T14332] RSP: 002b:00007fa3a4063038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  294.714555][T14332] RAX: ffffffffffffffda RBX: 00007fa3a33a5fa0 RCX: 00007fa3a318cd29
[  294.714566][T14332] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  294.714577][T14332] RBP: 00007fa3a4063090 R08: 0000000000000000 R09: 0000000000000000
[  294.714587][T14332] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  294.714597][T14332] R13: 0000000000000000 R14: 00007fa3a33a5fa0 R15: 00007ffc0f216478
[  294.714623][T14332]  </TASK>
[  295.335120][T14372] netlink: 'syz.3.2511': attribute type 5 has an invalid length.
[  295.605935][T14386] FAULT_INJECTION: forcing a failure.
[  295.605935][T14386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.671432][T14386] CPU: 1 UID: 0 PID: 14386 Comm: syz.0.2517 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  295.671461][T14386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  295.671471][T14386] Call Trace:
[  295.671477][T14386]  <TASK>
[  295.671484][T14386]  dump_stack_lvl+0x241/0x360
[  295.671514][T14386]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.671536][T14386]  ? __pfx__printk+0x10/0x10
[  295.671558][T14386]  ? __pfx_lock_release+0x10/0x10
[  295.671587][T14386]  should_fail_ex+0x3b0/0x4e0
[  295.671609][T14386]  _copy_from_user+0x2d/0xb0
[  295.671632][T14386]  copy_msghdr_from_user+0xae/0x680
[  295.671654][T14386]  ? __pfx___might_resched+0x10/0x10
[  295.671676][T14386]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  295.671703][T14386]  ? do_recvmmsg+0x44e/0xab0
[  295.671722][T14386]  ? __might_fault+0xaa/0x120
[  295.671744][T14386]  do_recvmmsg+0x3bd/0xab0
[  295.671773][T14386]  ? __pfx_do_recvmmsg+0x10/0x10
[  295.671812][T14386]  ? ksys_write+0x22a/0x2b0
[  295.671830][T14386]  ? __pfx_lock_release+0x10/0x10
[  295.671855][T14386]  ? sb_end_write+0xe9/0x1c0
[  295.671876][T14386]  ? vfs_write+0x730/0xd30
[  295.671896][T14386]  ? __mutex_unlock_slowpath+0x227/0x800
[  295.671928][T14386]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  295.671949][T14386]  ? __fget_files+0x2a/0x410
[  295.671985][T14386]  __x64_sys_recvmmsg+0x199/0x250
[  295.672006][T14386]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  295.672027][T14386]  ? do_syscall_64+0x100/0x230
[  295.672045][T14386]  ? do_syscall_64+0xb6/0x230
[  295.672063][T14386]  do_syscall_64+0xf3/0x230
[  295.672079][T14386]  ? clear_bhb_loop+0x35/0x90
[  295.672099][T14386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.672116][T14386] RIP: 0033:0x7fc44a78cd29
[  295.672131][T14386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.672145][T14386] RSP: 002b:00007fc44b6b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  295.672163][T14386] RAX: ffffffffffffffda RBX: 00007fc44a9a5fa0 RCX: 00007fc44a78cd29
[  295.672175][T14386] RDX: 0000000000001800 RSI: 0000000020001dc0 RDI: 0000000000000004
[  295.672193][T14386] RBP: 00007fc44b6b8090 R08: 0000000000000000 R09: 0000000000000000
[  295.672203][T14386] R10: 0000000000002002 R11: 0000000000000246 R12: 0000000000000002
[  295.672214][T14386] R13: 0000000000000000 R14: 00007fc44a9a5fa0 R15: 00007ffdb8fb2018
[  295.672241][T14386]  </TASK>
[  296.027233][T14394] openvswitch: netlink: IP tunnel dst address not specified
[  296.204637][T14392] xt_CT: No such helper "snmp"
[  296.327168][T14405] __nla_validate_parse: 13 callbacks suppressed
[  296.327187][T14405] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2521'.
[  296.494231][T14414] bridge_slave_0: entered allmulticast mode
[  296.604020][T14418] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2526'.
[  296.635409][T14418] batadv1: entered promiscuous mode
[  296.644150][T14418] batadv1: entered allmulticast mode
[  296.686882][T14423] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2526'.
[  296.729687][T14426] siw: device registration error -23
[  296.865297][T14429] netlink: 'syz.0.2530': attribute type 5 has an invalid length.
[  296.900105][T14436] netlink: 'syz.1.2533': attribute type 1 has an invalid length.
[  297.176703][T14448] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2538'.
[  297.395386][T14465] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2543'.
[  297.428473][T14466] openvswitch: netlink: nsh attr 9472 is out of range max 3
[  297.444638][T14465] batadv1: entered promiscuous mode
[  297.451473][T14465] batadv1: entered allmulticast mode
[  297.462378][T14467] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2543'.
[  297.706789][T14473] bridge0: port 3(ip6gretap0) entered blocking state
[  297.719950][T14473] bridge0: port 3(ip6gretap0) entered disabled state
[  297.736638][T14473] ip6gretap0: entered allmulticast mode
[  297.752432][T14473] ip6gretap0: entered promiscuous mode
[  297.859883][T14486] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2549'.
[  297.947007][T14493] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2553'.
[  297.958357][T14493] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2553'.
[  298.274399][T14507] IPv6: sit1: Disabled Multicast RS
[  298.285536][T14507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2558'.
[  298.294797][T14507] netlink: 'syz.1.2558': attribute type 6 has an invalid length.
[  298.342423][T14511] batadv0: entered promiscuous mode
[  298.349870][T14511] batadv0: entered allmulticast mode
[  298.436974][T14514] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  299.000964][T14552] FAULT_INJECTION: forcing a failure.
[  299.000964][T14552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.014845][T14552] CPU: 0 UID: 0 PID: 14552 Comm: syz.3.2572 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  299.014870][T14552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  299.014880][T14552] Call Trace:
[  299.014886][T14552]  <TASK>
[  299.014893][T14552]  dump_stack_lvl+0x241/0x360
[  299.014923][T14552]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.014945][T14552]  ? __pfx__printk+0x10/0x10
[  299.014967][T14552]  ? __pfx_lock_release+0x10/0x10
[  299.014996][T14552]  should_fail_ex+0x3b0/0x4e0
[  299.015017][T14552]  _copy_from_user+0x2d/0xb0
[  299.015039][T14552]  copy_msghdr_from_user+0xae/0x680
[  299.015067][T14552]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  299.015086][T14552]  ? __fget_files+0x2a/0x410
[  299.015111][T14552]  ? __fget_files+0x2a/0x410
[  299.015147][T14552]  __sys_sendmsg+0x209/0x350
[  299.015170][T14552]  ? __pfx___sys_sendmsg+0x10/0x10
[  299.015200][T14552]  ? do_sys_openat2+0x17a/0x1d0
[  299.015246][T14552]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  299.015268][T14552]  ? do_syscall_64+0x100/0x230
[  299.015286][T14552]  ? do_syscall_64+0xb6/0x230
[  299.015304][T14552]  do_syscall_64+0xf3/0x230
[  299.015319][T14552]  ? clear_bhb_loop+0x35/0x90
[  299.015340][T14552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.015357][T14552] RIP: 0033:0x7f09eef8cd29
[  299.015372][T14552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.015385][T14552] RSP: 002b:00007f09efe4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.015404][T14552] RAX: ffffffffffffffda RBX: 00007f09ef1a5fa0 RCX: 00007f09eef8cd29
[  299.015416][T14552] RDX: 0000000004004000 RSI: 0000000020000080 RDI: 0000000000000004
[  299.015426][T14552] RBP: 00007f09efe4c090 R08: 0000000000000000 R09: 0000000000000000
[  299.015440][T14552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.015450][T14552] R13: 0000000000000000 R14: 00007f09ef1a5fa0 R15: 00007ffd35241048
[  299.015476][T14552]  </TASK>
[  299.542349][T14577] netlink: 'syz.3.2577': attribute type 10 has an invalid length.
[  299.610676][T14580] syz_tun (unregistering): left promiscuous mode
[  299.637920][T14577] bond0: (slave wlan1): Releasing backup interface
[  299.651069][T14577] mac80211_hwsim hwsim6 wlan1: left promiscuous mode
[  299.758797][T14589] lo speed is unknown, defaulting to 1000
[  299.835123][T14595] bond0: (slave batadv0): Releasing backup interface
[  299.843147][T14595] batadv0: left promiscuous mode
[  299.859930][T14595] bond0: (slave bond_slave_0): Releasing backup interface
[  299.868710][T14595] bond_slave_0: left promiscuous mode
[  299.875489][T14595] bond0: (slave bond_slave_1): Releasing backup interface
[  299.894023][T14601] netlink: 'syz.1.2580': attribute type 1 has an invalid length.
[  299.908055][T14595] bond_slave_1: left promiscuous mode
[  299.925497][T14595] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.934431][T14595] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.963215][T14595] bond2: (slave gretap1): Releasing active interface
[  300.366016][T14622] netlink: 'syz.3.2590': attribute type 10 has an invalid length.
[  300.455935][T14628] netlink: 'syz.1.2591': attribute type 3 has an invalid length.
[  300.479580][T14628] vlan4: entered promiscuous mode
[  300.502624][T14628] 
: (slave vlan4): Opening slave failed
[  300.554733][T14631] netlink: 'syz.2.2593': attribute type 5 has an invalid length.
[  300.621786][T14635] openvswitch: netlink: Flow key attr not present in new flow.
[  300.647818][T14640] netlink: 'syz.4.2596': attribute type 1 has an invalid length.
[  300.780092][T14645] lo speed is unknown, defaulting to 1000
[  301.141857][T14671] netlink: 'syz.2.2604': attribute type 10 has an invalid length.
[  301.833524][T14692] netlink: 'syz.1.2609': attribute type 5 has an invalid length.
[  301.902641][T14695] netlink: 'syz.3.2610': attribute type 5 has an invalid length.
[  302.334484][T14716] ax25_connect(): syz.0.2616 uses autobind, please contact jreuter@yaina.de
[  302.368027][T14716] syzkaller0: entered promiscuous mode
[  302.409078][T14717] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  302.430183][T14716] syzkaller0: entered allmulticast mode
[  302.602669][T14728] __nla_validate_parse: 14 callbacks suppressed
[  302.602691][T14728] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2620'.
[  302.798765][T14736] netlink: 'syz.3.2621': attribute type 10 has an invalid length.
[  303.068966][T14744] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2623'.
[  305.779569][T14748] netlink: 'syz.4.2624': attribute type 5 has an invalid length.
[  305.893454][T14755] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2626'.
[  305.944814][T14762] netlink: 'syz.0.2627': attribute type 1 has an invalid length.
[  305.964107][T14763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2628'.
[  306.002230][T14763] bond0: option min_links: invalid value (18446744073340485632)
[  306.020803][T14763] bond0: option min_links: allowed values 0 - 2147483647
[  306.187641][T14777] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2633'.
[  306.415699][T14798] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2636'.
[  306.495535][T14803] sctp: [Deprecated]: syz.3.2639 (pid 14803) Use of int in max_burst socket option.
[  306.495535][T14803] Use struct sctp_assoc_value instead
[  306.497511][T14804] netlink: 'syz.1.2640': attribute type 5 has an invalid length.
[  306.613359][T14809] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2641'.
[  306.860801][T14828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2647'.
[  306.875783][T14828] netlink: 'syz.1.2647': attribute type 10 has an invalid length.
[  306.901438][T14830] netlink: 'syz.3.2648': attribute type 58 has an invalid length.
[  306.919881][T14830] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2648'.
[  307.017586][T14833] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.027859][T14833] 8021q: adding VLAN 0 to HW filter on device team0
[  307.040007][T14833] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  307.083383][   T25] lo speed is unknown, defaulting to 1000
[  307.206244][T14842] lo speed is unknown, defaulting to 1000
[  307.238833][T14846] lo speed is unknown, defaulting to 1000
[  307.613790][T14872] netlink: 'syz.3.2657': attribute type 13 has an invalid length.
[  307.773337][T14877] netlink: 1296 bytes leftover after parsing attributes in process `syz.3.2660'.
[  307.791277][T14877] openvswitch: netlink: Flow key attr not present in new flow.
[  307.817621][T14842] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2651'.
[  307.839893][T14880] FAULT_INJECTION: forcing a failure.
[  307.839893][T14880] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.857164][T14880] CPU: 0 UID: 0 PID: 14880 Comm: syz.4.2661 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  307.857192][T14880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  307.857202][T14880] Call Trace:
[  307.857208][T14880]  <TASK>
[  307.857215][T14880]  dump_stack_lvl+0x241/0x360
[  307.857254][T14880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.857276][T14880]  ? __pfx__printk+0x10/0x10
[  307.857302][T14880]  ? snprintf+0xda/0x120
[  307.857323][T14880]  should_fail_ex+0x3b0/0x4e0
[  307.857343][T14880]  _copy_to_user+0x31/0xb0
[  307.857367][T14880]  simple_read_from_buffer+0xca/0x150
[  307.857391][T14880]  proc_fail_nth_read+0x1e9/0x250
[  307.857414][T14880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  307.857439][T14880]  ? rw_verify_area+0x55e/0x6f0
[  307.857455][T14880]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  307.857477][T14880]  vfs_read+0x1fc/0xb70
[  307.857495][T14880]  ? fdget_pos+0x254/0x320
[  307.857516][T14880]  ? __pfx___mutex_lock+0x10/0x10
[  307.857540][T14880]  ? __pfx_vfs_read+0x10/0x10
[  307.857554][T14880]  ? do_sys_openat2+0x17a/0x1d0
[  307.857579][T14880]  ? __fget_files+0x2a/0x410
[  307.857602][T14880]  ? __fget_files+0x395/0x410
[  307.857622][T14880]  ? __fget_files+0x2a/0x410
[  307.857652][T14880]  ksys_read+0x18f/0x2b0
[  307.857672][T14880]  ? __pfx_ksys_read+0x10/0x10
[  307.857691][T14880]  ? do_syscall_64+0x100/0x230
[  307.857710][T14880]  ? do_syscall_64+0xb6/0x230
[  307.857729][T14880]  do_syscall_64+0xf3/0x230
[  307.857749][T14880]  ? clear_bhb_loop+0x35/0x90
[  307.857770][T14880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.857786][T14880] RIP: 0033:0x7eff3e58b73c
[  307.857803][T14880] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  307.857817][T14880] RSP: 002b:00007eff3f31c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  307.857836][T14880] RAX: ffffffffffffffda RBX: 00007eff3e7a5fa0 RCX: 00007eff3e58b73c
[  307.857848][T14880] RDX: 000000000000000f RSI: 00007eff3f31c0a0 RDI: 0000000000000006
[  307.857858][T14880] RBP: 00007eff3f31c090 R08: 0000000000000000 R09: 0000000000000000
[  307.857869][T14880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.857879][T14880] R13: 0000000000000000 R14: 00007eff3e7a5fa0 R15: 00007ffe220ef5f8
[  307.857907][T14880]  </TASK>
[  308.237153][T14885] netlink: 'syz.1.2663': attribute type 8 has an invalid length.
[  308.417772][T14895] openvswitch: netlink: IP tunnel dst address not specified
[  308.488868][T14897] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2666'.
[  308.762905][T14915] netlink: 1296 bytes leftover after parsing attributes in process `syz.4.2672'.
[  308.778681][T14915] openvswitch: netlink: Flow key attr not present in new flow.
[  308.791564][T14916] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2670'.
[  309.032306][T14928] tipc: Invalid UDP bearer configuration
[  309.032353][T14928] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  309.047447][T14935] tipc: Invalid UDP bearer configuration
[  309.047487][T14935] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  309.187738][T14940] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check.
[  309.294240][T14947] tun0: tun_chr_ioctl cmd 35108
[  309.350209][T14956] netlink: 1296 bytes leftover after parsing attributes in process `syz.2.2684'.
[  309.371412][T14956] openvswitch: netlink: Flow key attr not present in new flow.
[  309.501492][T14969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2687'.
[  309.547167][T14960] IPVS: persistence engine module ip_vs_pe_ not found
[  309.603392][T14975] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2690'.
[  309.784487][T14984] lo: entered promiscuous mode
[  309.810519][T14984] lo: entered allmulticast mode
[  309.815638][T14984] tunl0: entered promiscuous mode
[  309.820821][T14984] tunl0: entered allmulticast mode
[  309.826127][T14984] gre0: entered promiscuous mode
[  309.856381][T14984] gre0: entered allmulticast mode
[  309.871586][T14984] gretap0: entered promiscuous mode
[  309.876860][T14984] gretap0: entered allmulticast mode
[  309.913848][T14984] erspan0: entered promiscuous mode
[  309.919125][T14984] erspan0: entered allmulticast mode
[  309.991049][T14984] ip_vti0: entered promiscuous mode
[  309.996511][T14984] ip_vti0: entered allmulticast mode
[  310.065236][T15004] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  310.075628][T14984] ip6_vti0: entered promiscuous mode
[  310.091204][T14984] ip6_vti0: entered allmulticast mode
[  310.101005][T14984] sit0: entered promiscuous mode
[  310.115539][T14984] sit0: entered allmulticast mode
[  310.171020][T14984] ip6tnl0: entered promiscuous mode
[  310.178697][T14984] ip6tnl0: entered allmulticast mode
[  310.191994][T14984] syz_tun: entered allmulticast mode
[  310.202813][T14984] ip6gretap0: entered promiscuous mode
[  310.209234][T14984] ip6gretap0: entered allmulticast mode
[  310.215240][T14984] vcan0: entered promiscuous mode
[  310.223094][T14984] vcan0: entered allmulticast mode
[  310.228483][T14984] bond0: entered allmulticast mode
[  310.234450][T14984] dummy0: entered promiscuous mode
[  310.239760][T14984] dummy0: entered allmulticast mode
[  310.245427][T14984] nlmon0: entered promiscuous mode
[  310.252043][T14984] nlmon0: entered allmulticast mode
[  310.258328][T14984] caif0: entered promiscuous mode
[  310.268716][T14984] caif0: entered allmulticast mode
[  310.276198][T14984] batadv0: entered promiscuous mode
[  310.281679][T14984] batadv0: entered allmulticast mode
[  310.287216][T14984] vxcan0: entered promiscuous mode
[  310.292473][T14984] vxcan0: entered allmulticast mode
[  310.297861][T14984] vxcan1: entered promiscuous mode
[  310.303123][T14984] vxcan1: entered allmulticast mode
[  310.308459][T14984] veth0: entered promiscuous mode
[  310.313716][T14984] veth0: entered allmulticast mode
[  310.318984][T14984] veth1: entered promiscuous mode
[  310.342908][T14984] veth1: entered allmulticast mode
[  310.350614][T14984] wg1: entered promiscuous mode
[  310.355531][T14984] wg1: entered allmulticast mode
[  310.371305][T14984] wg2: entered promiscuous mode
[  310.376194][T14984] wg2: entered allmulticast mode
[  310.387359][T15018] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2704'.
[  310.396447][T14984] veth0_to_bridge: entered promiscuous mode
[  310.396472][T14984] veth0_to_bridge: entered allmulticast mode
[  310.396575][T14984] bridge_slave_0: entered promiscuous mode
[  310.415057][T14984] bridge_slave_0: entered allmulticast mode
[  310.421380][T14984] veth1_to_bridge: entered promiscuous mode
[  310.427558][T14984] veth1_to_bridge: entered allmulticast mode
[  310.433972][T14984] bridge_slave_1: entered promiscuous mode
[  310.440229][T14984] veth0_to_bond: entered promiscuous mode
[  310.446276][T14984] veth0_to_bond: entered allmulticast mode
[  310.452860][T14984] bond_slave_0: entered promiscuous mode
[  310.458709][T14984] bond_slave_0: entered allmulticast mode
[  310.469807][T14984] veth1_to_bond: entered promiscuous mode
[  310.476125][T14984] veth1_to_bond: entered allmulticast mode
[  310.487838][T14984] bond_slave_1: entered promiscuous mode
[  310.493957][T14984] bond_slave_1: entered allmulticast mode
[  310.500357][T14984] veth0_to_team: entered promiscuous mode
[  310.506285][T14984] veth0_to_team: entered allmulticast mode
[  310.518056][T14984] team_slave_0: entered promiscuous mode
[  310.523962][T14984] team_slave_0: entered allmulticast mode
[  310.530147][T14984] veth1_to_team: entered promiscuous mode
[  310.541949][T14984] veth1_to_team: entered allmulticast mode
[  310.548130][T14984] team_slave_1: entered promiscuous mode
[  310.557324][T14984] team_slave_1: entered allmulticast mode
[  310.565818][T14984] veth0_to_batadv: entered promiscuous mode
[  310.575394][T14984] veth0_to_batadv: entered allmulticast mode
[  310.584810][T14984] batadv_slave_0: entered promiscuous mode
[  310.594331][T14984] batadv_slave_0: entered allmulticast mode
[  310.600622][T14984] veth1_to_batadv: entered promiscuous mode
[  310.606817][T14984] veth1_to_batadv: entered allmulticast mode
[  310.619599][T14984] batadv_slave_1: entered promiscuous mode
[  310.625714][T14984] batadv_slave_1: entered allmulticast mode
[  310.639321][T14984] xfrm0: entered promiscuous mode
[  310.644686][T14984] xfrm0: entered allmulticast mode
[  310.650166][T14984] veth0_to_hsr: entered promiscuous mode
[  310.661831][T14984] veth0_to_hsr: entered allmulticast mode
[  310.668139][T14984] hsr_slave_0: entered allmulticast mode
[  310.678206][T14984] veth1_to_hsr: entered promiscuous mode
[  310.686474][T14984] veth1_to_hsr: entered allmulticast mode
[  310.695411][T14984] hsr_slave_1: entered allmulticast mode
[  310.704160][T14984] hsr0: entered promiscuous mode
[  310.709165][T14984] hsr0: entered allmulticast mode
[  310.720649][T14984] veth1_virt_wifi: entered promiscuous mode
[  310.726939][T14984] veth1_virt_wifi: entered allmulticast mode
[  310.734137][T14984] veth0_virt_wifi: entered promiscuous mode
[  310.740100][T14984] veth0_virt_wifi: entered allmulticast mode
[  310.747035][T14984] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  310.754415][T14984] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  310.761960][T14984] veth1_vlan: entered allmulticast mode
[  310.767644][T14984] veth0_vlan: entered allmulticast mode
[  310.773373][T14984] vlan0: entered promiscuous mode
[  310.778397][T14984] vlan0: entered allmulticast mode
[  310.783852][T14984] vlan1: entered promiscuous mode
[  310.788889][T14984] vlan1: entered allmulticast mode
[  310.794166][T14984] macvlan0: entered promiscuous mode
[  310.799570][T14984] macvlan0: entered allmulticast mode
[  310.805383][T14984] macvlan1: entered promiscuous mode
[  310.811178][T14984] macvlan1: entered allmulticast mode
[  310.816682][T14984] ipvlan0: entered promiscuous mode
[  310.822028][T14984] ipvlan0: entered allmulticast mode
[  310.827426][T14984] ipvlan1: entered promiscuous mode
[  310.832699][T14984] ipvlan1: entered allmulticast mode
[  310.838085][T14984] veth1_macvtap: entered promiscuous mode
[  310.843948][T14984] veth1_macvtap: entered allmulticast mode
[  310.849926][T14984] veth0_macvtap: entered allmulticast mode
[  310.856006][T14984] macvtap0: entered promiscuous mode
[  310.861457][T14984] macvtap0: entered allmulticast mode
[  310.866974][T14984] geneve0: entered promiscuous mode
[  310.872290][T14984] geneve0: entered allmulticast mode
[  310.877877][T14984] geneve1: entered promiscuous mode
[  310.883277][T14984] geneve1: entered allmulticast mode
[  310.888789][T14984] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  310.895913][T14984] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  310.903279][T14984] mac80211_hwsim hwsim6 wlan1: entered promiscuous mode
[  310.910243][T14984] mac80211_hwsim hwsim6 wlan1: entered allmulticast mode
[  310.917564][T14984] batadv0.5: entered promiscuous mode
[  310.923363][T14984] batadv0.5: entered allmulticast mode
[  310.929500][T14984] syztnl0: entered promiscuous mode
[  310.934769][T14984] syztnl0: entered allmulticast mode
[  310.940149][T14984] pim6reg: entered promiscuous mode
[  310.945755][T14984] macvlan2: entered promiscuous mode
[  310.951203][T14984] macvlan2: entered allmulticast mode
[  310.956692][T14984] syztnl1: entered promiscuous mode
[  310.962030][T14984] syztnl1: entered allmulticast mode
[  310.967423][T14984] : entered allmulticast mode
[  310.972589][T14984] bridge1: entered promiscuous mode
[  310.977844][T14984] bridge1: entered allmulticast mode
[  310.984295][T14984] dvmrp0: entered promiscuous mode
[  310.990859][T14984] uóu8ä†ÝcÎ": entered promiscuous mode
[  310.996684][T14984] uóu8ä†ÝcÎ": entered allmulticast mode
[  311.003116][T14984] veth2: entered promiscuous mode
[  311.008181][T14984] veth2: entered allmulticast mode
[  311.013507][T14984] veth3: entered promiscuous mode
[  311.018564][T14984] veth3: entered allmulticast mode
[  311.024138][T14984] netdevsim netdevsim3 eth0: entered promiscuous mode
[  311.031249][T14984] netdevsim netdevsim3 eth0: entered allmulticast mode
[  311.038272][T14984] netdevsim netdevsim3 eth1: entered promiscuous mode
[  311.045213][T14984] netdevsim netdevsim3 eth1: entered allmulticast mode
[  311.052253][T14984] netdevsim netdevsim3 eth2: entered promiscuous mode
[  311.059036][T14984] netdevsim netdevsim3 eth2: entered allmulticast mode
[  311.066151][T14984] netdevsim netdevsim3 eth3: entered promiscuous mode
[  311.073073][T14984] netdevsim netdevsim3 eth3: entered allmulticast mode
[  311.080075][T14984] team_slave_0.8: entered promiscuous mode
[  311.086038][T14984] team_slave_0.8: entered allmulticast mode
[  311.093105][T14984] bond1: entered promiscuous mode
[  311.098273][T14984] bond1: entered allmulticast mode
[  311.104659][T14984] gre1: entered promiscuous mode
[  311.109641][T14984] gre1: entered allmulticast mode
[  311.116379][T14984] bond2: entered promiscuous mode
[  311.121571][T14984] bond2: entered allmulticast mode
[  311.128126][T14984] gretap1: entered promiscuous mode
[  311.133539][T14984] gretap1: entered allmulticast mode
[  311.138992][T14984] batadv0.11: entered promiscuous mode
[  311.144620][T14984] batadv0.11: entered allmulticast mode
[  311.150257][T14984] ip6erspan0: entered promiscuous mode
[  311.155877][T14984] ip6erspan0: entered allmulticast mode
[  311.161850][T14984] erspan1: entered promiscuous mode
[  311.167078][T14984] erspan1: entered allmulticast mode
[  311.172608][T14984] veth4: entered promiscuous mode
[  311.177681][T14984] veth4: entered allmulticast mode
[  311.183219][T14984] veth5: entered promiscuous mode
[  311.188292][T14984] veth5: entered allmulticast mode
[  311.193727][T14984] veth6: entered promiscuous mode
[  311.198766][T14984] veth6: entered allmulticast mode
[  311.204145][T14984] veth7: entered promiscuous mode
[  311.209190][T14984] veth7: entered allmulticast mode
[  311.214517][T14984] veth8: entered promiscuous mode
[  311.219539][T14984] veth8: entered allmulticast mode
[  311.224858][T14984] veth9: entered promiscuous mode
[  311.229895][T14984] veth9: entered allmulticast mode
[  311.235348][T14984] veth10: entered promiscuous mode
[  311.240610][T14984] veth10: entered allmulticast mode
[  311.245913][T14984] veth11: entered promiscuous mode
[  311.251071][T14984] veth11: entered allmulticast mode
[  311.256434][T14984] veth12: entered promiscuous mode
[  311.261599][T14984] veth12: entered allmulticast mode
[  311.266909][T14984] veth13: entered promiscuous mode
[  311.272426][T14984] veth13: entered allmulticast mode
[  311.278528][T14984] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.286956][T14984] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.295442][T14984] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.303945][T14984] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  311.312751][T14984] vxlan0: entered promiscuous mode
[  311.317897][T14984] vxlan0: entered allmulticast mode
[  311.325577][T14984] bond3: entered promiscuous mode
[  311.330846][T14984] bond3: entered allmulticast mode
[  311.336971][T14984] macsec0: entered allmulticast mode
[  311.583969][T15031] netlink: 'syz.3.2710': attribute type 5 has an invalid length.
[  311.838538][T15045] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2715'.
[  312.544867][T15082] x_tables: unsorted entry at hook 1
[  313.182535][T15127] xt_socket: unknown flags 0xd0
[  313.231100][T15138] xt_hashlimit: invalid rate
[  313.241276][T15136] xt_hashlimit: invalid rate
[  313.591269][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  313.691199][T15171] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  313.791109][T15174] vlan3: entered allmulticast mode
[  313.797345][T15174] veth1_to_batadv: entered allmulticast mode
[  313.824420][T15174] veth1_to_batadv: left allmulticast mode
[  313.875846][T15183] __nla_validate_parse: 4 callbacks suppressed
[  313.875865][T15183] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2760'.
[  313.911264][T15178] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2760'.
[  314.075765][T15189] netlink: 'syz.3.2765': attribute type 4 has an invalid length.
[  314.112905][T15189] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2765'.
[  314.134767][T15193] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2763'.
[  314.183696][T15193] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2763'.
[  314.608748][T15206] netlink: 11 bytes leftover after parsing attributes in process `syz.2.2768'.
[  314.873261][T15216] lo speed is unknown, defaulting to 1000
[  315.318421][T15223] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  315.364499][T15216] lo speed is unknown, defaulting to 1000
[  315.942170][T15244] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2779'.
[  315.967358][T15244] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  316.246121][T15262] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input13
[  316.573483][T15282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2788'.
[  316.598233][T15286] lo speed is unknown, defaulting to 1000
[  316.618392][T15288] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2792'.
[  316.628441][T15288] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2792'.
[  316.648551][T15288] gtp0: entered promiscuous mode
[  316.653929][T15288] gtp0: entered allmulticast mode
[  316.862421][T15296] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  316.900054][T15296] netlink: 'syz.0.2795': attribute type 11 has an invalid length.
[  317.928383][T15346] lo speed is unknown, defaulting to 1000
[  318.016071][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  318.027672][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  318.036830][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  318.047068][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  318.055122][ T5845] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  318.062614][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  318.162554][T15352] lo speed is unknown, defaulting to 1000
[  318.224936][T15358] netlink: 'syz.1.2817': attribute type 20 has an invalid length.
[  318.427854][T15352] chnl_net:caif_netlink_parms(): no params data found
[  318.468446][T15369] 8021q: adding VLAN 0 to HW filter on device bond5
[  318.580154][T15374] 8021q: adding VLAN 0 to HW filter on device bond5
[  318.599653][T15374] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  318.612745][T15374] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  318.883552][T15399] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  318.930583][T15352] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.937820][T15352] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.950870][T15352] bridge_slave_0: entered allmulticast mode
[  318.957969][T15352] bridge_slave_0: entered promiscuous mode
[  318.976467][T15352] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.006117][T15352] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.016267][T15352] bridge_slave_1: entered allmulticast mode
[  319.032515][T15352] bridge_slave_1: entered promiscuous mode
[  319.071777][T15352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  319.105109][T15405] netlink: 'syz.2.2830': attribute type 20 has an invalid length.
[  319.113261][T15408] FAULT_INJECTION: forcing a failure.
[  319.113261][T15408] name failslab, interval 1, probability 0, space 0, times 0
[  319.114232][T15352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.134740][T15408] CPU: 0 UID: 0 PID: 15408 Comm: syz.3.2831 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  319.134769][T15408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  319.134779][T15408] Call Trace:
[  319.134787][T15408]  <TASK>
[  319.134795][T15408]  dump_stack_lvl+0x241/0x360
[  319.134826][T15408]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.134848][T15408]  ? __pfx__printk+0x10/0x10
[  319.134871][T15408]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  319.134894][T15408]  ? __pfx___might_resched+0x10/0x10
[  319.134918][T15408]  should_fail_ex+0x3b0/0x4e0
[  319.134939][T15408]  should_failslab+0xac/0x100
[  319.134963][T15408]  kmem_cache_alloc_node_noprof+0x77/0x380
[  319.134985][T15408]  ? __alloc_skb+0x1c3/0x440
[  319.135005][T15408]  __alloc_skb+0x1c3/0x440
[  319.135028][T15408]  ? __pfx___alloc_skb+0x10/0x10
[  319.135046][T15408]  ? netlink_autobind+0xd6/0x2f0
[  319.135064][T15408]  ? netlink_autobind+0x2b0/0x2f0
[  319.135086][T15408]  netlink_sendmsg+0x638/0xcb0
[  319.135115][T15408]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.135137][T15408]  ? aa_sock_msg_perm+0x91/0x160
[  319.135156][T15408]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.135170][T15408]  __sock_sendmsg+0x221/0x270
[  319.135192][T15408]  ____sys_sendmsg+0x52a/0x7e0
[  319.135217][T15408]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.135231][T15408]  ? __fget_files+0x2a/0x410
[  319.135255][T15408]  ? __fget_files+0x2a/0x410
[  319.135281][T15408]  __sys_sendmsg+0x269/0x350
[  319.135302][T15408]  ? __pfx___sys_sendmsg+0x10/0x10
[  319.135332][T15408]  ? do_sys_openat2+0x17a/0x1d0
[  319.135382][T15408]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  319.135404][T15408]  ? do_syscall_64+0x100/0x230
[  319.135423][T15408]  ? do_syscall_64+0xb6/0x230
[  319.135441][T15408]  do_syscall_64+0xf3/0x230
[  319.135457][T15408]  ? clear_bhb_loop+0x35/0x90
[  319.135478][T15408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.135494][T15408] RIP: 0033:0x7f09eef8cd29
[  319.135515][T15408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.135528][T15408] RSP: 002b:00007f09efe4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.135546][T15408] RAX: ffffffffffffffda RBX: 00007f09ef1a5fa0 RCX: 00007f09eef8cd29
[  319.135558][T15408] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000007
[  319.135569][T15408] RBP: 00007f09efe4c090 R08: 0000000000000000 R09: 0000000000000000
[  319.135579][T15408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.135588][T15408] R13: 0000000000000000 R14: 00007f09ef1a5fa0 R15: 00007ffd35241048
[  319.135613][T15408]  </TASK>
[  319.424339][T15413] IPv6: sit2: Disabled Multicast RS
[  319.431950][T15416] __nla_validate_parse: 4 callbacks suppressed
[  319.431969][T15416] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2834'.
[  319.471516][T15416] netlink: 'syz.2.2834': attribute type 11 has an invalid length.
[  319.505336][T15352] team0: Port device team_slave_0 added
[  319.534849][T15352] team0: Port device team_slave_1 added
[  319.594981][T15420] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2835'.
[  319.644861][T15352] batman_adv: batadv0: Adding interface: batadv_slave_0
[  319.675715][T15352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.709045][T15352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  319.748516][T15352] batman_adv: batadv0: Adding interface: batadv_slave_1
[  319.772168][T15352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.882690][T15352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  319.907085][T15437] IPVS: stopping backup sync thread 6681 ...
[  319.941491][T15437] 
[  319.943874][T15437] ======================================================
[  319.950906][T15437] WARNING: possible circular locking dependency detected
[  319.957922][T15437] 6.13.0-syzkaller-04046-g0ad9617c78ac #0 Not tainted
[  319.964669][T15437] ------------------------------------------------------
[  319.971678][T15437] syz.1.2839/15437 is trying to acquire lock:
[  319.977734][T15437] ffffffff8fcc5a88 (rtnl_mutex){+.+.}-{4:4}, at: ip_mc_drop_socket+0x81/0x280
[  319.986724][T15437] 
[  319.986724][T15437] but task is already holding lock:
[  319.994092][T15437] ffff88807d792d28 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1c3/0xe50
[  320.004198][T15437] 
[  320.004198][T15437] which lock already depends on the new lock.
[  320.004198][T15437] 
[  320.014591][T15437] 
[  320.014591][T15437] the existing dependency chain (in reverse order) is:
[  320.023683][T15437] 
[  320.023683][T15437] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  320.032283][T15437]        lock_acquire+0x1ed/0x550
[  320.037309][T15437]        __mutex_lock+0x19c/0x1010
[  320.042416][T15437]        smc_switch_to_fallback+0x35/0xd90
[  320.048239][T15437]        smc_sendmsg+0x11f/0x530
[  320.053198][T15437]        __sock_sendmsg+0x221/0x270
[  320.058403][T15437]        __sys_sendto+0x363/0x4c0
[  320.063426][T15437]        __x64_sys_sendto+0xde/0x100
[  320.068709][T15437]        do_syscall_64+0xf3/0x230
[  320.073748][T15437]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.080227][T15437] 
[  320.080227][T15437] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  320.087891][T15437]        lock_acquire+0x1ed/0x550
[  320.092921][T15437]        lock_sock_nested+0x48/0x100
[  320.098205][T15437]        do_ip_setsockopt+0x1a2d/0x3cd0
[  320.103743][T15437]        ip_setsockopt+0x63/0x100
[  320.108763][T15437]        do_sock_setsockopt+0x3af/0x720
[  320.114302][T15437]        __x64_sys_setsockopt+0x1ee/0x280
[  320.120016][T15437]        do_syscall_64+0xf3/0x230
[  320.125032][T15437]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.131440][T15437] 
[  320.131440][T15437] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  320.138670][T15437]        validate_chain+0x18ef/0x5920
[  320.144053][T15437]        __lock_acquire+0x1397/0x2100
[  320.149417][T15437]        lock_acquire+0x1ed/0x550
[  320.154452][T15437]        __mutex_lock+0x19c/0x1010
[  320.159578][T15437]        ip_mc_drop_socket+0x81/0x280
[  320.164957][T15437]        inet_release+0x96/0x200
[  320.169907][T15437]        sock_release+0x82/0x150
[  320.174852][T15437]        stop_sync_thread+0x4e6/0x5e0
[  320.180228][T15437]        do_ip_vs_set_ctl+0x47b/0x13d0
[  320.185685][T15437]        nf_setsockopt+0x295/0x2c0
[  320.190790][T15437]        smc_setsockopt+0x275/0xe50
[  320.195986][T15437]        do_sock_setsockopt+0x3af/0x720
[  320.201528][T15437]        __x64_sys_setsockopt+0x1ee/0x280
[  320.207240][T15437]        do_syscall_64+0xf3/0x230
[  320.212262][T15437]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.218669][T15437] 
[  320.218669][T15437] other info that might help us debug this:
[  320.218669][T15437] 
[  320.228887][T15437] Chain exists of:
[  320.228887][T15437]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  320.228887][T15437] 
[  320.242450][T15437]  Possible unsafe locking scenario:
[  320.242450][T15437] 
[  320.249899][T15437]        CPU0                    CPU1
[  320.255255][T15437]        ----                    ----
[  320.260622][T15437]   lock(&smc->clcsock_release_lock);
[  320.265990][T15437]                                lock(sk_lock-AF_INET);
[  320.272917][T15437]                                lock(&smc->clcsock_release_lock);
[  320.280798][T15437]   lock(rtnl_mutex);
[  320.284772][T15437] 
[  320.284772][T15437]  *** DEADLOCK ***
[  320.284772][T15437] 
[  320.292904][T15437] 1 lock held by syz.1.2839/15437:
[  320.298001][T15437]  #0: ffff88807d792d28 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1c3/0xe50
[  320.308532][T15437] 
[  320.308532][T15437] stack backtrace:
[  320.314406][T15437] CPU: 0 UID: 0 PID: 15437 Comm: syz.1.2839 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  320.314427][T15437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  320.314436][T15437] Call Trace:
[  320.314444][T15437]  <TASK>
[  320.314452][T15437]  dump_stack_lvl+0x241/0x360
[  320.314477][T15437]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.314495][T15437]  ? __pfx__printk+0x10/0x10
[  320.314516][T15437]  print_circular_bug+0x13a/0x1b0
[  320.314538][T15437]  check_noncircular+0x36a/0x4a0
[  320.314556][T15437]  ? stack_depot_save_flags+0x7b4/0x940
[  320.314572][T15437]  ? __pfx_check_noncircular+0x10/0x10
[  320.314591][T15437]  ? lockdep_lock+0x123/0x2b0
[  320.314606][T15437]  ? kthread_stop+0x1a1/0x640
[  320.314621][T15437]  ? stop_sync_thread+0x165/0x5e0
[  320.314634][T15437]  ? do_ip_vs_set_ctl+0x47b/0x13d0
[  320.314647][T15437]  ? nf_setsockopt+0x295/0x2c0
[  320.314662][T15437]  ? smc_setsockopt+0x275/0xe50
[  320.314681][T15437]  ? __x64_sys_setsockopt+0x1ee/0x280
[  320.314695][T15437]  ? do_syscall_64+0xf3/0x230
[  320.314708][T15437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.314724][T15437]  validate_chain+0x18ef/0x5920
[  320.314749][T15437]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  320.314767][T15437]  ? __pfx_validate_chain+0x10/0x10
[  320.314786][T15437]  ? call_rcu+0x799/0xac0
[  320.314798][T15437]  ? lockdep_hardirqs_on+0x99/0x150
[  320.314820][T15437]  ? __pfx_call_rcu+0x10/0x10
[  320.314832][T15437]  ? put_task_stack+0x1a5/0x230
[  320.314855][T15437]  ? mark_lock+0x9a/0x360
[  320.314873][T15437]  __lock_acquire+0x1397/0x2100
[  320.314895][T15437]  lock_acquire+0x1ed/0x550
[  320.314910][T15437]  ? ip_mc_drop_socket+0x81/0x280
[  320.314932][T15437]  ? __pfx_lock_acquire+0x10/0x10
[  320.314949][T15437]  ? __pfx___might_resched+0x10/0x10
[  320.314969][T15437]  __mutex_lock+0x19c/0x1010
[  320.314987][T15437]  ? ip_mc_drop_socket+0x81/0x280
[  320.315007][T15437]  ? __pfx_lock_release+0x10/0x10
[  320.315023][T15437]  ? lockdep_hardirqs_on+0x99/0x150
[  320.315041][T15437]  ? ip_mc_drop_socket+0x81/0x280
[  320.315058][T15437]  ? wait_for_completion+0x555/0x620
[  320.315076][T15437]  ? __pfx___mutex_lock+0x10/0x10
[  320.315100][T15437]  ip_mc_drop_socket+0x81/0x280
[  320.315120][T15437]  inet_release+0x96/0x200
[  320.315136][T15437]  sock_release+0x82/0x150
[  320.315154][T15437]  stop_sync_thread+0x4e6/0x5e0
[  320.315167][T15437]  ? __might_fault+0xc6/0x120
[  320.315183][T15437]  do_ip_vs_set_ctl+0x47b/0x13d0
[  320.315206][T15437]  ? nf_setsockopt+0x240/0x2c0
[  320.315220][T15437]  ? do_ip_setsockopt+0x1f44/0x3cd0
[  320.315238][T15437]  ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[  320.315255][T15437]  ? __mutex_lock+0x397/0x1010
[  320.315275][T15437]  ? __mutex_unlock_slowpath+0x227/0x800
[  320.315297][T15437]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  320.315318][T15437]  ? __pfx___mutex_lock+0x10/0x10
[  320.315340][T15437]  nf_setsockopt+0x295/0x2c0
[  320.315355][T15437]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  320.315375][T15437]  smc_setsockopt+0x275/0xe50
[  320.315396][T15437]  ? __pfx_smc_setsockopt+0x10/0x10
[  320.315416][T15437]  ? aa_sock_opt_perm+0x79/0x120
[  320.315432][T15437]  ? __pfx_smc_setsockopt+0x10/0x10
[  320.315450][T15437]  do_sock_setsockopt+0x3af/0x720
[  320.315468][T15437]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  320.315485][T15437]  ? __fget_files+0x395/0x410
[  320.315506][T15437]  ? __fget_files+0x2a/0x410
[  320.315526][T15437]  __x64_sys_setsockopt+0x1ee/0x280
[  320.315543][T15437]  do_syscall_64+0xf3/0x230
[  320.315555][T15437]  ? clear_bhb_loop+0x35/0x90
[  320.315571][T15437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.315585][T15437] RIP: 0033:0x7f23d4f8cd29
[  320.315598][T15437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.315611][T15437] RSP: 002b:00007f23d5e99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  320.315626][T15437] RAX: ffffffffffffffda RBX: 00007f23d51a5fa0 RCX: 00007f23d4f8cd29
[  320.315636][T15437] RDX: 000000000000048c RSI: 0000000000000000 RDI: 0000000000000003
[  320.315645][T15437] RBP: 00007f23d500e2a0 R08: 0000000000000018 R09: 0000000000000000
[  320.315654][T15437] R10: 0000000020008d00 R11: 0000000000000246 R12: 0000000000000000
[  320.315662][T15437] R13: 0000000000000000 R14: 00007f23d51a5fa0 R15: 00007fffa8e7ca68
[  320.315677][T15437]  </TASK>
[  320.738825][ T5831] Bluetooth: hci0: command tx timeout
[  320.764417][T15352] hsr_slave_0: entered promiscuous mode
[  320.771071][T15352] hsr_slave_1: entered promiscuous mode
[  320.777224][T15352] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  320.785203][T15352] Cannot create hsr debugfs directory
[  320.791345][T15439] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2840'.
[  320.808490][T15439] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2840'.
[  321.037341][T15352] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  321.046379][T15352] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  321.054977][T15352] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  321.064274][T15352] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  321.125405][T15352] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.139730][T15352] 8021q: adding VLAN 0 to HW filter on device team0
[  321.149776][ T4557] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.156881][ T4557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  321.174591][ T9123] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.181708][ T9123] bridge0: port 2(bridge_slave_1) entered forwarding state
[  321.264175][T15352] 8021q: adding VLAN 0 to HW filter on device batadv0
[  321.291852][T15352] veth0_vlan: entered promiscuous mode
[  321.300612][T15352] veth1_vlan: entered promiscuous mode
[  321.318716][T15352] veth0_macvtap: entered promiscuous mode
[  321.327468][T15352] veth1_macvtap: entered promiscuous mode
[  321.340267][T15352] batman_adv: batadv0: Interface activated: batadv_slave_0
[  321.350963][T15352] batman_adv: batadv0: Interface activated: batadv_slave_1
[  321.362206][T15352] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  321.371378][T15352] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  321.380090][T15352] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.389256][T15352] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.412957][T15352] ieee80211 phy26: Selected rate control algorithm 'minstrel_ht'
[  321.430033][ T9120] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.431632][T15352] ieee80211 phy27: Selected rate control algorithm 'minstrel_ht'
[  321.442403][ T9120] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.462477][ T9123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.472419][ T9123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.790902][ T5831] Bluetooth: hci0: command tx timeout
[  324.870989][ T5831] Bluetooth: hci0: command tx timeout
[  326.951126][ T5831] Bluetooth: hci0: command tx timeout