last executing test programs:

10.296215596s ago: executing program 4 (id=7922):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000400)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f00000001c0)="080036573b4d1e96", 0x8}], 0x1, &(0x7f0000000600)=[@ip_retopts={{0x10}}], 0x10}, 0x24000044)

3.829863439s ago: executing program 1 (id=7983):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r4, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0)

3.40186857s ago: executing program 1 (id=7988):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf251200000008000300", @ANYRES32=r2, @ANYBLOB="040081000a000600080211000001000006001a0104"], 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x80c0) (fail_nth: 6)

2.650121518s ago: executing program 1 (id=7991):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0xba, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x24, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @dev, {[@cipso={0x86, 0x70, 0x0, [{0x0, 0xc, "e256b28c59881681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x11, "73bc2300ad9d19a300000000000000"}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0)

2.576293709s ago: executing program 1 (id=7992):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000400)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f00000001c0)="080036573b4d1e96", 0x8}], 0x1, &(0x7f0000000600)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@cipso={0x86, 0xa, 0x3, [{0x5, 0x4, "9b1d"}]}]}}}], 0x20}, 0x24000044)

2.40906935s ago: executing program 1 (id=7995):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001680)=""/4091, 0xffb}], 0x1}}], 0x1, 0x2000, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, 0x0, 0x810)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x4000084)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, r3, 0x701, 0xfffffffc, 0x25dfdbfc, {0x41}}, 0x14}}, 0x4c040)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r5}, @IFLA_GTP_FD1={0x8, 0x2, @udp6}]}}}]}, 0x40}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
bind$tipc(r7, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x2, 0x1}}, 0x10)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r8, &(0x7f0000000000)="c5", 0x34000, 0x50, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @local, 0x13}, 0x1c)

2.271823076s ago: executing program 0 (id=7997):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r4, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0)

2.13518849s ago: executing program 0 (id=7999):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000200)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r3, 0x1, 0x28, &(0x7f00000003c0)=0x5, 0x4)
write(r3, &(0x7f00000002c0), 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}}, 0x4044004)
recvmmsg(r8, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x10003}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000000780)=""/260, 0x104}, {&(0x7f0000000000)=""/32, 0x20}, {&(0x7f0000002900)=""/4114, 0x1012}, {&(0x7f00000017c0)=""/220, 0xdc}, {&(0x7f0000000f40)=""/218, 0xda}, {&(0x7f00000005c0)=""/146, 0x92}, {&(0x7f00000008c0)=""/234, 0xea}], 0x8}, 0x80000002}], 0x4, 0x0, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
r11 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x9}, {&(0x7f0000000240)="6848b2796acd812dce3d01d190a3cab1e8ce", 0x12}], 0x2}, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x3c, r10, 0xd01, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x851}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, 0x0, 0x200480d5)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
writev(r1, &(0x7f0000000900)=[{&(0x7f0000000540)='x', 0x1}], 0x1)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)

2.088420678s ago: executing program 2 (id=8000):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="00001000252155b21c0012000c000100626f6e64"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c000000100003050000003efcffffff00000000", @ANYRES32=0x0, @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x59)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x4, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)

1.914329936s ago: executing program 1 (id=8002):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d40)=@delchain={0x15c, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2}, {0x0, 0xfff3}, {0x0, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x128, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_ACT={0x11c, 0x1, [@m_mirred={0x118, 0x11, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0xf1, 0xffffffffffffffff, 0x6}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x3, 0x1, 0xe, 0x4}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x5c, 0x7, 0xfff, 0x1}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xe, 0xff000000, 0x8, 0xffff0001, 0xff}, 0x2}}]}, {0x69, 0x6, "319bb848351b002738b6c4c50b9141bebb58a1fd9f04e35af9c32268b29dfa1c25c9502b51b55eff39526a56fd0f6d8f94d05679ea0836ee4adecfe3236d2d9a2d17310974eb3856d00a1028999d09c1f69183f20defc6d04e2c20de3729c15f156d19b570"}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1d8}]}, 0x15c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000002000)=@ipv6_delrule={0x54, 0x21, 0x1, 0x70bd2d, 0x25dfdbfe, {0xa, 0x20, 0x80, 0x2, 0x8, 0x0, 0x0, 0x3, 0x3}, [@FRA_SRC={0x14, 0x2, @local}, @FRA_DST={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x4, 0x6c9b}, @FIB_RULE_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x800)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2040000, &(0x7f0000003700)={0x77359400})

1.913075418s ago: executing program 2 (id=8003):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_request\x00', r0, 0x0, 0x7f}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_request\x00', r2, 0x0, 0x7f}, 0x18)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) (fail_nth: 6)

1.909345702s ago: executing program 4 (id=7923):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000003f00)=[{{0x0, 0x0, 0x0}, 0x200101}, {{0x0, 0x0, 0x0}, 0x2044}, {{0x0, 0x0, 0x0}, 0xffffffff}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/213, 0xd5}, {&(0x7f0000000900)=""/242, 0xf2}, {0x0}, {&(0x7f0000000340)=""/240, 0xf0}], 0x4}, 0x6}, {{0x0, 0x0, 0x0}, 0xd}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000540)=""/129, 0x81}, {&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000001a00)=""/4105, 0x1009}, {&(0x7f0000006080)=""/4076, 0xfec}, {&(0x7f0000000240)=""/101, 0x65}], 0x5}, 0x3}, {{0x0, 0x0, 0x0}, 0x9}], 0x8, 0x40010060, 0x0)

1.801073021s ago: executing program 4 (id=8006):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000000003a00000011"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8916, &(0x7f0000000000))
r1 = socket$key(0xf, 0x3, 0x2)
r2 = socket(0x1e, 0x4, 0x7ffffffe)
sendmsg$key(r1, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000a00)={&(0x7f0000000b80)={0x2, 0x4, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x4e20, 0x2, @mcast1, 0x6}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e22, 0x8, @loopback, 0xfffffffa}}]}, 0x70}, 0x1, 0x7}, 0x0)
shutdown(r2, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0xa20141, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

1.786840429s ago: executing program 3 (id=8007):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="00001000252155b21c0012000c000100626f6e64"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c000000100003050000003efcffffff00000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x59)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x4, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)

1.296908131s ago: executing program 2 (id=8008):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r4, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0)

1.137058727s ago: executing program 4 (id=8009):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = accept(0xffffffffffffffff, &(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000040)=0x80)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000540)="4da61bbfd6f3418d96e5778c3d2812bcf8e7001a252086e9a756b3455dc1276509c7479f288ab382fa08b4a9a6cbbac8671123cdb2a274717b8bc9d28c4510300e7e17e957ffa745d48ad9c0b02533c9e0ee0b26d7b3b0e8891d5e2d248c2854b90139c887c0e5a0c20dc22a9768acadfafcff0b3f4699416979b5f468f090b73dacce89e6d6f4a22cedb4851d5593cfd337f2aa3d0dcbb87f860deacbe36888169c7fc59c6893e57096e59b070b798ee576b6b39600f7fc703305b119a4650b0bcb4e3c782034f5ce61c295267fecc546d20be60a7b2b430aac464cd5", 0xdd}, {&(0x7f0000000440)="957df7d0a83378c8e7a89711eba064f662853735c8784b685644da46b059383e8c6370155792581db3faf860cec3a27e0e252d2de4a68aaa1bef63ec46ea183144a776abd462ee378b43f37ad8926be56ecc17fbe8edcb563fafe9075281fa5cb474b91ba744fb98cf1a66952ed76150efde4edc9ff8e42231568d611027c2b6cfec7ac0c65bb27e87e60265e9a83163ff2ad735d6b3273491864ee9f774eabaeffb10a2101b43f954e359edc8508bd1cceeb097a0bc", 0xb6}, {&(0x7f00000022c0)="4f9258ae67f9b9d99eb741724d05795d60a26f306654a2576802fcf4bf16e6f34935d6109ec276df65c56c2b691305125e670b624e859ff0dc3aca46e09afa6e7cc809e3a7866081dd4d8ff3415571c386299502cdb64bc5cc80eaf2285da5976ed89f0a2d6b9f71c88490b4df64f8d219142602387a582e25cd63e839f93a32cbf966f9f12d1d510587df1201d9f75cfefa9e70b05f502a87c5045325f7987d283622a74b5ab3cc691e506d8e1931d8f34909eec68af1f22d687ebff56bce684c11dda880b5aff60a9d25d0e0857b08a9e2cb8a22e3bb9ecf06a0e04d445ad43b2b5f26100d3a2a47c9ffbf8a36213d4630f5b4b23d51cb12c8c245858cbe851db5e533d8819a4fe3d80896470144cd2d0f427de230d9a8e4c58ff423368f96bc8ec6fb58bb0ea390318abdda5fd8f3b573cd3ebc4cbc72df7004b2c4aa7d7ec853cffbf306c24bbf6520a13b83c6e82302e55e77775a9874888a9dbef9d4f7d171f4786a56cde744911c52860dcd3b7d09dfaa84bc5116277b1a90abdcd52cd8ca2eca674385247c6146831c2fc79cf5601fe5e6b774ef5cec915b3d45e4a4a34bcf214467f5cd22586d37cceede40153922c20b41bd39039ee6c9b8f77075b339fa62270417546342c01117131fc861addfa14bfec3d4243882cb5a8aa16b6b9628b6a3542863157bdb02cf85d09ec8b504f291f57c074142b2ed8be176d0274d8276ae0ff2c6852d7007401e5cd8ecb3e4bd952870789ec077007b6a339a5b8f1f693f99ffc522a48beaa7a1bd769921776e2dbcba387bc6083de40ff05f429f6b4129763bb783818120f5bdff60d7b51b2087c4d2b1fc5606dc107ed7157a7bb14c573151f84fb5fbd8a23857359940a25acc0dad35e94186dc696c011771531a7e6cfa9bb6db94a784a4b0ef3393e32c7d4f0733625e46a8261e179e4464ff43c76b4739523cecdfd2b0ae086acd384e9dd7902cc14d0c4a959571854d18b444502eabb385bd9452c62db1ca898ad93c32dc80323c22c62afa0a5246eac2c7a7d1ce684fc95c044a83a552e7a0650a06d915f47faf281acf00f96702f8d5eb5d4f4d45c1e52592af4106bcb9691a303c4801a0011f2f04ec66730e87a9eac95c6473441f7b16c4905886f673dd7c271a424dfb37cfccc285d92f0176f9a2f848887c67e601027b869274054c379037541d7f7b424d8046c707acb4421d16bde8f4a12114b68a04ec4ede554c0525bcf8937c31d936bddfaa1e0e32cf13c3603cfa15dbb03e6773ff613b4260b68a3e92d6ca286d7a27e0466c2f222eb78663df1f831253f2c87fe7e3aae5ffc147495dbb3fc5dfaddbc7899ecc85a6d9dcc1b1b9f4a57771536a5fd1a363ad0257f75ec90c7fc2db01d824fda302dda253b8a3a47662a4af9e684a4729d2ee3c4ae2ac8d884357acb5ed5f87c88af68aeb352b4b400bc1a10896529beed8a71732f8ae69910a7ec5830c5b683977326da31592644c18f46462ef15047992d7e857ca6aa763361843b39890ebe22761de73a5ddbd97755e4d4aa8c4545e00a03fafa6eada7df86e2844b5681173ead6738513ae022c7141c77af14d0725098d2ed0fb7b7d1c129ab377010567b912efa7944425382d7cf7fcdb49ca52bfcca868343bcf69b7d0132c046fb1e3702ca1a256f67fbb4d05e0f1fca9003c2a2e82066da18466e456c34f48cf5cf86281fb7a3cf896b5ec90bd2f63d69f2cd723bb401a7e1c7ec6a2db61b2da46c83da57a1e567175cac4a8369d6fa95cc9ae933571868035f3aba9c403f5468f685ec816533b8eaa17d4c195949895c01036d1f4c3c33ad303db6dcd0fae522be70d7426bfcc7648dc1544903b5ad6d3891a0300bc46df476fe47f55162b8dea1f57c07c99affe9b390fb3ff7447fd1c363dcac7c7e9797ef3b11624866719a9bebc61f8752a0cf5371f3fde93bbf3f66fce2d54f0a4c15bafa22e9171cb6757c116acb277f82c60eec23c8eb17708598c5d2cef6cceae877234654bc3be6023f95436c54a617cc34bd09dd215a78b0126e9bd6332daaa13fe368f526137c3b1adf06c4c99c456952588f90c4d54351d3b4dae872036358c13e6c6c77b0e0ef4ad5ea6377fa05779315977e042d5b13b820a9d5c055ce84840f331235e7eb5158bebdc4bbcd565a0b905fe9c8d82dd2a394e5e895d9c9949e9ddb36f705b21338c96dcaad18574f3c7a853de207a0e24cf4aba777db72a40555cd71f92137fd4778cf7a55474ea83bed2882ef47e75d514f245fcc67c5b8b247c675fb562a785e5c03455b3fd14c5bffe73b82c1cb9b5989763792b6dd87587429d0561a0175c2fe7009af8063725a8c89793f361e06cd053ed950a4162d3c324da7f414a08f33cb3bf0b6311ab6c1ee892b2966c83b581f9f47574f04c5641443fc616cb109c7410bf31e84588ad40707857cd5285cbd7b77d9b1c943fd4b23723ac834f599cd74d3d551c655c6eb98fdec2a2c4d860b47a060f6bba6fc130026da3e5b18795abafac40b2fbdca39545d4221f087ff23fba6ee3b85d59cc840fc94ee45cded58cba49d8c656334f367a9be2d247fb4d0ab0511dc550a1f3ba6984b591fbc1d76174c4d9cdee2df504fd92758f3b7048820ac2692bd4aadd2f67978b243a0dde33dc0998375526735fe611fbf74a22b7bbb6b5f818edd018a12ccc83677f48a0c20cbd2345a2b6b58bccd3d85f3873a07633e7bce1d84ea60a281dadbe814b00c390d0874408dd9be376244fc73f663e31077b86f4dd909f1d340c1819b0154271e3f2699f81e684768122d2820ac2806ba265b0d5aaa138506e01e92235a946e18469f59448f42d96eec5d4248ba9e6fa033da924cbeccfa21edba18002e7d2b4ea3f5071e87ebb92ced4834b70b2ad7e6912df1a5c0fdbda2598365ae3ba2ce2ac0607a70ff37f557d1b17a21a7a1a233a426a0ffbe24636fc4116f0e03ca9acb1e7d1bd1ccad34c314ac68b423643e2ffd0ca35b6376de93620f1f34451fb345f557e3f917563e32d03240e0165462c91656735d19f0f5113558257197eaf4e9861867d8de098c1f40bedfd75a318eb7c843adb6fe20b1162ec65ecde0ceb2d6ed83c31cc5c0c799256112b33565ff3098d9704a09401174ad6d9b16ec44bff655c2e8409a24f9d91ed3935d265addad55c1ed778f66ec7138784739966f1676b3d5db60cd04a00e702f54a03a27a9acf197437f61cb852716e071e2c7fe699b90ea0bbd0370ab734d0710e04b869cca860b441bd3fc000d195ea4e5c0d27be3e9afb24a3094f4b527c6688dfae91e36048239ce7e3a5b7782a9f66fcb6516860905ecf6b699bd614bee3dbc940f023b2c0528b2ddefad5b9d52f7712d8e2f28f4083c5125acdb2be5940f9723790b6a3420edc985ef972ac7be880edd6f101766a2cbd6920d58aecf527c95267885fa0b526d71f809b0145aa9ce8bf4c058db05652290865e608a4d77ba15c278ff5efd80411dbaa8b73101e7b4c39118a3cfca2c5ec2a14f3e72946ce24d4268002b45d751c5421437c6a1454b97e7327ba98f8a1c08d2d823a9aece6bde63add254f281f3604b3da721e94c0779604650b6a575e7c1492ff2f76c03647856bb1ed1540037e4c6f553fc44dea222347294cbf12ff352741b54123a417f410dc78ca24ef70a6c5db59be4c3c9f9b322690154d55dc6b91147a947d4c4f2b10e2b054a50ab429bc3b0cb9b1b63fe6c39cf4db6302313b0ae970c9a93c21a02ac0564b056e5bdfd4ed34f24bf4b323b39f193cbdabea1dcf18b3778ec41d02fb07f92c44e079279faf56d2cb02e60805fb133a46717343a1f2cdcd4c0b35df1e022f055e7a8b0860754f1d2995cbc0f2585cee4b6d1796863f8db977342d7cb2803e1ca263d7968b3a65063dac9ee8a2837519633bdb03fdece338885712c95c965ea43ed3d311a2993fe42600d8c5c9d2674bfe8b5aeb92102c6dc930c0f4cdf6f76f98025bff1016aa49055071a50cd16a164944c40c209c0de62cfd83bc87d121ffa9ddea782c9609c9c8a717b15b0244e40782a57d760fdb40c04287a23dacc05f2fc18dd3884966eb03846b7cabf67c6a6346c58460c7f3408a23c4449e2c699d3b1744ef7bcaea425f948b7dae517f95e60192fee82439876fb17c93d245837a84e047d10175cf2ca22e2b19b94c6f5abda2b0e5913a856a91afdeb048f61fc6fb99fda1219cc887a27b8248b700f5be45e13f9d632d280d76698f3ef7830eff305a49b0f480b13a345fb51a52a482b486ce2040b761c452fc6475f04f2ae215cf8a12fa8498ee28e2243fd11662240efa90fcdc7789a2e3bca1a235ed58c85723029c36951d843d8c447cfa065832f4115def851304fed390d37446cc8dd31f74be60192e641877fb80b70130af8bb9f84a9d77a6aed0a3b5af64feeb3827930d26b8aa315182fad581b91da7a3b72bb68e3ea1658778dcac39cbf0e75ce391ab66c412f4b606b78e7445e88bc87928af3b4d6c31300c0de677889b5a271ca38456a858da42e385c30e4caeb9625bd0d0614cd8e57c094c78f1593bfb69a1156472cb6c219df43721d095a14c3dd282c92dd5078a926571c3c41cad090e4cfb2ca0c0148b982073012a8d42de10bfcbaa1b7819c8a8f840fe5262b0214cd0c69500f5bff00d339055e26d7bec6365298643cdb3ed51653a3418045ed44567828886995d51c6a6cb788861948d4a4613c53b99237523d7fb71b9c02e7b4474d457e8f47abf790b3b7f2ebb16c941a6365a4fc25d06119da1ce0e4a14988e54ca8dcb5c4011e693f6a48e752ed05384251e67124abb5ebf4b2a967587139f12502d128d4fb80fd17d2d1eded8c152722dd56f73e5ae019d33b51131cdb9adc7220699b47a023afad4b4fe28e49d9e0c232529d31f67b683a3c74ab18a5b79c28a925d34d4224c680cd1e46d043177d4045c2af72c3414de7f5ae51533ceb5da0e9a0d1c50d275d4c5064f41cbff88a332fdbf9fa938c41f8f257dbd5f88618b44acf2ec7a8e97d49a6e296c1bfd91a78e6946e687fa7678c53f3392b5720b2a60c383e4ef50b5d808b6b760bc5fca03ad63c824fd8b7ad31d3508c658189c49776e0feb8ea3275d0b5b26d313d3fdf9fba37829abdc84cc08a0f51f0b41ac5676c06d4a46f6f43a7fc50edf6076bc9d4f5b89a8d3cab3c94f9846c3638798aaa828bb9da7683f9b4b8fa7907bdf469324ae1c97a154b6e36151a164ab659571e7ec3688a24ac67898b46c12617d4567bf6da4115b28d2ddaf8419fc141dc431194aded40570e9b059258168592e13a57919d1fe995b9b2914469cd4556115097f6b203cebe33bcc6df39fcda0fc47de8a4ae8794d81de82ba3c8eea9cf21b2c2788a51779ec1b4ae39e722c76c2e3325ba5f8cbd2f698e34d8bc86468859ea60c0035b30725efad9996d5d4dff3458ef38d988b6f81b5279cccd36469caabc5304d24dcaf95abeed447c24ba469d868f493e628b3369b675c5ebed7f560a3c48efc99381ab9101421ea0d710b6fa6d5ddb98e2137975b2f6e97ca6db4a5de3e26d6f5e7fa99707f42d7fadb51adceac70e3c1de13cb3f3b0c0450d60bc0541bea0da397571b60f2628f0cb82dec0bcbcc36ae948fb3e76747a6fe81aaf0d110f48bc9e42341bcc9813ef948cd67a2ea50815c2890632f35daef9b087bf84163d38ba620b7a82d195632257496a7d342dfefde06eaec806e827e246d874ec36ae424fe627c887bb337b86473873afe3e52515cc47f", 0x1000}, {&(0x7f00000008c0)="122e50fc87f0846ec4b8dacced1e5ea4b431f9cd96e05aa20236f762e71c046e077fab09a295ce532900a9e85de4557b2deb0e9e63f26dddc3efecce1574b53b13520422d306f41c14e68060b64a0b36d685cadad48707322dd4e220329032d554547dc3e417990798609d7d71ed7064e625f886cc7ea98ba2eefaf272746c8db44a9e53f3eef7461b7fce50823a294b9733d864a909b950be62364e74dce7689358ae17fad943818c3981f48a84ee67323b5b933d2d56865ff7678d216b7e339caed60a", 0xc4}, {&(0x7f0000000700)="025dcf66124a120c1e0491cffe7bc5817f17e7c28b6511f02347746e8b8f6af796d0da2b19bb2e16788051b1651923ef9186eaccb583d88836598b4e662a3750b578904c6c18883026613568dfc9e59396a92b9b95fe8795b77328894872eb51064e2eabe9d90d2373e24522e87162a74d4c05ea73589d117af76a3b6610b7bcd6aa907e1f9566680666ba30be98d9857f7ae5b63850c20cb252574e2e58c29fea325f722d14326288ea46223dcc6b29295cb629a68c9431ec0dff27140c30b98961507744d9d9c6", 0xc8}, {&(0x7f0000000800)="1e6241d5779543bdcb56ebd901a781861ea285a9550bcdc54ccd484d579a510884f00852a0caba86a0af203a1b5bb88be6b35cfef8c43b04d6a5b4f760652d361f554de35ca3530a9d13822ed4ea32cfd10b0a7f16578bd73cdd7672b4887b63d561ee1f76b0c4bde5f7e6f2dcaa07343819adc021703c77bcdca90ea16d599a4718e869319982", 0x87}], 0x6, &(0x7f0000004c40)=ANY=[@ANYBLOB="1000000000000000880000005ff60000b04c0000000000000e010000fcffffffa510c69cf602eec9c9ec2a5ecfc5916bf08714d49ac955577d9c74f680e5ee9dc81b2f5de58fbd71e7c22d85952af0d0c72982076a6924fc089cd8a071b5f3e28abb6c8113ba15304b29c46f074a90454b1632ccf1847dcf8d3e1a49f154a242f83f58ed54be5507c8c694e01e3c597694d99a6849b2e86bd259625ecc9154780b742fdf54cd7ffa1d2f78cde13b5a445dd063aed220a74781d899cca6fb000058000000000000001001000005000000a2f253d8a2a3ad0a9782b0964101e32e01fd246d6cf81da23e587a0094918d9cd9a903fc574a3df447cd8eaa9d0067841f73d0348b229f4703478167a304dd4828423e1b30a55300d8000000000000001301000002000000b8e9eb86c3e0633b389783d52dd21059ad752bdda8e40c963be1a0c80fbd1ddf416d7b1034dfb45a810dfea14f4c2de0b4f6ff45e61026ee7e94c0aa51a746a10d2462ee74f3d5635ed2ada20068ac92bf100129b928df34900a9b2cfd932354be0c0a91efbbf3ec996337b765dd1be108368485586459feceeae96b7354bb70cf2c4f10ddd533fb13547f1f8202aa7785acb9adfaea1618f5a78f5282e1b15da51abff01f07c56e872d1ad878ac3c786de598f3ba087b530b58cf08ff873b0e6d9cdaf605e4828190000000000000000e01000001000000ab8b0e7ec7f849253f4d61d9daf474fa0c80485390941188154b4c20a29f7a2c5c1a3f7f9e3fc782853e48b9d5a98e70753b85f237d753be9806fc75ab1fb3eab9bc91cd5f7993c36ec0b2a444c5e128d8003e97038346ff9e86bff5aff98a48a1b42ae19fd6cabd84ba7ef95bcf4d0d90465ece7957870074f3e20e402b0000801000000000000029000000050c000068f1d9482e2c57cb58cdf0fa2d009d1bc65d0f7f1ddccf225bab7a006dfd000dbc5bb755feb66974f62d752e2ccf7828e43b7e9d55c17a01ad9c5d7e1abee9447f0a4750251d6fa1dd74d28476ba4967b32cdb22142109816453dca0531e9f5548397a92b6d7ec95fd01baacf8ad8d5e065001a24dbb17507b785c1b96101f4a03c01692084b3de087893b27297a0ccc5cf70a6c42dc47da8db060f8bf5a35f394a27b3847d25865d90195be583d34a0905bc7fc661218e88f8ab987ea009aea2a77a8432156b2da340cb7f49458004d4e7deec9dd80233d32ded111f09d9fed431523cabed3c45372e5e65732618998c7229d0e693d369ad97ee5e5f0e967702cd6f915e54aaca7f06ae5ed8246a1edb1c29f4f730bd53cd8ee09d19bf50f5b38a69e7dfa2e11aed7b52d87ff0f4d4d3b9d0fad54449c7a9ae5ab09eed720206e8649a3ff43366ed711fa302cbcbe51f011ca58524ed798801105dc1fa3b7dd8a08ebe82ca611c57450ec3fd80b837c702941b0173c3051effccfa5956420e219761f2ef25e99ec84778cb09bb59221f57b45c24cb64527f69f7fe3b77bfded7eba9c242b32fb4ea0fb378d1297d3e22f0d0f61d03a8d61e02d0dee8d613cbbdb9ec964d65d17fd6b11b880f44c9988a75a2127efac6530a12c55dd33e2bada2743f2e9d55ec876cdc6ef5a273beac090e3904f26d91243f2b1ad69dd70aa426d70b00e83a4c329d1b0d2a37ef7e5dc1c4b8ae3cea2db7a076afda85c42f9453277a3c828734a6c405b34097021b4050b3230e71fae58f34ead80eb0cb98eea1d3e9ba26af4f16dac7de1b92e619a800d8cc6d0641a2d106ca5475d2743ca5af984a91a3066710c32dcbdbe7e3a9a8708c4fcc96c70ee505a3dd81840d8287e406681b0277f642afc740e8c041d981475ef6c604689e1f5a66e84fa112c3ccc6be0bc58229cc924f59d01e3b11a59dcb14635b35fa27d9b8bacb1ed1b1ba9a0c639bdd08a629bd9059b1bbf420cdd411620edae9375c72c4e9014969c48beec2a722c8cedbadd547f5840af17d131b034c51d3955262ebfafb55d2e7e620b1cd7217f3fec44876f05a611113a9e346c16209b8d53b38b38bca418e11054c48fab3a817c1086bf5e92015c9047c3204080484bb17c4a126d25a60f0ff81b2efcefbae302cad83405b24c955155694619535b74357be9d9d65e96e552e6055aaf6657396dc1cfff1a93b246340fe9e21ace055ae5f21e6f43a727ec18f724d9178236d5aba0229e764f6a8a2653dde7d5d28402fb4a0c2a6d19d4952efb8b673b13b826da3758831222632dd5ea23f6941eb9b854d934a1a5449955de6eb90541085858fa27b08ebc7497302e5e455d5ab703690fbf8632406e6abbfdd9b92c0b3475b9da320a0277c70422358b188e8139e0b854838d39c00cfb562e2dd16e56dc67c06cd9505ebcd147893f5e8c726ced12afe01f195176fc67e2cdecd9679943743899f8646c0b2d093da1896a75ec7f58a0b21e3cdc9d9274bb36b78bb60916de10c17f433a6c946191cf9fdcab7d23c9cd27f57c869ee223f6d8bfc519549df81e9e062cbb7d55557cc26e328f3d7d0932b4752bcda876d6ab8c66868daa42424fc6254d5378b3c9dcf2232954c036318fc8f94ea2898209f8d2ce5ec705146e276df03c79d7ebfb8dc38f950c74c8da898bf56468f0b769c15518b57df019c7d4e8ba4a40d3820158d31909410d060521c46b1601e9fa4daf700786c39ec138b3908e24b12fb47cf6c01b71cea1fba0d5ff631400a9e64cff3361c8e4f961f538dbf04cb22f5e0dde074887ae209c111b200e56ecea698334a45b082c39a5aae33a42baf35711182625daca1b7eb93122cb0ec091ba9b41a0daea47579f5fabe48e6cfb915bf5d223d208e93bebcf331765e8ae02e921f1901032abf8839fa208ba6c7dec8c44f4343176f332307539857151926578226d368c1633c23b78fe86433a348a5faad366f35087c70df38df3cb1137bb791fc3d9d50d5126447b1a335aa12e5355d5185b4d3b15781b6089a3a357c913d76dd04d74c9e94472cb02484a5af47ffca2fe9dd13ffbcf4cf574acc607298de8fb6e194ff8f220c344dbb0c1e6098c51538573034eee5c9623c433fe9cb991cb0349abf24b82ade15a217b0c58e727220d1421ea57585d02b31a49110f91f2f6c9b3ec4dc14dc9b778f40b43d09d13608299b292e9b862e33c0fc175fb61c1cd15ffdf06d64ff3720b55d6113858bfbd762cf378c891801700681ba6bb9d564b0050a4763f17528fa0f1b5476ad430ab31ee9ca418e5954f8327d3bef3e9f326c2210bdd8c75a5add27ed6be9d9281600fc0f78c1f419318b0a48017d11cd3650a1d7e0690ddec034f730f4ba44fdab19278b1b8cf490d484129d627cc3678ccf01a13556915137f27aacf1346682de992bba65927c27cfeb6bd76279df6d24e8b0457cca6128e443ad2145aa241b2d8603c794cb257f4d4a3a91089930e5a4b57416216f370044a31233a16907dc6900d3a8857f676bce3ad7071c0d7de8cce6a3a9fd44877c98803035c506574f721870556025bcfbc99b97759d2870ead320ab919ad57231bef9f48c672a4b0deb88d3071ada7d2f0c8726f69d6ba1fa5bef1d8f4d7722a86b9f2f0b5ced519ab355348d85396dc286db0ae48a231d358654f8cf6c8ddbd907889c6e2c6150401194c9cec265b46a7c779e13e677938d3213af9074f2c7eed78a61d9f1173c7eef6381207b9f15f11046837211135c6416ac1c424a93c6fec1503ada6c2b3102badfe670e4585df4e98f1793d358b69d66375a9ef6894a0c10241f1f1008647c93841dc8b1fda99a082104c09cfd4c2048bad6e8e9f912d72282e44d864de6927b6999256da3154f9a8ee89ed4deefd4d1405d724cdcac278042e0764f0bc7add2aa0aa366f213deb764f0a2de93861e310717ff777c5a0aa6c5ba080e523da93203558a875437ae74fed3c02583da7fa8aabd9b31f8f02f46bd5ca5690f9c733c6a9483152da2644d0ca0182a7c49fcc97821496a10a0fd134b0814c5c02b36d0af7394559ab19cd4a1b4a3bde28d7d116192ba2c2754fb8b31d4ff276c038f64a4e2e72cfe0ac95ede0c2c35aafca13ef47dd8946d044efb1f51e7e8be6657173595d693c8ed2be703dd66b99aca637edcf09459bbb2a8d2016c737dac70dc9e5236d360ea928b872a6c108c21c5aadd456c0e21cfcc69ceff51f98ad1fae7496045f275de99e76b351056ca49b573517d1ace7c0ef45d32053be9c34b51be7e0d0ab304c8f46c02fc1a52e02e68fc8682ef777dc81af8226496365d02aeb39444deaccaacfba744e166b2a14f47e26ea62976f9ce548c51973285392d5043808c43330a9964be5a1db468b2d6f85969e01481d79c9a3ae48d32751e71cbbc0549cd817f170c7a88bab0953d36aafe577c410e79c7cc6096c93e2bddf8e07905f478bd84a9565182a228626ac9565f7e8234205e4fa666588dd969099745aff663720302023f9b1a0603ec0b05f3ecac0ff4f2546fa1e4a4736209d819eadc08389bb2fa1e162f20601552eb0139b2f04de2bbc628d96a05f9045d37c890b51e6e65d79d47c0ecb05261631cd736119355b280863ccd6b37961f8c81fb5c605337fdff16d9f3ddec49990f3279d8b7f5c8abf14c5ec51480220b2a5b54aafc70944ba16517621319272533339932f76e7b2db8a5dd841e2a293eecf087d1b34bf7db972a1f0dff1b3a26075419023183ddfe900fa6c0f4f14a8403748a74cb0364837b83fb7b41afd5201108a49ffcc32d39450dc911b33042c2cef77adfdd01bd06c862b176415f7a9953bfb8788913c38faab674c89d0edf578171f74c92ba0315494df0b3f363089603e553841f1827bcdc13b2ff52d6222ac9bc264cc49c2fa44a8d160c769669271fec65970c4d9af2c7ea5f099160f56f3cceee909e67d3250fb9c0f23838121549f83469cfa98c370a44a196bbfc124a5a21833e4d47293c46597358a46f150cd9174c5ecb3d43dc47aac982d5ef58bd06bba356670a3c9c0cdbeeda4c4eec42875c20ff7841dc927d61318131127b20a0053e807c67b46d93874fb4ef534a8ff936b60b333056b647961e6c30044713e952b5d7704e8e9103590412c3e11b9d7421dd770b5df2ebf1339ee3ada6361b8d23b7682441a1c9f3e1f9605694a6f5640e4f5d4e832b33f096c73dc7d891ffc2810ffbf90566f69a441b2322aac3480a687a50b672de94ece5e83b9870a58db485a11f9958e5b92bf3102d880d96c757f057249440dd3e1e125986934fc494f518dcde9d00b658776130b08c438967ca06153e0f209c03735f50275ab6118b2ed14dd460331b8f490c744ca0c1fffe4550156fea5d3c2b90b5fb680d27d11ed4e302185703d906c655c0f8a33604ab9817e56646a4fce85225b548e04543497a5ffcd60dd6b7a43fc5221e318383ee4d874b4013d21a34f3c054aafc8562c701e483165e6b3e55dd2199fc48899d5646632b7dcd48ea7fdd522e18a2f5ec35f8d8ccd9f79f99945118a5b20cc4db794f2656aec69f6f5a7fc166079a8fd393f5ebdff2a9365ec25e0f94b648f20e9953eb93417fd6f3f706410500247d3ec6bc84ed45641b064a18d85139eb7d90c6866915add2b6823ab6f504d36dcad065bed2d034365147a590cf889ae60de92844ad8155f25090510efc39ddcf6bab1ae9c152b7f81235d5517403439a635c256072655cfc87eff7a2fbfbc722d2ecc9aa7b9cea0c1a0186a8a6b2620e764ee10b4a8a1e55f1f690e1256f6259a8a5416a86a883ce29c9fc922327ed81025a8d41aeb9cc7f9a1db1e8e15bee1a53cdde0fc0b598874d0e608e7729091a01824bee4e435e5392477600a6a46feba136a401f9b99287f9e4f75bcc3c7a679f38739219c8451bc432170592a9d6c487f58b7e7da6d3068b0cf2e1bf86555ad50fcccaabe703330ffca6687c7bd4ba9015e7ec09c313800e6807500a53d8f1301ab2e88a0be8935707078db7cbfed021892dea4dc139ef7480761ca0656b7804c034740e202ec76185483c580d407377fdbbb954997a6b59572aa51a2f5c8882a3a5835412092ac6b722bb39afabb43fe100ab01820ea5e2410beac31973d4b99a44ca01a0312ae9482fa9022d45b1c30b3409d819271f1c4a7e0221d5ebb5e3006f478fc4b7a45a2d4d4bf24a7293a28d896e8f8329ff9b2956be6d2e0cb01a42133e2520aff5c3689f1689df3620eb20673ef066aa522ca90ddbc19f57a5e04cdecbe750003774e2472d01152cbfaad8a2c39effd61bc37871dc37a0eb5a48663312c9cdcaa520bff0c3365a72dacdac01b14dc2457e6155c9d7f278c45e57e65c5b1777806c7a7e45597e2306cedd76038bb563f3883cfb68102369d8c3bb9ad84440fc97d94edef04782a7fffb4b98c62053f0c9651623e357d11e5642720151974c9619416f505d6bba2a43c9b749503a70a976243110c00b1c639b1954f67779b0af64b5281cf800ff96774ea52f5917aa45d692728ee8ef219d03439afb4fe18b3e0b87bf7d496a3bff955750fdfa30aa37ccc9da3f7eb15f45d4d5efc7ee0bd3dc8fb1ef92cc52ba3440df9cd3fc9edb1f3cb9f75a1135c8fbddac7fdc3ba1b90ebc9c58cd9a234b33f9004b21b765646b1e2a0161846a44ee963f1a381a518d5b7f60397561533815cb3f28266603d8625507a3814e67fc3f64846d198a5ff49c15e7b5e756707e190a79e19e0e3f1c4a15f226f313631eada0a7b3d603cad02dc8d6c6cfbc0926e9ec00ba70000d76b4b78248bc9396a9e4a75b0a899033de8134c5d5814b649b347868286032a7d84722605fa4c4487ab69efe4280c3b3281fd41844b263c7dfa614e1746c889edb16c298356eaa10000000000002800000000000000140100005f0400001da0195e88a960751182d53fa7fc7ca43f0fab9fa3e50000cb4b504d2eacca095fec02e8ac651f8f9e7f5e74e49e179c88348c1e19fef0f478ac721b1d2c3edc835e5cc40564"], 0x1328}, 0x800)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x4c)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d05c164a534308", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x2ca998c3}], 0x4000032, 0x40000021, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002700)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4051}, 0x20008001)
recvmsg$can_raw(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000340)=""/197, 0xc5}], 0x1}, 0x1)
recvmsg$kcm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/97, 0x61}], 0x1}, 0x40010000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="0c0003000000000000000000080002006c"], 0x30}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f00000001c0)=[{0x0, 0x4, 0x2, 0x6}, {0x1, 0x5, 0x9, 0x7}, {0x3, 0x2, 0xc}], 0x10, 0x4f}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delqdisc={0x24, 0x25, 0x2, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x8}, {0x3, 0xd}, {0x8, 0x2}}}, 0x24}}, 0x40004)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000341200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000028000000850000006900000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bond0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@delqdisc={0x24, 0x25, 0x1, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0xf, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x4081}, 0x2400c800)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r8, 0x0, 0xfffffffffffffdfb, 0x0, &(0x7f0000000100)="c48a570389e85e8182eade802d4fb085372176732fb41a2f162107b4146a4a48b059964deda126389888827f996815e42a36293710ceab", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x17)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r12}, 0x4)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000e80)={0x0, ""/256, 0x0, 0x0, <r13=>0x0})
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000640)=<r14=>0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r12, 0xc0c89425, &(0x7f00000009c0)={"f615b40f1f7c8d793a44108072bec145", r13, r14, {0x6, 0x5}, {0x7, 0xe5df2b9}, 0x0, [0x3, 0x80, 0x9b, 0xad41, 0x2ba, 0x1, 0x2, 0x80000000, 0x4, 0x9c, 0x2, 0x8, 0x7, 0x1, 0x5, 0x1]})
unshare(0x60600)

1.132059363s ago: executing program 2 (id=8010):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000400)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f00000001c0)="080036573b4d1e96", 0x8}], 0x1}, 0x24000044)

894.155058ms ago: executing program 2 (id=8011):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x77, 0x4)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_PORTS(r2, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001000)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400090525bd70000003000002180d00", @ANYRES32=r5, @ANYBLOB='\b\x00\v\x00!'], 0x54}}, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}]}, 0x4c}}, 0x0)

847.450933ms ago: executing program 3 (id=8012):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/17, 0x11}}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
unshare(0x20000400)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$bt_hci(r2, 0x11e, 0x3, 0x0, 0x0)

699.830945ms ago: executing program 3 (id=8013):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xfffa}, {}, {0x1c, 0xfff9}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x24000000)
r4 = socket$key(0xf, 0x3, 0x2)
accept4(r4, 0x0, 0x0, 0x800)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000cd03000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100ab5a0000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001cc"], 0x7c}, 0x1, 0x0, 0x0, 0x4024}, 0x4000010)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
sendmsg$NFT_MSG_GETSET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x2c, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000240), &(0x7f0000000380)=r5}, 0x20)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

666.730779ms ago: executing program 0 (id=8014):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x7, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}}, 0x0)

592.275692ms ago: executing program 0 (id=8015):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x52001}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_AF_SPEC={0x4}, @IFLA_MTU={0x8, 0x4, 0x3}]}, 0x44}}, 0x440088c4)
r2 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40088a01, &(0x7f0000000000)=0x100)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r4, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44)
unshare(0x22020600)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r0, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1040020}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, 0x0, 0x21, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}}, 0x20004000)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r5}, 0x10)
r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r7}, 0x8)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000000009500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r9, 0x11, 0x0, 0x0, @void, @value=r8}, 0x20)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r10, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@map, r9, 0xf3c5227cb953423c, 0x2010, 0x0, @value=r10}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fcdbdf251200000008000300", @ANYRES32=r11, @ANYBLOB="040081000a000600080211000001000006001a010400000006001000630700"], 0x68}, 0x1, 0x0, 0x0, 0x4000000}, 0x80c0)

518.901348ms ago: executing program 3 (id=8016):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r3=>0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x3, [@type_tag={0x1, 0x0, 0x0, 0x12, 0x3}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}, {0x0, [0x61]}}, 0x0, 0x4f}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000157b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006067c09e8fe55a1150015400400142603600e120800060000001001a8001600a40004", 0x37}], 0x1}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d800000010008104685fa3aa7143a0f8c81ded0b25000000e8fe09a11800150006001400000000120800030043000040a8002b", 0x33}], 0x1}, 0xc001)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0xfe33)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000007000000080001006e00000008000300", @ANYRES32=r3, @ANYBLOB="0c0099000000000000000000050053000100000014000400776c616e310000000000000000000000140006"], 0x60}}, 0x0)

515.274689ms ago: executing program 2 (id=8017):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000400)=ANY=[], 0x20)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_tracing={0x1a, 0x1d, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x9}, [@alu={0x7, 0x0, 0x2, 0x4, 0x6, 0x2, 0x4}, @generic={0xb, 0x2, 0x8, 0x4, 0xa}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x5d0}, @call={0x85, 0x0, 0x0, 0xc0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7fff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}}, @map_val={0x18, 0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0x4}, @map_fd={0x18, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0xc7, 0x2b, &(0x7f0000000140)=""/43, 0xc0e00, 0x4ad101a3514e15, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0xff, 0x78, 0x6dd802df}, 0x10, 0x1cc88, 0xffffffffffffffff, 0x0, &(0x7f0000000240)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x2, @value=r0}, 0x94)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000006c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc9, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000540)={r3, &(0x7f0000000400), &(0x7f0000000440)=""/236}, 0x20)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@multicast2, 0x100000, 0x0, 0x0, 0x0, 0x8}}, 0xe8)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000000c0)={'wlan1\x00', 0x0})
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000680)={0x1, &(0x7f0000000840)=[{0x7a5, 0x1, 0x6, 0xd7fa}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
write$cgroup_int(r6, &(0x7f00000001c0)=0x8200000000000000, 0xfffffdef)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x8, 0x4000010, 0xffffffffffffffff, 0x54099000)

324.103014ms ago: executing program 0 (id=8018):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000003f00)=[{{0x0, 0x0, 0x0}, 0x200101}, {{0x0, 0x0, 0x0}, 0x2044}, {{0x0, 0x0, 0x0}, 0xffffffff}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/213, 0xd5}, {&(0x7f0000002e00)=""/4095, 0xfff}, {&(0x7f0000000340)=""/240, 0xf0}], 0x3}, 0x6}, {{0x0, 0x0, 0x0}, 0xd}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000540)=""/129, 0x81}, {&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000001a00)=""/4105, 0x1009}, {&(0x7f0000006080)=""/4076, 0xfec}, {&(0x7f0000000240)=""/101, 0x65}], 0x5}, 0x3}, {{0x0, 0x0, 0x0}, 0x9}], 0x8, 0x40010060, 0x0)

302.871062ms ago: executing program 3 (id=8019):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r4, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0)

219.326645ms ago: executing program 4 (id=8020):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000cd03000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000240), &(0x7f0000000380)=r1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x10000000}, 0x50)

217.137395ms ago: executing program 3 (id=8021):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x7, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, &(0x7f0000000240)={0x8, 0x7, 0x0, 'syz2\x00'}, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket(0x1e, 0x4, 0x0)
connect$tipc(r6, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmmsg$unix(r6, &(0x7f0000004400), 0x400000000000203, 0x0)
getsockopt$TIPC_IMPORTANCE(r6, 0x10f, 0x89, &(0x7f0000000680), 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000918000440000000000900010073797a30000000000800034000000001140000001100010000000000000000000000000a00"/100], 0x64}}, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000000010104000000000000000002001000240002801400018008000100e000000108000200e00000010c00028005000100000000001c0010800800014000000000d97405010000000008000240000000000800", @ANYRES64=r8], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
setsockopt$sock_int(r7, 0x1, 0x3e, &(0x7f00000000c0)=0x7976, 0x4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}}, 0x4044004)
recvmmsg(r9, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x10003}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000002900)=""/4114, 0x1012}, {&(0x7f00000017c0)=""/220, 0xdc}, {&(0x7f0000000f40)=""/218, 0xda}, {&(0x7f00000005c0)=""/146, 0x92}, {&(0x7f00000008c0)=""/234, 0xea}], 0x6}, 0x80000002}], 0x4, 0x0, 0x0)
bind$llc(r7, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x4, 0x1, 0x0, @local}, 0x10)
r10 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r10, 0x65, 0x8, &(0x7f00000000c0), &(0x7f0000002140)=0x4)
ppoll(&(0x7f0000000280)=[{r4}, {r5, 0xc009}, {r1, 0x208}, {r4, 0x20}, {r7, 0x2}, {r1, 0x112}, {r4, 0x20}, {r2}], 0x8, &(0x7f0000000040)={0x77359400}, &(0x7f00000000c0)={[0xd7]}, 0x8)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)

177.548414ms ago: executing program 0 (id=8022):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg0\x00', 0x2})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000380)=ANY=[@ANYBLOB="01000004"])
connect$netrom(r0, &(0x7f0000000380)={{0x6, @default, 0xa}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x48)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r2, &(0x7f0000000300)={{0x6, @rose, 0xfffc0002}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
listen(r0, 0x1ad72f7)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
close(0x4)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100002e0001b7b70000000000000001"], 0x114}], 0x1}, 0x0)
recvmmsg(r4, &(0x7f0000006b40)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x40000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xfff1}, {0x7, 0xfff3}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x40}]}, 0x2c}}, 0x4081)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r8, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001a40)={0x11, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000eaa35f8896ab58183000000850000001100000085000000000000000000d5ecec4d49e61e5dc832047587aa663136e197c4ffdf2446324c7154d507fe978a7e9806b7c51d40a5240a71d0fa68ad5a625137fe5b3eafc64ec5ad7cfcf9c4fe42cabe881f5d0f49f7f27a8e009fefb2b0cebe89b46039e33810c4e889e2bdbd004b33c9640f2a87973a881926fbcf6d1e09c6ceb7285e5aa5a00618eef5ce375c73f87a96273b718c2f3b1e7b27aced51d93e475fd61ac5d6df54"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={r9, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="020002000000000000007f962341000000000000323447d8d6ac947cb0e4fe30ef43509e6e8f55670986caa1c1f2c22d47c6d103cac679acb91516814d5ba9efbc5c99445beff7d0cbf9de41936a2f35a3c4df409f8715bf77fb451e5bfc76ac0eceb174722a8bdaead7ca2c5f977bb7ff4230b27ca195290bf78d33aea035bada77a8b1979a13bd416459a85f695e9aa790ff209a8cc01fe75e0e9c48cd275606832d67337d8d61589b99ec60ecc5a1554ec38455c9401c0cab0cd4600613a65534ec5d625b60c4d1b3ed4d6065000000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000010040b7080000000000007b8af8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r10, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0xff8, &(0x7f0000002e00)=""/4088, 0x0, 0xa}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000840)=@raw=[@call={0x85, 0x0, 0x0, 0x21}, @exit, @ldst={0x3, 0x2, 0x6, 0x4, 0x5, 0x6, 0xfffffffffffffffc}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x2}, @ldst={0x3, 0x1, 0x3, 0xa, 0x1, 0x80, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x35f, 0x0, 0x0, 0x0, 0x6519}], &(0x7f0000000100)='GPL\x00', 0x0, 0xeb, &(0x7f00000005c0)=""/235, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x297}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, 0x0, 0x0)

0s ago: executing program 4 (id=8023):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d40)=@delchain={0x190, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2}, {0x0, 0xfff3}, {0x0, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x164, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x14c, 0x1, [@m_mirred={0x148, 0x11, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0xf1, 0xffffffffffffffff, 0x6}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x3, 0x1, 0xe, 0x4}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x5c, 0x7, 0xfff, 0x1}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xe, 0xff000000, 0x8, 0xffff0001, 0xff}, 0x2}}]}, {0x99, 0x6, "319bb848351b002738b6c4c50b9141bebb58a1fd9f04e35af9c32268b29dfa1c25c9502b51b55eff39526a56fd0f6d8f94d05679ea0836ee4adecfe3236d2d9a2d17310974eb3856d00a1028999d09c1f69183f20defc6d04e2c20de3729c15f156d19b570d01b6142387bd42a81ccacf99246c39d5c0d6e393d44dab6dd2521c8f0dd94491c7577458990a9641f0c88b8c57718b8"}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {0x0}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

kernel console output (not intermixed with test programs):

val 1, probability 0, space 0, times 0
[  500.839921][T26925] CPU: 0 UID: 0 PID: 26925 Comm: syz.2.7615 Not tainted syzkaller #0 PREEMPT(full) 
[  500.839955][T26925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  500.839970][T26925] Call Trace:
[  500.839978][T26925]  <TASK>
[  500.839987][T26925]  dump_stack_lvl+0x189/0x250
[  500.840018][T26925]  ? __pfx____ratelimit+0x10/0x10
[  500.840049][T26925]  ? __pfx_dump_stack_lvl+0x10/0x10
[  500.840074][T26925]  ? __pfx__printk+0x10/0x10
[  500.840101][T26925]  ? __might_fault+0xb0/0x130
[  500.840135][T26925]  ? rcu_is_watching+0x15/0xb0
[  500.840157][T26925]  should_fail_ex+0x414/0x560
[  500.840188][T26925]  _copy_from_iter+0x1db/0x16f0
[  500.840211][T26925]  ? rcu_is_watching+0x15/0xb0
[  500.840232][T26925]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  500.840263][T26925]  ? __pfx__copy_from_iter+0x10/0x10
[  500.840285][T26925]  ? __build_skb_around+0x257/0x3e0
[  500.840320][T26925]  ? netlink_sendmsg+0x642/0xb30
[  500.840339][T26925]  ? skb_put+0x11b/0x210
[  500.840361][T26925]  netlink_sendmsg+0x6b2/0xb30
[  500.840386][T26925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  500.840407][T26925]  ? aa_sock_msg_perm+0xf1/0x1d0
[  500.840428][T26925]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  500.840452][T26925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  500.840472][T26925]  __sock_sendmsg+0x219/0x270
[  500.840502][T26925]  ____sys_sendmsg+0x505/0x830
[  500.840527][T26925]  ? __pfx_____sys_sendmsg+0x10/0x10
[  500.840556][T26925]  ? import_iovec+0x74/0xa0
[  500.840581][T26925]  ___sys_sendmsg+0x21f/0x2a0
[  500.840605][T26925]  ? __pfx____sys_sendmsg+0x10/0x10
[  500.840648][T26925]  ? __fget_files+0x2a/0x420
[  500.840666][T26925]  ? __fget_files+0x3a0/0x420
[  500.840690][T26925]  __x64_sys_sendmsg+0x19b/0x260
[  500.840715][T26925]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  500.840743][T26925]  ? __pfx_ksys_write+0x10/0x10
[  500.840770][T26925]  ? rcu_is_watching+0x15/0xb0
[  500.840794][T26925]  ? rcu_is_watching+0x15/0xb0
[  500.840825][T26925]  do_syscall_64+0xfa/0x3b0
[  500.840845][T26925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.840866][T26925]  ? clear_bhb_loop+0x60/0xb0
[  500.840891][T26925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.840912][T26925] RIP: 0033:0x7fb25cb8ebe9
[  500.840931][T26925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  500.840951][T26925] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  500.840974][T26925] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  500.840991][T26925] RDX: 0000000000008040 RSI: 0000200000000700 RDI: 0000000000000003
[  500.841006][T26925] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  500.841020][T26925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.841033][T26925] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  500.841059][T26925]  </TASK>
[  501.252813][T26941] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  501.341896][T26934] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7618'.
[  501.405544][T26950] FAULT_INJECTION: forcing a failure.
[  501.405544][T26950] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.418821][T26950] CPU: 0 UID: 0 PID: 26950 Comm: syz.1.7621 Not tainted syzkaller #0 PREEMPT(full) 
[  501.418856][T26950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  501.418870][T26950] Call Trace:
[  501.418880][T26950]  <TASK>
[  501.418891][T26950]  dump_stack_lvl+0x189/0x250
[  501.418934][T26950]  ? __pfx____ratelimit+0x10/0x10
[  501.418966][T26950]  ? __pfx_dump_stack_lvl+0x10/0x10
[  501.418992][T26950]  ? __pfx__printk+0x10/0x10
[  501.419028][T26950]  ? __might_fault+0xb0/0x130
[  501.419064][T26950]  ? rcu_is_watching+0x15/0xb0
[  501.419087][T26950]  should_fail_ex+0x414/0x560
[  501.419120][T26950]  _copy_from_iter+0x1db/0x16f0
[  501.419143][T26950]  ? rcu_is_watching+0x15/0xb0
[  501.419165][T26950]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  501.419197][T26950]  ? __pfx__copy_from_iter+0x10/0x10
[  501.419217][T26950]  ? __build_skb_around+0x257/0x3e0
[  501.419254][T26950]  ? netlink_sendmsg+0x642/0xb30
[  501.419272][T26950]  ? skb_put+0x11b/0x210
[  501.419294][T26950]  netlink_sendmsg+0x6b2/0xb30
[  501.419320][T26950]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.419341][T26950]  ? aa_sock_msg_perm+0xf1/0x1d0
[  501.419363][T26950]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  501.419394][T26950]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.419414][T26950]  __sock_sendmsg+0x219/0x270
[  501.419446][T26950]  ____sys_sendmsg+0x505/0x830
[  501.419472][T26950]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.419500][T26950]  ? import_iovec+0x74/0xa0
[  501.419526][T26950]  ___sys_sendmsg+0x21f/0x2a0
[  501.419550][T26950]  ? __pfx____sys_sendmsg+0x10/0x10
[  501.419594][T26950]  ? __fget_files+0x2a/0x420
[  501.419613][T26950]  ? __fget_files+0x3a0/0x420
[  501.419637][T26950]  __x64_sys_sendmsg+0x19b/0x260
[  501.419682][T26950]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  501.419711][T26950]  ? __pfx_ksys_write+0x10/0x10
[  501.419739][T26950]  ? rcu_is_watching+0x15/0xb0
[  501.419769][T26950]  ? rcu_is_watching+0x15/0xb0
[  501.419791][T26950]  do_syscall_64+0xfa/0x3b0
[  501.419813][T26950]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.419835][T26950]  ? clear_bhb_loop+0x60/0xb0
[  501.419859][T26950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.419881][T26950] RIP: 0033:0x7fcfc738ebe9
[  501.419902][T26950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.419921][T26950] RSP: 002b:00007fcfc8236038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.419945][T26950] RAX: ffffffffffffffda RBX: 00007fcfc75b5fa0 RCX: 00007fcfc738ebe9
[  501.419963][T26950] RDX: 0000000000000800 RSI: 0000200000000200 RDI: 0000000000000004
[  501.419977][T26950] RBP: 00007fcfc8236090 R08: 0000000000000000 R09: 0000000000000000
[  501.419992][T26950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.420006][T26950] R13: 00007fcfc75b6038 R14: 00007fcfc75b5fa0 R15: 00007ffcb112bbc8
[  501.420033][T26950]  </TASK>
[  502.208672][T26984] vcan0: tx drop: invalid da for name 0x0000000000000003
[  502.483162][T27002] FAULT_INJECTION: forcing a failure.
[  502.483162][T27002] name failslab, interval 1, probability 0, space 0, times 0
[  502.561997][T27002] CPU: 1 UID: 0 PID: 27002 Comm: syz.0.7635 Not tainted syzkaller #0 PREEMPT(full) 
[  502.562034][T27002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  502.562050][T27002] Call Trace:
[  502.562059][T27002]  <TASK>
[  502.562069][T27002]  dump_stack_lvl+0x189/0x250
[  502.562104][T27002]  ? __pfx____ratelimit+0x10/0x10
[  502.562137][T27002]  ? __pfx_dump_stack_lvl+0x10/0x10
[  502.562163][T27002]  ? __pfx__printk+0x10/0x10
[  502.562202][T27002]  should_fail_ex+0x414/0x560
[  502.562236][T27002]  should_failslab+0xa8/0x100
[  502.562269][T27002]  kmem_cache_alloc_noprof+0x73/0x3c0
[  502.562300][T27002]  ? skb_clone+0x212/0x3a0
[  502.562328][T27002]  skb_clone+0x212/0x3a0
[  502.562353][T27002]  __netlink_deliver_tap+0x404/0x850
[  502.562394][T27002]  ? netlink_deliver_tap+0x2e/0x1b0
[  502.562428][T27002]  netlink_deliver_tap+0x19c/0x1b0
[  502.562461][T27002]  netlink_unicast+0x7fa/0x9e0
[  502.562494][T27002]  ? __pfx_netlink_unicast+0x10/0x10
[  502.562525][T27002]  ? netlink_sendmsg+0x642/0xb30
[  502.562543][T27002]  ? skb_put+0x11b/0x210
[  502.562565][T27002]  netlink_sendmsg+0x805/0xb30
[  502.562591][T27002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  502.562613][T27002]  ? aa_sock_msg_perm+0xf1/0x1d0
[  502.562635][T27002]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  502.562659][T27002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  502.562679][T27002]  __sock_sendmsg+0x219/0x270
[  502.562710][T27002]  sock_write_iter+0x258/0x330
[  502.562739][T27002]  ? __pfx_sock_write_iter+0x10/0x10
[  502.562771][T27002]  ? kstrtoull+0x12f/0x1d0
[  502.562815][T27002]  do_iter_readv_writev+0x619/0x8b0
[  502.562852][T27002]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  502.562884][T27002]  ? common_file_perm+0x1b5/0x230
[  502.562920][T27002]  ? bpf_lsm_file_permission+0x9/0x20
[  502.562947][T27002]  ? security_file_permission+0x75/0x290
[  502.562976][T27002]  ? rw_verify_area+0x255/0x4d0
[  502.563005][T27002]  vfs_writev+0x31a/0x960
[  502.563033][T27002]  ? security_file_permission+0x75/0x290
[  502.563064][T27002]  ? __pfx_vfs_writev+0x10/0x10
[  502.563083][T27002]  ? vfs_write+0x956/0xb30
[  502.563116][T27002]  ? lock_release+0x4b/0x3e0
[  502.563153][T27002]  ? __fget_files+0x3a0/0x420
[  502.563171][T27002]  ? __fget_files+0x2a/0x420
[  502.563196][T27002]  do_writev+0x14d/0x2d0
[  502.563218][T27002]  ? __pfx_do_writev+0x10/0x10
[  502.563237][T27002]  ? rcu_is_watching+0x15/0xb0
[  502.563262][T27002]  ? rcu_is_watching+0x15/0xb0
[  502.563284][T27002]  do_syscall_64+0xfa/0x3b0
[  502.563305][T27002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.563326][T27002]  ? clear_bhb_loop+0x60/0xb0
[  502.563351][T27002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.563372][T27002] RIP: 0033:0x7f49a078ebe9
[  502.563392][T27002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.563412][T27002] RSP: 002b:00007f49a1517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  502.563437][T27002] RAX: ffffffffffffffda RBX: 00007f49a09b5fa0 RCX: 00007f49a078ebe9
[  502.563453][T27002] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  502.563468][T27002] RBP: 00007f49a1517090 R08: 0000000000000000 R09: 0000000000000000
[  502.563482][T27002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  502.563495][T27002] R13: 00007f49a09b6038 R14: 00007f49a09b5fa0 R15: 00007fffca921028
[  502.563522][T27002]  </TASK>
[  503.311628][T27016] netlink: 'syz.2.7639': attribute type 6 has an invalid length.
[  503.452967][ T5871] Bluetooth: hci2: link tx timeout
[  503.458511][ T5871] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.478962][ T5865] Bluetooth: hci2: link tx timeout
[  503.484150][ T5865] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.502131][ T5865] Bluetooth: hci2: link tx timeout
[  503.508951][ T5865] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.574367][ T5865] Bluetooth: hci2: link tx timeout
[  503.579779][ T5865] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.599115][ T5865] Bluetooth: hci2: link tx timeout
[  503.604336][ T5865] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.613722][ T5865] Bluetooth: hci2: link tx timeout
[  503.619562][ T5865] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.638955][ T5865] Bluetooth: hci2: link tx timeout
[  503.644193][ T5865] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.652396][ T5865] Bluetooth: hci2: link tx timeout
[  503.657761][ T5865] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  503.739714][T27048] IPVS: stopping backup sync thread 26941 ...
[  503.906081][T27061] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7655'.
[  503.960975][ T5865] Bluetooth: hci5: command 0x0406 tx timeout
[  503.978972][T27065] FAULT_INJECTION: forcing a failure.
[  503.978972][T27065] name failslab, interval 1, probability 0, space 0, times 0
[  504.005580][T27065] CPU: 0 UID: 0 PID: 27065 Comm: syz.3.7657 Not tainted syzkaller #0 PREEMPT(full) 
[  504.005622][T27065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  504.005637][T27065] Call Trace:
[  504.005647][T27065]  <TASK>
[  504.005658][T27065]  dump_stack_lvl+0x189/0x250
[  504.005701][T27065]  ? __pfx____ratelimit+0x10/0x10
[  504.005735][T27065]  ? __pfx_dump_stack_lvl+0x10/0x10
[  504.005761][T27065]  ? __pfx__printk+0x10/0x10
[  504.005794][T27065]  ? fs_reclaim_acquire+0x7d/0x100
[  504.005829][T27065]  ? rcu_is_watching+0x15/0xb0
[  504.005851][T27065]  ? __pfx___might_resched+0x10/0x10
[  504.005872][T27065]  ? lock_acquire+0x5f/0x360
[  504.005906][T27065]  should_fail_ex+0x414/0x560
[  504.005939][T27065]  should_failslab+0xa8/0x100
[  504.005973][T27065]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  504.006015][T27065]  ? __alloc_skb+0x112/0x2d0
[  504.006039][T27065]  __alloc_skb+0x112/0x2d0
[  504.006060][T27065]  netlink_sendmsg+0x5c6/0xb30
[  504.006088][T27065]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.006115][T27065]  ? aa_sock_msg_perm+0xf1/0x1d0
[  504.006138][T27065]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  504.006163][T27065]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.006183][T27065]  __sock_sendmsg+0x219/0x270
[  504.006221][T27065]  ____sys_sendmsg+0x505/0x830
[  504.006248][T27065]  ? __pfx_____sys_sendmsg+0x10/0x10
[  504.006277][T27065]  ? import_iovec+0x74/0xa0
[  504.006304][T27065]  ___sys_sendmsg+0x21f/0x2a0
[  504.006327][T27065]  ? __pfx____sys_sendmsg+0x10/0x10
[  504.006372][T27065]  ? __fget_files+0x2a/0x420
[  504.006391][T27065]  ? __fget_files+0x3a0/0x420
[  504.006416][T27065]  __x64_sys_sendmsg+0x19b/0x260
[  504.006441][T27065]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  504.006470][T27065]  ? __pfx_ksys_write+0x10/0x10
[  504.006498][T27065]  ? rcu_is_watching+0x15/0xb0
[  504.006522][T27065]  ? rcu_is_watching+0x15/0xb0
[  504.006544][T27065]  do_syscall_64+0xfa/0x3b0
[  504.006565][T27065]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.006586][T27065]  ? clear_bhb_loop+0x60/0xb0
[  504.006611][T27065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.006632][T27065] RIP: 0033:0x7f6226b8ebe9
[  504.006652][T27065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.006673][T27065] RSP: 002b:00007f6227a9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.006706][T27065] RAX: ffffffffffffffda RBX: 00007f6226db5fa0 RCX: 00007f6226b8ebe9
[  504.006723][T27065] RDX: 0000000000008040 RSI: 0000200000000700 RDI: 0000000000000003
[  504.006738][T27065] RBP: 00007f6227a9e090 R08: 0000000000000000 R09: 0000000000000000
[  504.006752][T27065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.006765][T27065] R13: 00007f6226db6038 R14: 00007f6226db5fa0 R15: 00007fff5410c448
[  504.006792][T27065]  </TASK>
[  504.418726][T27074] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7661'.
[  504.439360][T27074] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7661'.
[  504.767439][T27088] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7668'.
[  504.894218][T27095] IPVS: stopping backup sync thread 27098 ...
[  504.900729][T27098] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  504.927494][T27091] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  504.989677][T27091] tipc: Resetting bearer <eth:syzkaller0>
[  505.008756][T27105] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7673'.
[  505.019223][T27087] tipc: Disabling bearer <eth:syzkaller0>
[  505.067733][T27105] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  505.200602][T27121] FAULT_INJECTION: forcing a failure.
[  505.200602][T27121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  505.232130][T27121] CPU: 0 UID: 0 PID: 27121 Comm: syz.4.7679 Not tainted syzkaller #0 PREEMPT(full) 
[  505.232163][T27121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  505.232176][T27121] Call Trace:
[  505.232184][T27121]  <TASK>
[  505.232194][T27121]  dump_stack_lvl+0x189/0x250
[  505.232226][T27121]  ? __pfx____ratelimit+0x10/0x10
[  505.232255][T27121]  ? __pfx_dump_stack_lvl+0x10/0x10
[  505.232279][T27121]  ? __pfx__printk+0x10/0x10
[  505.232304][T27121]  ? __might_fault+0xb0/0x130
[  505.232345][T27121]  ? rcu_is_watching+0x15/0xb0
[  505.232367][T27121]  should_fail_ex+0x414/0x560
[  505.232395][T27121]  _copy_from_iter+0x1db/0x16f0
[  505.232416][T27121]  ? rcu_is_watching+0x15/0xb0
[  505.232435][T27121]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  505.232462][T27121]  ? __pfx__copy_from_iter+0x10/0x10
[  505.232482][T27121]  ? __build_skb_around+0x257/0x3e0
[  505.232515][T27121]  ? netlink_sendmsg+0x642/0xb30
[  505.232531][T27121]  ? skb_put+0x11b/0x210
[  505.232550][T27121]  netlink_sendmsg+0x6b2/0xb30
[  505.232571][T27121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  505.232589][T27121]  ? aa_sock_msg_perm+0xf1/0x1d0
[  505.232608][T27121]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  505.232627][T27121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  505.232644][T27121]  __sock_sendmsg+0x219/0x270
[  505.232671][T27121]  ____sys_sendmsg+0x505/0x830
[  505.232694][T27121]  ? __pfx_____sys_sendmsg+0x10/0x10
[  505.232716][T27121]  ? import_iovec+0x74/0xa0
[  505.232739][T27121]  ___sys_sendmsg+0x21f/0x2a0
[  505.232759][T27121]  ? __pfx____sys_sendmsg+0x10/0x10
[  505.232795][T27121]  ? __fget_files+0x2a/0x420
[  505.232811][T27121]  ? __fget_files+0x3a0/0x420
[  505.232832][T27121]  __x64_sys_sendmsg+0x19b/0x260
[  505.232853][T27121]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  505.232877][T27121]  ? __pfx_ksys_write+0x10/0x10
[  505.232902][T27121]  ? rcu_is_watching+0x15/0xb0
[  505.232923][T27121]  ? rcu_is_watching+0x15/0xb0
[  505.232942][T27121]  do_syscall_64+0xfa/0x3b0
[  505.232959][T27121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.232978][T27121]  ? clear_bhb_loop+0x60/0xb0
[  505.233000][T27121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.233019][T27121] RIP: 0033:0x7f92e3d8ebe9
[  505.233037][T27121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.233056][T27121] RSP: 002b:00007f92e4b77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  505.233077][T27121] RAX: ffffffffffffffda RBX: 00007f92e3fb5fa0 RCX: 00007f92e3d8ebe9
[  505.233092][T27121] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  505.233105][T27121] RBP: 00007f92e4b77090 R08: 0000000000000000 R09: 0000000000000000
[  505.233120][T27121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.233133][T27121] R13: 00007f92e3fb6038 R14: 00007f92e3fb5fa0 R15: 00007ffd14c461a8
[  505.233156][T27121]  </TASK>
[  505.557332][ T5871] Bluetooth: hci2: command 0x0419 tx timeout
[  505.699038][T27129] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7681'.
[  505.713598][T27129] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7681'.
[  505.885906][T27141] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7684'.
[  505.895206][T27141] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7684'.
[  505.946840][T27145] netlink: 'syz.1.7687': attribute type 4 has an invalid length.
[  505.948107][T27147] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  505.966019][T27147] tipc: Resetting bearer <eth:syzkaller0>
[  505.986684][T27146] tipc: Disabling bearer <eth:syzkaller0>
[  506.030032][T27145] netlink: 'syz.1.7687': attribute type 4 has an invalid length.
[  506.120885][T27149] siw: device registration error -23
[  506.293812][T27160] veth0_to_bridge: entered promiscuous mode
[  506.463431][T27159] veth0_to_bridge: left promiscuous mode
[  506.522589][T27168] IPVS: Scheduler module ip_vs_ not found
[  506.651441][T27184] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7700'.
[  506.690678][T27187] netlink: 'syz.1.7702': attribute type 10 has an invalid length.
[  506.706261][T27187] mac80211_hwsim hwsim52 wlan1: entered promiscuous mode
[  506.729852][T27190] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7700'.
[  507.096078][T27207] netlink: 'syz.4.7710': attribute type 1 has an invalid length.
[  507.219262][T27218] veth1_macvtap: left promiscuous mode
[  507.225781][T27218] macsec0: entered promiscuous mode
[  507.231452][T27218] macsec0: entered allmulticast mode
[  507.279070][T27212] veth1_macvtap: entered promiscuous mode
[  507.338217][T27212] veth1_macvtap: entered allmulticast mode
[  507.379715][T27212] macsec0: left promiscuous mode
[  507.402905][T27212] macsec0: left allmulticast mode
[  507.421383][T27212] veth1_macvtap: left allmulticast mode
[  507.520878][T27228] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  507.617874][T27235] openvswitch: netlink: Key type 251 is out of range max 32
[  507.684304][T27236] netlink: 'syz.4.7718': attribute type 10 has an invalid length.
[  507.742273][T27241] netlink: 'syz.1.7721': attribute type 7 has an invalid length.
[  507.775018][T27244] netlink: 'syz.2.7722': attribute type 1 has an invalid length.
[  507.783112][T27244] netlink: 'syz.2.7722': attribute type 1 has an invalid length.
[  507.810161][T27244] netlink: 'syz.2.7722': attribute type 1 has an invalid length.
[  507.810160][T27245] mac80211_hwsim hwsim54 wlan1: entered allmulticast mode
[  507.975609][T27253] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  508.014771][T27253] syzkaller0: entered promiscuous mode
[  508.028653][T27253] syzkaller0: entered allmulticast mode
[  508.056324][T27252] tipc: Resetting bearer <eth:syzkaller0>
[  508.088970][T27252] tipc: Disabling bearer <eth:syzkaller0>
[  508.250076][T27271] FAULT_INJECTION: forcing a failure.
[  508.250076][T27271] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  508.287047][T27271] CPU: 0 UID: 0 PID: 27271 Comm: syz.1.7731 Not tainted syzkaller #0 PREEMPT(full) 
[  508.287083][T27271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  508.287097][T27271] Call Trace:
[  508.287106][T27271]  <TASK>
[  508.287116][T27271]  dump_stack_lvl+0x189/0x250
[  508.287155][T27271]  ? __pfx____ratelimit+0x10/0x10
[  508.287186][T27271]  ? __pfx_dump_stack_lvl+0x10/0x10
[  508.287210][T27271]  ? __pfx__printk+0x10/0x10
[  508.287238][T27271]  ? __might_fault+0xb0/0x130
[  508.287268][T27271]  ? unwind_next_frame+0xa5/0x2390
[  508.287296][T27271]  ? rcu_is_watching+0x15/0xb0
[  508.287327][T27271]  should_fail_ex+0x414/0x560
[  508.287359][T27271]  _copy_from_iter+0x575/0x16f0
[  508.287388][T27271]  ? __pfx__copy_from_iter+0x10/0x10
[  508.287407][T27271]  ? kernel_text_address+0xa5/0xe0
[  508.287438][T27271]  ? __kernel_text_address+0xd/0x40
[  508.287469][T27271]  ? skb_page_frag_refill+0x1be/0x320
[  508.287498][T27271]  udplite_getfrag+0x42/0xb0
[  508.287527][T27271]  __ip6_append_data+0x2230/0x3f30
[  508.287569][T27271]  ? __pfx_udplite_getfrag+0x10/0x10
[  508.287602][T27271]  ? __pfx___ip6_append_data+0x10/0x10
[  508.287631][T27271]  ? rcu_is_watching+0x15/0xb0
[  508.287653][T27271]  ip6_append_data+0x1c4/0x380
[  508.287682][T27271]  ? __pfx_udplite_getfrag+0x10/0x10
[  508.287709][T27271]  udpv6_sendmsg+0xcec/0x24b0
[  508.287743][T27271]  ? __pfx_udplite_getfrag+0x10/0x10
[  508.287771][T27271]  ? __kasan_kmalloc+0x93/0xb0
[  508.287800][T27271]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  508.287831][T27271]  ? __pfx___might_resched+0x10/0x10
[  508.287860][T27271]  ? aa_sk_perm+0x81e/0x950
[  508.287900][T27271]  ? inet_send_prepare+0x5c/0x270
[  508.287931][T27271]  ? inet6_sendmsg+0xe4/0x120
[  508.287953][T27271]  __sock_sendmsg+0xe5/0x270
[  508.287984][T27271]  ____sys_sendmsg+0x52d/0x830
[  508.288008][T27271]  ? __pfx_____sys_sendmsg+0x10/0x10
[  508.288036][T27271]  ? import_iovec+0x74/0xa0
[  508.288061][T27271]  ___sys_sendmsg+0x21f/0x2a0
[  508.288084][T27271]  ? __pfx____sys_sendmsg+0x10/0x10
[  508.288105][T27271]  ? kstrtouint+0x6e/0xe0
[  508.288144][T27271]  ? __fget_files+0x2a/0x420
[  508.288159][T27271]  ? __fget_files+0x3a0/0x420
[  508.288181][T27271]  __sys_sendmmsg+0x227/0x430
[  508.288206][T27271]  ? __pfx___sys_sendmmsg+0x10/0x10
[  508.288227][T27271]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  508.288277][T27271]  ? ksys_write+0x22a/0x250
[  508.288306][T27271]  ? __pfx_ksys_write+0x10/0x10
[  508.288343][T27271]  ? rcu_is_watching+0x15/0xb0
[  508.288368][T27271]  __x64_sys_sendmmsg+0xa0/0xc0
[  508.288391][T27271]  do_syscall_64+0xfa/0x3b0
[  508.288411][T27271]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.288433][T27271]  ? clear_bhb_loop+0x60/0xb0
[  508.288458][T27271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.288480][T27271] RIP: 0033:0x7fcfc738ebe9
[  508.288501][T27271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.288521][T27271] RSP: 002b:00007fcfc8236038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  508.288546][T27271] RAX: ffffffffffffffda RBX: 00007fcfc75b5fa0 RCX: 00007fcfc738ebe9
[  508.288560][T27271] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003
[  508.288573][T27271] RBP: 00007fcfc8236090 R08: 0000000000000000 R09: 0000000000000000
[  508.288587][T27271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.288600][T27271] R13: 00007fcfc75b6038 R14: 00007fcfc75b5fa0 R15: 00007ffcb112bbc8
[  508.288626][T27271]  </TASK>
[  509.006767][T27284] netlink: 'syz.4.7735': attribute type 7 has an invalid length.
[  509.405298][T27314] FAULT_INJECTION: forcing a failure.
[  509.405298][T27314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  509.425264][T27314] CPU: 1 UID: 0 PID: 27314 Comm: syz.2.7747 Not tainted syzkaller #0 PREEMPT(full) 
[  509.425300][T27314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  509.425314][T27314] Call Trace:
[  509.425323][T27314]  <TASK>
[  509.425333][T27314]  dump_stack_lvl+0x189/0x250
[  509.425369][T27314]  ? __pfx____ratelimit+0x10/0x10
[  509.425403][T27314]  ? __pfx_dump_stack_lvl+0x10/0x10
[  509.425429][T27314]  ? __pfx__printk+0x10/0x10
[  509.425458][T27314]  ? __might_fault+0xb0/0x130
[  509.425489][T27314]  ? aa_file_perm+0x13a/0x1550
[  509.425511][T27314]  ? rcu_is_watching+0x15/0xb0
[  509.425536][T27314]  ? rcu_is_watching+0x15/0xb0
[  509.425559][T27314]  should_fail_ex+0x414/0x560
[  509.425591][T27314]  _copy_from_user+0x2d/0xb0
[  509.425619][T27314]  ____sys_sendmsg+0x2fe/0x830
[  509.425648][T27314]  ? __pfx_____sys_sendmsg+0x10/0x10
[  509.425670][T27314]  ? __might_fault+0xb0/0x130
[  509.425703][T27314]  ? import_iovec+0x74/0xa0
[  509.425730][T27314]  ___sys_sendmsg+0x21f/0x2a0
[  509.425754][T27314]  ? __pfx____sys_sendmsg+0x10/0x10
[  509.425795][T27314]  ? __fget_files+0x2a/0x420
[  509.425815][T27314]  ? __fget_files+0x3a0/0x420
[  509.425840][T27314]  __x64_sys_sendmsg+0x19b/0x260
[  509.425864][T27314]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  509.425893][T27314]  ? __pfx_ksys_write+0x10/0x10
[  509.425921][T27314]  ? rcu_is_watching+0x15/0xb0
[  509.425945][T27314]  ? rcu_is_watching+0x15/0xb0
[  509.425978][T27314]  do_syscall_64+0xfa/0x3b0
[  509.425999][T27314]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.426021][T27314]  ? clear_bhb_loop+0x60/0xb0
[  509.426045][T27314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.426067][T27314] RIP: 0033:0x7fb25cb8ebe9
[  509.426088][T27314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.426108][T27314] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  509.426133][T27314] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  509.426150][T27314] RDX: 0000000024000044 RSI: 0000200000000040 RDI: 0000000000000003
[  509.426165][T27314] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  509.426179][T27314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.426192][T27314] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  509.426218][T27314]  </TASK>
[  509.672981][T27316] netlink: 'syz.1.7746': attribute type 3 has an invalid length.
[  509.681084][T27316] __nla_validate_parse: 10 callbacks suppressed
[  509.681106][T27316] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7746'.
[  509.784506][T27312] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7745'.
[  510.289647][T27360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7766'.
[  510.426405][T13274] IPVS: starting estimator thread 0...
[  510.440148][T27363] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  510.460037][T27371] netlink: 14 bytes leftover after parsing attributes in process `syz.0.7771'.
[  510.507303][T27374] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  510.525544][T27371] syzkaller1: entered promiscuous mode
[  510.527672][T27369] IPVS: using max 39 ests per chain, 93600 per kthread
[  510.532361][T27371] syzkaller1: entered allmulticast mode
[  510.604125][T27378] netlink: 'syz.3.7774': attribute type 4 has an invalid length.
[  510.715054][T27383] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  510.733340][T27383] syzkaller0: entered promiscuous mode
[  510.747141][T27380] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7776'.
[  510.756466][T27383] syzkaller0: entered allmulticast mode
[  510.781357][T27383] tipc: Resetting bearer <eth:syzkaller0>
[  510.788968][T27381] tipc: Resetting bearer <eth:syzkaller0>
[  510.807932][T27381] tipc: Disabling bearer <eth:syzkaller0>
[  510.991393][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058c73800: rx timeout, send abort
[  511.147300][T27407] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  511.162936][T27406] IPVS: stopping backup sync thread 27407 ...
[  511.215272][T27409] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7787'.
[  511.285295][T27415] tls_set_device_offload_rx: netdev not found
[  511.299061][T27415] FAULT_INJECTION: forcing a failure.
[  511.299061][T27415] name failslab, interval 1, probability 0, space 0, times 0
[  511.316291][T27415] CPU: 0 UID: 0 PID: 27415 Comm: syz.2.7790 Not tainted syzkaller #0 PREEMPT(full) 
[  511.316327][T27415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.316343][T27415] Call Trace:
[  511.316353][T27415]  <TASK>
[  511.316363][T27415]  dump_stack_lvl+0x189/0x250
[  511.316396][T27415]  ? __pfx____ratelimit+0x10/0x10
[  511.316429][T27415]  ? __pfx_dump_stack_lvl+0x10/0x10
[  511.316453][T27415]  ? __pfx__printk+0x10/0x10
[  511.316482][T27415]  ? __pfx___might_resched+0x10/0x10
[  511.316504][T27415]  ? lock_acquire+0x5f/0x360
[  511.316537][T27415]  should_fail_ex+0x414/0x560
[  511.316569][T27415]  should_failslab+0xa8/0x100
[  511.316603][T27415]  __kmalloc_node_noprof+0xd1/0x4e0
[  511.316632][T27415]  ? __pfx___up_read+0x10/0x10
[  511.316654][T27415]  ? crypto_create_tfm_node+0x83/0x3f0
[  511.316688][T27415]  crypto_create_tfm_node+0x83/0x3f0
[  511.316722][T27415]  crypto_spawn_tfm2+0x5c/0x90
[  511.316746][T27415]  crypto_gcm_init_tfm+0x4a/0x210
[  511.316771][T27415]  crypto_create_tfm_node+0x18c/0x3f0
[  511.316805][T27415]  crypto_alloc_tfm_node+0x172/0x3f0
[  511.316840][T27415]  tls_set_sw_offload+0xa37/0x17d0
[  511.316877][T27415]  tls_setsockopt+0xc8b/0x1340
[  511.316914][T27415]  ? __pfx_tls_setsockopt+0x10/0x10
[  511.316946][T27415]  ? __pfx_aa_sk_perm+0x10/0x10
[  511.316980][T27415]  ? aa_sock_opt_perm+0xff/0x1b0
[  511.317001][T27415]  ? sock_common_setsockopt+0x36/0xc0
[  511.317031][T27415]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  511.317061][T27415]  do_sock_setsockopt+0x179/0x1b0
[  511.317085][T27415]  __x64_sys_setsockopt+0x13f/0x1b0
[  511.317122][T27415]  do_syscall_64+0xfa/0x3b0
[  511.317143][T27415]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.317168][T27415]  ? clear_bhb_loop+0x60/0xb0
[  511.317191][T27415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.317212][T27415] RIP: 0033:0x7fb25cb8ebe9
[  511.317232][T27415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.317251][T27415] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  511.317275][T27415] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  511.317291][T27415] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000003
[  511.317305][T27415] RBP: 00007fb25dae2090 R08: 0000000000000038 R09: 0000000000000000
[  511.317319][T27415] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  511.317333][T27415] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  511.317357][T27415]  </TASK>
[  511.567547][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058c71800: rx timeout, send abort
[  511.575869][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058c73800: abort rx timeout. Force session deactivation
[  511.737230][T27429] netlink: 'syz.0.7796': attribute type 4 has an invalid length.
[  511.784863][T27429] netlink: 'syz.0.7796': attribute type 4 has an invalid length.
[  511.790492][T27435] FAULT_INJECTION: forcing a failure.
[  511.790492][T27435] name failslab, interval 1, probability 0, space 0, times 0
[  511.840472][T27435] CPU: 1 UID: 0 PID: 27435 Comm: syz.2.7798 Not tainted syzkaller #0 PREEMPT(full) 
[  511.840507][T27435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.840521][T27435] Call Trace:
[  511.840530][T27435]  <TASK>
[  511.840541][T27435]  dump_stack_lvl+0x189/0x250
[  511.840574][T27435]  ? __pfx____ratelimit+0x10/0x10
[  511.840606][T27435]  ? __pfx_dump_stack_lvl+0x10/0x10
[  511.840630][T27435]  ? __pfx__printk+0x10/0x10
[  511.840664][T27435]  should_fail_ex+0x414/0x560
[  511.840702][T27435]  should_failslab+0xa8/0x100
[  511.840735][T27435]  kmem_cache_alloc_noprof+0x73/0x3c0
[  511.840764][T27435]  ? skb_clone+0x212/0x3a0
[  511.840792][T27435]  skb_clone+0x212/0x3a0
[  511.840818][T27435]  __netlink_deliver_tap+0x404/0x850
[  511.840871][T27435]  ? netlink_deliver_tap+0x2e/0x1b0
[  511.840921][T27435]  netlink_deliver_tap+0x19c/0x1b0
[  511.840953][T27435]  netlink_unicast+0x7fa/0x9e0
[  511.840986][T27435]  ? __pfx_netlink_unicast+0x10/0x10
[  511.841015][T27435]  ? netlink_sendmsg+0x642/0xb30
[  511.841039][T27435]  ? skb_put+0x11b/0x210
[  511.841061][T27435]  netlink_sendmsg+0x805/0xb30
[  511.841085][T27435]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.841106][T27435]  ? aa_sock_msg_perm+0xf1/0x1d0
[  511.841127][T27435]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  511.841151][T27435]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.841171][T27435]  __sock_sendmsg+0x219/0x270
[  511.841201][T27435]  ____sys_sendmsg+0x505/0x830
[  511.841227][T27435]  ? __pfx_____sys_sendmsg+0x10/0x10
[  511.841254][T27435]  ? import_iovec+0x74/0xa0
[  511.841281][T27435]  ___sys_sendmsg+0x21f/0x2a0
[  511.841305][T27435]  ? __pfx____sys_sendmsg+0x10/0x10
[  511.841347][T27435]  ? __fget_files+0x2a/0x420
[  511.841365][T27435]  ? __fget_files+0x3a0/0x420
[  511.841389][T27435]  __x64_sys_sendmsg+0x19b/0x260
[  511.841413][T27435]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  511.841442][T27435]  ? __pfx_ksys_write+0x10/0x10
[  511.841470][T27435]  ? rcu_is_watching+0x15/0xb0
[  511.841495][T27435]  ? rcu_is_watching+0x15/0xb0
[  511.841516][T27435]  do_syscall_64+0xfa/0x3b0
[  511.841537][T27435]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.841559][T27435]  ? clear_bhb_loop+0x60/0xb0
[  511.841584][T27435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.841605][T27435] RIP: 0033:0x7fb25cb8ebe9
[  511.841625][T27435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.841645][T27435] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  511.841669][T27435] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  511.841685][T27435] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  511.841699][T27435] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  511.841713][T27435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.841726][T27435] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  511.841752][T27435]  </TASK>
[  512.075880][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058c71800: abort rx timeout. Force session deactivation
[  512.158377][T27437] openvswitch: netlink: Flow key attr not present in new flow.
[  512.225998][T27441] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7801'.
[  512.236136][T27441] netlink: 'syz.3.7801': attribute type 1 has an invalid length.
[  512.316024][T27447] netlink: 'syz.0.7804': attribute type 4 has an invalid length.
[  512.376973][T27454] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  512.384982][T27454] syzkaller0: entered promiscuous mode
[  512.393597][T27454] syzkaller0: entered allmulticast mode
[  512.415814][T27454] tipc: Resetting bearer <eth:syzkaller0>
[  512.426759][T27453] tipc: Resetting bearer <eth:syzkaller0>
[  512.455005][T27453] tipc: Disabling bearer <eth:syzkaller0>
[  512.536779][T27458] FAULT_INJECTION: forcing a failure.
[  512.536779][T27458] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  512.550323][T27458] CPU: 1 UID: 0 PID: 27458 Comm: syz.2.7809 Not tainted syzkaller #0 PREEMPT(full) 
[  512.550355][T27458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  512.550370][T27458] Call Trace:
[  512.550380][T27458]  <TASK>
[  512.550389][T27458]  dump_stack_lvl+0x189/0x250
[  512.550424][T27458]  ? __pfx____ratelimit+0x10/0x10
[  512.550457][T27458]  ? __pfx_dump_stack_lvl+0x10/0x10
[  512.550483][T27458]  ? __pfx__printk+0x10/0x10
[  512.550518][T27458]  ? rcu_is_watching+0x15/0xb0
[  512.550541][T27458]  should_fail_ex+0x414/0x560
[  512.550573][T27458]  _copy_to_user+0x31/0xb0
[  512.550600][T27458]  simple_read_from_buffer+0xe1/0x170
[  512.550634][T27458]  proc_fail_nth_read+0x1b3/0x220
[  512.550672][T27458]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  512.550698][T27458]  ? rw_verify_area+0x2a6/0x4d0
[  512.550726][T27458]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  512.550751][T27458]  vfs_read+0x1fd/0xa30
[  512.550776][T27458]  ? fdget_pos+0x247/0x320
[  512.550797][T27458]  ? __pfx___mutex_lock+0x10/0x10
[  512.550840][T27458]  ? __pfx_vfs_read+0x10/0x10
[  512.550871][T27458]  ? __fget_files+0x3a0/0x420
[  512.550890][T27458]  ? __fget_files+0x2a/0x420
[  512.550912][T27458]  ksys_read+0x145/0x250
[  512.550941][T27458]  ? __pfx_ksys_read+0x10/0x10
[  512.550967][T27458]  ? rcu_is_watching+0x15/0xb0
[  512.550990][T27458]  ? rcu_is_watching+0x15/0xb0
[  512.551011][T27458]  do_syscall_64+0xfa/0x3b0
[  512.551032][T27458]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.551054][T27458]  ? clear_bhb_loop+0x60/0xb0
[  512.551078][T27458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.551100][T27458] RIP: 0033:0x7fb25cb8d5fc
[  512.551119][T27458] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  512.551138][T27458] RSP: 002b:00007fb25dae2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  512.551162][T27458] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8d5fc
[  512.551178][T27458] RDX: 000000000000000f RSI: 00007fb25dae20a0 RDI: 0000000000000005
[  512.551193][T27458] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000014
[  512.551207][T27458] R10: 0000000004000084 R11: 0000000000000246 R12: 0000000000000001
[  512.551221][T27458] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  512.551246][T27458]  </TASK>
[  512.927868][T27475] IPVS: stopping backup sync thread 27476 ...
[  512.928001][T27476] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  513.096570][T27483] netlink: 'syz.2.7817': attribute type 1 has an invalid length.
[  513.234827][T27494] FAULT_INJECTION: forcing a failure.
[  513.234827][T27494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.247591][T27493] mac80211_hwsim hwsim54 wlan1: left allmulticast mode
[  513.253592][T27494] CPU: 0 UID: 0 PID: 27494 Comm: syz.1.7820 Not tainted syzkaller #0 PREEMPT(full) 
[  513.253632][T27494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  513.253651][T27494] Call Trace:
[  513.253660][T27494]  <TASK>
[  513.253671][T27494]  dump_stack_lvl+0x189/0x250
[  513.253708][T27494]  ? __pfx____ratelimit+0x10/0x10
[  513.253747][T27494]  ? __pfx_dump_stack_lvl+0x10/0x10
[  513.253910][T27494]  ? __pfx__printk+0x10/0x10
[  513.253943][T27494]  ? __might_fault+0xb0/0x130
[  513.253984][T27494]  ? rcu_is_watching+0x15/0xb0
[  513.254012][T27494]  should_fail_ex+0x414/0x560
[  513.254042][T27494]  _copy_from_iter+0x1db/0x16f0
[  513.254065][T27494]  ? rcu_is_watching+0x15/0xb0
[  513.254090][T27494]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  513.254128][T27494]  ? __pfx__copy_from_iter+0x10/0x10
[  513.254151][T27494]  ? __build_skb_around+0x257/0x3e0
[  513.254195][T27494]  ? netlink_sendmsg+0x642/0xb30
[  513.254216][T27494]  ? skb_put+0x11b/0x210
[  513.254242][T27494]  netlink_sendmsg+0x6b2/0xb30
[  513.254271][T27494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  513.254305][T27494]  ? aa_sock_msg_perm+0xf1/0x1d0
[  513.254331][T27494]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  513.254359][T27494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  513.254381][T27494]  __sock_sendmsg+0x219/0x270
[  513.254416][T27494]  ____sys_sendmsg+0x505/0x830
[  513.254448][T27494]  ? __pfx_____sys_sendmsg+0x10/0x10
[  513.254479][T27494]  ? import_iovec+0x74/0xa0
[  513.254509][T27494]  ___sys_sendmsg+0x21f/0x2a0
[  513.254536][T27494]  ? __pfx____sys_sendmsg+0x10/0x10
[  513.254587][T27494]  ? __fget_files+0x2a/0x420
[  513.254608][T27494]  ? __fget_files+0x3a0/0x420
[  513.254636][T27494]  __x64_sys_sendmsg+0x19b/0x260
[  513.254674][T27494]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  513.254707][T27494]  ? __pfx_ksys_write+0x10/0x10
[  513.254743][T27494]  ? rcu_is_watching+0x15/0xb0
[  513.254775][T27494]  do_syscall_64+0xfa/0x3b0
[  513.254799][T27494]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.254824][T27494]  ? clear_bhb_loop+0x60/0xb0
[  513.254852][T27494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.254875][T27494] RIP: 0033:0x7fcfc738ebe9
[  513.254893][T27494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.254910][T27494] RSP: 002b:00007fcfc8215038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  513.254934][T27494] RAX: ffffffffffffffda RBX: 00007fcfc75b6090 RCX: 00007fcfc738ebe9
[  513.254950][T27494] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  513.254965][T27494] RBP: 00007fcfc8215090 R08: 0000000000000000 R09: 0000000000000000
[  513.254981][T27494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  513.254995][T27494] R13: 00007fcfc75b6128 R14: 00007fcfc75b6090 R15: 00007ffcb112bbc8
[  513.255024][T27494]  </TASK>
[  513.421167][T27503] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7824'.
[  513.607690][T27511] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7825'.
[  513.660986][T27517] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7830'.
[  514.268747][T27536] syzkaller0: entered promiscuous mode
[  514.274275][T27536] syzkaller0: entered allmulticast mode
[  514.293290][T27536] macsec1: entered promiscuous mode
[  514.336217][ T5865] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  514.369861][ T5865] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  514.378949][ T5865] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  514.386708][ T5865] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  514.400275][ T5865] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  514.632222][T27545] chnl_net:caif_netlink_parms(): no params data found
[  514.806562][T27559] gtp2: entered promiscuous mode
[  514.814940][T27559] gtp2: entered allmulticast mode
[  514.918463][ T5863] Bluetooth: hci2: command 0x0419 tx timeout
[  514.939690][T27545] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.947090][T27545] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.958248][T27545] bridge_slave_0: entered allmulticast mode
[  514.968210][T27545] bridge_slave_0: entered promiscuous mode
[  515.059450][T27545] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.066753][T27545] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.086410][T27545] bridge_slave_1: entered allmulticast mode
[  515.103155][T27545] bridge_slave_1: entered promiscuous mode
[  515.123622][T27585] __nla_validate_parse: 4 callbacks suppressed
[  515.123647][T27585] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7853'.
[  515.146885][T27585] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7853'.
[  515.221456][T27545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  515.251548][T27545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  515.270157][T27590] FAULT_INJECTION: forcing a failure.
[  515.270157][T27590] name failslab, interval 1, probability 0, space 0, times 0
[  515.285519][T27583] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7851'.
[  515.327339][T27590] CPU: 1 UID: 0 PID: 27590 Comm: syz.0.7856 Not tainted syzkaller #0 PREEMPT(full) 
[  515.327372][T27590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  515.327386][T27590] Call Trace:
[  515.327395][T27590]  <TASK>
[  515.327404][T27590]  dump_stack_lvl+0x189/0x250
[  515.327437][T27590]  ? __pfx____ratelimit+0x10/0x10
[  515.327478][T27590]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.327504][T27590]  ? __pfx__printk+0x10/0x10
[  515.327539][T27590]  should_fail_ex+0x414/0x560
[  515.327572][T27590]  should_failslab+0xa8/0x100
[  515.327605][T27590]  kmem_cache_alloc_noprof+0x73/0x3c0
[  515.327635][T27590]  ? skb_clone+0x212/0x3a0
[  515.327664][T27590]  skb_clone+0x212/0x3a0
[  515.327690][T27590]  __netlink_deliver_tap+0x404/0x850
[  515.327730][T27590]  ? netlink_deliver_tap+0x2e/0x1b0
[  515.327760][T27590]  netlink_deliver_tap+0x19c/0x1b0
[  515.327789][T27590]  netlink_unicast+0x7fa/0x9e0
[  515.327818][T27590]  ? __pfx_netlink_unicast+0x10/0x10
[  515.327847][T27590]  ? netlink_sendmsg+0x642/0xb30
[  515.327865][T27590]  ? skb_put+0x11b/0x210
[  515.327887][T27590]  netlink_sendmsg+0x805/0xb30
[  515.327911][T27590]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.327932][T27590]  ? aa_sock_msg_perm+0xf1/0x1d0
[  515.327952][T27590]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  515.327974][T27590]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.327993][T27590]  __sock_sendmsg+0x219/0x270
[  515.328023][T27590]  ____sys_sendmsg+0x505/0x830
[  515.328048][T27590]  ? __pfx_____sys_sendmsg+0x10/0x10
[  515.328077][T27590]  ? import_iovec+0x74/0xa0
[  515.328103][T27590]  ___sys_sendmsg+0x21f/0x2a0
[  515.328128][T27590]  ? __pfx____sys_sendmsg+0x10/0x10
[  515.328167][T27590]  ? __fget_files+0x2a/0x420
[  515.328186][T27590]  ? __fget_files+0x3a0/0x420
[  515.328208][T27590]  __x64_sys_sendmsg+0x19b/0x260
[  515.328232][T27590]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  515.328259][T27590]  ? __pfx_ksys_write+0x10/0x10
[  515.328287][T27590]  ? rcu_is_watching+0x15/0xb0
[  515.328312][T27590]  ? rcu_is_watching+0x15/0xb0
[  515.328333][T27590]  do_syscall_64+0xfa/0x3b0
[  515.328354][T27590]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.328380][T27590]  ? clear_bhb_loop+0x60/0xb0
[  515.328403][T27590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.328424][T27590] RIP: 0033:0x7f49a078ebe9
[  515.328429][T27592] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7855'.
[  515.328444][T27590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.328463][T27590] RSP: 002b:00007f49a1517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  515.328493][T27590] RAX: ffffffffffffffda RBX: 00007f49a09b5fa0 RCX: 00007f49a078ebe9
[  515.328510][T27590] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  515.328524][T27590] RBP: 00007f49a1517090 R08: 0000000000000000 R09: 0000000000000000
[  515.328539][T27590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.328553][T27590] R13: 00007f49a09b6038 R14: 00007f49a09b5fa0 R15: 00007fffca921028
[  515.328584][T27590]  </TASK>
[  515.676337][T27603] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7858'.
[  515.698986][T27545] team0: Port device team_slave_0 added
[  515.730954][T27604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7858'.
[  515.734849][T27545] team0: Port device team_slave_1 added
[  515.849816][T27611] FAULT_INJECTION: forcing a failure.
[  515.849816][T27611] name failslab, interval 1, probability 0, space 0, times 0
[  515.849818][T27599] netlink: 1 bytes leftover after parsing attributes in process `syz.2.7858'.
[  515.849854][T27611] CPU: 0 UID: 0 PID: 27611 Comm: syz.4.7862 Not tainted syzkaller #0 PREEMPT(full) 
[  515.849879][T27611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  515.849892][T27611] Call Trace:
[  515.849900][T27611]  <TASK>
[  515.849912][T27611]  dump_stack_lvl+0x189/0x250
[  515.849948][T27611]  ? __pfx____ratelimit+0x10/0x10
[  515.849989][T27611]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.850020][T27611]  ? __pfx__printk+0x10/0x10
[  515.850055][T27611]  ? fs_reclaim_acquire+0x7d/0x100
[  515.850093][T27611]  ? rcu_is_watching+0x15/0xb0
[  515.850119][T27611]  ? __pfx___might_resched+0x10/0x10
[  515.850141][T27611]  ? lock_acquire+0x5f/0x360
[  515.850180][T27611]  should_fail_ex+0x414/0x560
[  515.850216][T27611]  should_failslab+0xa8/0x100
[  515.850254][T27611]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  515.850290][T27611]  ? __alloc_skb+0x112/0x2d0
[  515.850313][T27611]  ? rcu_is_watching+0x15/0xb0
[  515.850337][T27611]  __alloc_skb+0x112/0x2d0
[  515.850363][T27611]  netlink_sendmsg+0x5c6/0xb30
[  515.850392][T27611]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.850416][T27611]  ? aa_sock_msg_perm+0xf1/0x1d0
[  515.850441][T27611]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  515.850470][T27611]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.850492][T27611]  __sock_sendmsg+0x219/0x270
[  515.850527][T27611]  ____sys_sendmsg+0x505/0x830
[  515.850556][T27611]  ? __pfx_____sys_sendmsg+0x10/0x10
[  515.850588][T27611]  ? import_iovec+0x74/0xa0
[  515.850618][T27611]  ___sys_sendmsg+0x21f/0x2a0
[  515.850646][T27611]  ? __pfx____sys_sendmsg+0x10/0x10
[  515.850709][T27611]  ? __fget_files+0x2a/0x420
[  515.850729][T27611]  ? __fget_files+0x3a0/0x420
[  515.850757][T27611]  __x64_sys_sendmsg+0x19b/0x260
[  515.850786][T27611]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  515.850818][T27611]  ? __pfx_ksys_write+0x10/0x10
[  515.850852][T27611]  ? rcu_is_watching+0x15/0xb0
[  515.850879][T27611]  ? rcu_is_watching+0x15/0xb0
[  515.850906][T27611]  do_syscall_64+0xfa/0x3b0
[  515.850929][T27611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.850954][T27611]  ? clear_bhb_loop+0x60/0xb0
[  515.850982][T27611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.851007][T27611] RIP: 0033:0x7f92e3d8ebe9
[  515.851030][T27611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.851054][T27611] RSP: 002b:00007f92e4b77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  515.851086][T27611] RAX: ffffffffffffffda RBX: 00007f92e3fb5fa0 RCX: 00007f92e3d8ebe9
[  515.851106][T27611] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000003
[  515.851123][T27611] RBP: 00007f92e4b77090 R08: 0000000000000000 R09: 0000000000000000
[  515.851138][T27611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.851154][T27611] R13: 00007f92e3fb6038 R14: 00007f92e3fb5fa0 R15: 00007ffd14c461a8
[  515.851183][T27611]  </TASK>
[  516.225735][T27620] FAULT_INJECTION: forcing a failure.
[  516.225735][T27620] name failslab, interval 1, probability 0, space 0, times 0
[  516.275161][T27620] CPU: 1 UID: 0 PID: 27620 Comm: syz.4.7864 Not tainted syzkaller #0 PREEMPT(full) 
[  516.275196][T27620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  516.275210][T27620] Call Trace:
[  516.275219][T27620]  <TASK>
[  516.275229][T27620]  dump_stack_lvl+0x189/0x250
[  516.275263][T27620]  ? __pfx____ratelimit+0x10/0x10
[  516.275293][T27620]  ? __pfx_dump_stack_lvl+0x10/0x10
[  516.275321][T27620]  ? __pfx__printk+0x10/0x10
[  516.275355][T27620]  should_fail_ex+0x414/0x560
[  516.275387][T27620]  should_failslab+0xa8/0x100
[  516.275436][T27620]  kmem_cache_alloc_noprof+0x73/0x3c0
[  516.275465][T27620]  ? skb_clone+0x212/0x3a0
[  516.275493][T27620]  skb_clone+0x212/0x3a0
[  516.275519][T27620]  __netlink_deliver_tap+0x404/0x850
[  516.275559][T27620]  ? netlink_deliver_tap+0x2e/0x1b0
[  516.275592][T27620]  netlink_deliver_tap+0x19c/0x1b0
[  516.275626][T27620]  netlink_unicast+0x7fa/0x9e0
[  516.275659][T27620]  ? __pfx_netlink_unicast+0x10/0x10
[  516.275688][T27620]  ? netlink_sendmsg+0x642/0xb30
[  516.275705][T27620]  ? skb_put+0x11b/0x210
[  516.275726][T27620]  netlink_sendmsg+0x805/0xb30
[  516.275748][T27620]  ? __pfx_netlink_sendmsg+0x10/0x10
[  516.275770][T27620]  ? aa_sock_msg_perm+0xf1/0x1d0
[  516.275791][T27620]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  516.275816][T27620]  ? __pfx_netlink_sendmsg+0x10/0x10
[  516.275836][T27620]  __sock_sendmsg+0x219/0x270
[  516.275867][T27620]  ____sys_sendmsg+0x505/0x830
[  516.275892][T27620]  ? __pfx_____sys_sendmsg+0x10/0x10
[  516.275920][T27620]  ? import_iovec+0x74/0xa0
[  516.275947][T27620]  ___sys_sendmsg+0x21f/0x2a0
[  516.275971][T27620]  ? __pfx____sys_sendmsg+0x10/0x10
[  516.276014][T27620]  ? __fget_files+0x2a/0x420
[  516.276032][T27620]  ? __fget_files+0x3a0/0x420
[  516.276056][T27620]  __x64_sys_sendmsg+0x19b/0x260
[  516.276080][T27620]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  516.276109][T27620]  ? __pfx_ksys_write+0x10/0x10
[  516.276137][T27620]  ? rcu_is_watching+0x15/0xb0
[  516.276162][T27620]  ? rcu_is_watching+0x15/0xb0
[  516.276185][T27620]  do_syscall_64+0xfa/0x3b0
[  516.276206][T27620]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.276228][T27620]  ? clear_bhb_loop+0x60/0xb0
[  516.276252][T27620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.276274][T27620] RIP: 0033:0x7f92e3d8ebe9
[  516.276295][T27620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.276315][T27620] RSP: 002b:00007f92e4b77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  516.276340][T27620] RAX: ffffffffffffffda RBX: 00007f92e3fb5fa0 RCX: 00007f92e3d8ebe9
[  516.276363][T27620] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  516.276377][T27620] RBP: 00007f92e4b77090 R08: 0000000000000000 R09: 0000000000000000
[  516.276392][T27620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  516.276412][T27620] R13: 00007f92e3fb6038 R14: 00007f92e3fb5fa0 R15: 00007ffd14c461a8
[  516.276439][T27620]  </TASK>
[  516.624985][ T5871] Bluetooth: hci4: command tx timeout
[  516.826996][T27545] batman_adv: batadv0: Adding interface: batadv_slave_0
[  516.883235][T27545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  516.994853][T27545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  517.010056][T27545] batman_adv: batadv0: Adding interface: batadv_slave_1
[  517.017066][T27545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  517.078076][T27545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  517.145296][T27649] FAULT_INJECTION: forcing a failure.
[  517.145296][T27649] name failslab, interval 1, probability 0, space 0, times 0
[  517.163491][T27649] CPU: 0 UID: 0 PID: 27649 Comm: syz.1.7869 Not tainted syzkaller #0 PREEMPT(full) 
[  517.163526][T27649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  517.163541][T27649] Call Trace:
[  517.163550][T27649]  <TASK>
[  517.163560][T27649]  dump_stack_lvl+0x189/0x250
[  517.163596][T27649]  ? __pfx____ratelimit+0x10/0x10
[  517.163629][T27649]  ? __pfx_dump_stack_lvl+0x10/0x10
[  517.163669][T27649]  ? __pfx__printk+0x10/0x10
[  517.163707][T27649]  should_fail_ex+0x414/0x560
[  517.163739][T27649]  should_failslab+0xa8/0x100
[  517.163772][T27649]  kmem_cache_alloc_noprof+0x73/0x3c0
[  517.163801][T27649]  ? skb_clone+0x212/0x3a0
[  517.163829][T27649]  skb_clone+0x212/0x3a0
[  517.163854][T27649]  __netlink_deliver_tap+0x404/0x850
[  517.163895][T27649]  ? netlink_deliver_tap+0x2e/0x1b0
[  517.163929][T27649]  netlink_deliver_tap+0x19c/0x1b0
[  517.163962][T27649]  netlink_unicast+0x7fa/0x9e0
[  517.163995][T27649]  ? __pfx_netlink_unicast+0x10/0x10
[  517.164024][T27649]  ? netlink_sendmsg+0x642/0xb30
[  517.164042][T27649]  ? skb_put+0x11b/0x210
[  517.164063][T27649]  netlink_sendmsg+0x805/0xb30
[  517.164087][T27649]  ? __pfx_netlink_sendmsg+0x10/0x10
[  517.164109][T27649]  ? aa_sock_msg_perm+0xf1/0x1d0
[  517.164130][T27649]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  517.164155][T27649]  ? __pfx_netlink_sendmsg+0x10/0x10
[  517.164175][T27649]  __sock_sendmsg+0x219/0x270
[  517.164206][T27649]  ____sys_sendmsg+0x505/0x830
[  517.164232][T27649]  ? __pfx_____sys_sendmsg+0x10/0x10
[  517.164260][T27649]  ? import_iovec+0x74/0xa0
[  517.164287][T27649]  ___sys_sendmsg+0x21f/0x2a0
[  517.164310][T27649]  ? __pfx____sys_sendmsg+0x10/0x10
[  517.164353][T27649]  ? __fget_files+0x2a/0x420
[  517.164371][T27649]  ? __fget_files+0x3a0/0x420
[  517.164396][T27649]  __x64_sys_sendmsg+0x19b/0x260
[  517.164421][T27649]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  517.164450][T27649]  ? __pfx_ksys_write+0x10/0x10
[  517.164482][T27649]  ? rcu_is_watching+0x15/0xb0
[  517.164507][T27649]  ? rcu_is_watching+0x15/0xb0
[  517.164530][T27649]  do_syscall_64+0xfa/0x3b0
[  517.164550][T27649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.164571][T27649]  ? clear_bhb_loop+0x60/0xb0
[  517.164595][T27649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.164616][T27649] RIP: 0033:0x7fcfc738ebe9
[  517.164636][T27649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.164663][T27649] RSP: 002b:00007fcfc8236038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  517.164687][T27649] RAX: ffffffffffffffda RBX: 00007fcfc75b5fa0 RCX: 00007fcfc738ebe9
[  517.164703][T27649] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000004
[  517.164718][T27649] RBP: 00007fcfc8236090 R08: 0000000000000000 R09: 0000000000000000
[  517.164732][T27649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  517.164746][T27649] R13: 00007fcfc75b6038 R14: 00007fcfc75b5fa0 R15: 00007ffcb112bbc8
[  517.164772][T27649]  </TASK>
[  517.165000][T27649] openvswitch: netlink: Key type 251 is out of range max 32
[  517.604254][T27545] hsr_slave_0: entered promiscuous mode
[  517.616104][T27545] hsr_slave_1: entered promiscuous mode
[  517.629084][T27545] debugfs: 'hsr0' already exists in 'hsr'
[  517.635826][T27545] Cannot create hsr debugfs directory
[  517.708918][T27654] netlink: 'syz.1.7870': attribute type 11 has an invalid length.
[  517.717384][T27654] netlink: 52 bytes leftover after parsing attributes in process `syz.1.7870'.
[  517.759613][T27660] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7873'.
[  517.781680][T27660] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  517.981748][T27675] FAULT_INJECTION: forcing a failure.
[  517.981748][T27675] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  517.984433][T27672] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7876'.
[  518.005211][T27675] CPU: 1 UID: 0 PID: 27675 Comm: syz.2.7876 Not tainted syzkaller #0 PREEMPT(full) 
[  518.005246][T27675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  518.005261][T27675] Call Trace:
[  518.005271][T27675]  <TASK>
[  518.005281][T27675]  dump_stack_lvl+0x189/0x250
[  518.005316][T27675]  ? __pfx____ratelimit+0x10/0x10
[  518.005359][T27675]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.005385][T27675]  ? __pfx__printk+0x10/0x10
[  518.005417][T27675]  ? __might_fault+0xb0/0x130
[  518.005452][T27675]  ? rcu_is_watching+0x15/0xb0
[  518.005477][T27675]  should_fail_ex+0x414/0x560
[  518.005509][T27675]  _copy_from_iter+0x1db/0x16f0
[  518.005533][T27675]  ? rcu_is_watching+0x15/0xb0
[  518.005554][T27675]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  518.005586][T27675]  ? __pfx__copy_from_iter+0x10/0x10
[  518.005608][T27675]  ? __build_skb_around+0x257/0x3e0
[  518.005645][T27675]  ? netlink_sendmsg+0x642/0xb30
[  518.005663][T27675]  ? skb_put+0x11b/0x210
[  518.005685][T27675]  netlink_sendmsg+0x6b2/0xb30
[  518.005709][T27675]  ? __pfx_netlink_sendmsg+0x10/0x10
[  518.005730][T27675]  ? is_bpf_text_address+0x26/0x2b0
[  518.005761][T27675]  ? rcu_is_watching+0x15/0xb0
[  518.005781][T27675]  ? aa_sock_msg_perm+0xf1/0x1d0
[  518.005802][T27675]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  518.005827][T27675]  ? __pfx_netlink_sendmsg+0x10/0x10
[  518.005847][T27675]  __sock_sendmsg+0x219/0x270
[  518.005877][T27675]  ____sys_sendmsg+0x52d/0x830
[  518.005903][T27675]  ? __pfx_____sys_sendmsg+0x10/0x10
[  518.005930][T27675]  ? import_iovec+0x74/0xa0
[  518.005957][T27675]  ___sys_sendmsg+0x21f/0x2a0
[  518.005981][T27675]  ? __pfx____sys_sendmsg+0x10/0x10
[  518.006006][T27675]  ? kstrtouint+0x6e/0xe0
[  518.006052][T27675]  ? __fget_files+0x2a/0x420
[  518.006070][T27675]  ? __fget_files+0x3a0/0x420
[  518.006095][T27675]  __sys_sendmmsg+0x227/0x430
[  518.006120][T27675]  ? __pfx___sys_sendmmsg+0x10/0x10
[  518.006141][T27675]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  518.006192][T27675]  ? ksys_write+0x22a/0x250
[  518.006222][T27675]  ? __pfx_ksys_write+0x10/0x10
[  518.006254][T27675]  __x64_sys_sendmmsg+0xa0/0xc0
[  518.006278][T27675]  do_syscall_64+0xfa/0x3b0
[  518.006298][T27675]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.006319][T27675]  ? clear_bhb_loop+0x60/0xb0
[  518.006351][T27675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.006372][T27675] RIP: 0033:0x7fb25cb8ebe9
[  518.006391][T27675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.006411][T27675] RSP: 002b:00007fb25dac1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  518.006436][T27675] RAX: ffffffffffffffda RBX: 00007fb25cdb6090 RCX: 00007fb25cb8ebe9
[  518.006453][T27675] RDX: 0492492492492627 RSI: 00002000000000c0 RDI: 0000000000000003
[  518.006469][T27675] RBP: 00007fb25dac1090 R08: 0000000000000000 R09: 0000000000000000
[  518.006483][T27675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.006496][T27675] R13: 00007fb25cdb6128 R14: 00007fb25cdb6090 R15: 00007ffcdb0d6aa8
[  518.006522][T27675]  </TASK>
[  518.371798][T27677] IPVS: stopping backup sync thread 27678 ...
[  518.423102][T27681] FAULT_INJECTION: forcing a failure.
[  518.423102][T27681] name failslab, interval 1, probability 0, space 0, times 0
[  518.439014][T27681] CPU: 1 UID: 0 PID: 27681 Comm: syz.2.7879 Not tainted syzkaller #0 PREEMPT(full) 
[  518.439047][T27681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  518.439061][T27681] Call Trace:
[  518.439070][T27681]  <TASK>
[  518.439079][T27681]  dump_stack_lvl+0x189/0x250
[  518.439113][T27681]  ? __pfx____ratelimit+0x10/0x10
[  518.439147][T27681]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.439173][T27681]  ? __pfx__printk+0x10/0x10
[  518.439218][T27681]  ? fs_reclaim_acquire+0x7d/0x100
[  518.439252][T27681]  ? rcu_is_watching+0x15/0xb0
[  518.439279][T27681]  ? __pfx___might_resched+0x10/0x10
[  518.439300][T27681]  ? lock_acquire+0x5f/0x360
[  518.439333][T27681]  should_fail_ex+0x414/0x560
[  518.439366][T27681]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  518.439405][T27681]  should_failslab+0xa8/0x100
[  518.439443][T27681]  __kvmalloc_node_noprof+0x161/0x5f0
[  518.439482][T27681]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  518.439518][T27681]  bpf_test_run_xdp_live+0x1b5/0x1b10
[  518.439554][T27681]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  518.439599][T27681]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  518.439639][T27681]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  518.439671][T27681]  ? 0xffffffffa02057c0
[  518.439690][T27681]  ? 0xffffffffa02057c0
[  518.439734][T27681]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  518.439759][T27681]  ? _copy_from_user+0x94/0xb0
[  518.439786][T27681]  ? bpf_test_init+0x133/0x170
[  518.439815][T27681]  ? xdp_convert_md_to_buff+0x5b/0x330
[  518.439849][T27681]  bpf_prog_test_run_xdp+0x713/0x1000
[  518.439887][T27681]  ? rcu_is_watching+0x15/0xb0
[  518.439911][T27681]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  518.439946][T27681]  ? __fget_files+0x2a/0x420
[  518.439968][T27681]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  518.440001][T27681]  bpf_prog_test_run+0x2c7/0x340
[  518.440034][T27681]  __sys_bpf+0x581/0x870
[  518.440062][T27681]  ? __pfx___sys_bpf+0x10/0x10
[  518.440097][T27681]  ? ksys_write+0x22a/0x250
[  518.440127][T27681]  ? __pfx_ksys_write+0x10/0x10
[  518.440153][T27681]  ? rcu_is_watching+0x15/0xb0
[  518.440178][T27681]  __x64_sys_bpf+0x7c/0x90
[  518.440203][T27681]  do_syscall_64+0xfa/0x3b0
[  518.440223][T27681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.440245][T27681]  ? clear_bhb_loop+0x60/0xb0
[  518.440270][T27681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.440291][T27681] RIP: 0033:0x7fb25cb8ebe9
[  518.440308][T27681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.440350][T27681] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  518.440373][T27681] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  518.440390][T27681] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  518.440403][T27681] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  518.440417][T27681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.440429][T27681] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  518.440454][T27681]  </TASK>
[  518.441768][T27545] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.679908][ T5871] Bluetooth: hci4: command tx timeout
[  518.815234][T27545] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.905594][T27699] FAULT_INJECTION: forcing a failure.
[  518.905594][T27699] name failslab, interval 1, probability 0, space 0, times 0
[  518.924214][T27545] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.924783][T27699] CPU: 1 UID: 0 PID: 27699 Comm: syz.1.7885 Not tainted syzkaller #0 PREEMPT(full) 
[  518.924815][T27699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  518.924832][T27699] Call Trace:
[  518.924842][T27699]  <TASK>
[  518.924852][T27699]  dump_stack_lvl+0x189/0x250
[  518.924889][T27699]  ? __pfx____ratelimit+0x10/0x10
[  518.924925][T27699]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.924953][T27699]  ? __pfx__printk+0x10/0x10
[  518.924989][T27699]  ? fs_reclaim_acquire+0x7d/0x100
[  518.925026][T27699]  ? __pfx___might_resched+0x10/0x10
[  518.925049][T27699]  ? lock_acquire+0x5f/0x360
[  518.925087][T27699]  should_fail_ex+0x414/0x560
[  518.925121][T27699]  should_failslab+0xa8/0x100
[  518.925157][T27699]  __kmalloc_noprof+0xcb/0x4f0
[  518.925189][T27699]  ? security_sk_alloc+0x52/0x390
[  518.925222][T27699]  security_sk_alloc+0x52/0x390
[  518.925251][T27699]  sk_prot_alloc+0x101/0x220
[  518.925286][T27699]  ? sk_alloc+0x24/0x370
[  518.925311][T27699]  sk_alloc+0x3a/0x370
[  518.925338][T27699]  __netlink_create+0x65/0x260
[  518.925375][T27699]  ? __pfx_genl_release+0x10/0x10
[  518.925402][T27699]  netlink_create+0x3ca/0x590
[  518.925426][T27699]  ? __pfx_genl_unbind+0x10/0x10
[  518.925452][T27699]  ? __pfx_genl_bind+0x10/0x10
[  518.925480][T27699]  __sock_create+0x4b0/0x9f0
[  518.925520][T27699]  __sys_socket+0xd7/0x1b0
[  518.925551][T27699]  __x64_sys_socket+0x7a/0x90
[  518.925590][T27699]  do_syscall_64+0xfa/0x3b0
[  518.925615][T27699]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.925639][T27699]  ? clear_bhb_loop+0x60/0xb0
[  518.925667][T27699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.925692][T27699] RIP: 0033:0x7fcfc7390b07
[  518.925713][T27699] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.925735][T27699] RSP: 002b:00007fcfc8234fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  518.925762][T27699] RAX: ffffffffffffffda RBX: 00007fcfc75b5fa0 RCX: 00007fcfc7390b07
[  518.925783][T27699] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  518.925799][T27699] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  518.925815][T27699] R10: 00002000000000c0 R11: 0000000000000286 R12: 0000000000000001
[  518.925830][T27699] R13: 00007fcfc75b6038 R14: 00007fcfc75b5fa0 R15: 00007ffcb112bbc8
[  518.925860][T27699]  </TASK>
[  519.384479][T27545] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.410105][T27707] bond4 (unregistering): Released all slaves
[  519.545666][T27545] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  519.567810][T27545] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  519.598917][T27545] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  519.635919][T27545] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  519.789817][T27545] 8021q: adding VLAN 0 to HW filter on device bond0
[  519.809084][T27751] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  519.816136][T27545] 8021q: adding VLAN 0 to HW filter on device team0
[  519.845257][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.852616][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  519.872778][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.879945][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  519.945995][T27760] netlink: ct family unspecified
[  519.952270][T27760] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  520.013756][T27764] FAULT_INJECTION: forcing a failure.
[  520.013756][T27764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  520.033134][T27764] CPU: 1 UID: 0 PID: 27764 Comm: syz.4.7910 Not tainted syzkaller #0 PREEMPT(full) 
[  520.033166][T27764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  520.033195][T27764] Call Trace:
[  520.033203][T27764]  <TASK>
[  520.033213][T27764]  dump_stack_lvl+0x189/0x250
[  520.033244][T27764]  ? __pfx____ratelimit+0x10/0x10
[  520.033276][T27764]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.033301][T27764]  ? __pfx__printk+0x10/0x10
[  520.033329][T27764]  ? __might_fault+0xb0/0x130
[  520.033364][T27764]  ? rcu_is_watching+0x15/0xb0
[  520.033387][T27764]  should_fail_ex+0x414/0x560
[  520.033418][T27764]  _copy_from_iter+0x1db/0x16f0
[  520.033445][T27764]  ? snprintf+0xda/0x120
[  520.033470][T27764]  ? __pfx__copy_from_iter+0x10/0x10
[  520.033493][T27764]  ? rcu_is_watching+0x15/0xb0
[  520.033512][T27764]  ? aa_label_sk_perm+0x4cd/0x630
[  520.033548][T27764]  ping_v4_sendmsg+0x222/0x1750
[  520.033579][T27764]  ? tomoyo_check_inet_address+0x667/0x8c0
[  520.033605][T27764]  ? ip4_datagram_release_cb+0x82/0xbb0
[  520.033630][T27764]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[  520.033664][T27764]  ? ip4_datagram_release_cb+0x82/0xbb0
[  520.033690][T27764]  ? rcu_is_watching+0x15/0xb0
[  520.033710][T27764]  ? inet_sendmsg+0x14f/0x370
[  520.033738][T27764]  ? __local_bh_enable_ip+0x12d/0x1c0
[  520.033765][T27764]  ? inet_sendmsg+0x14f/0x370
[  520.033792][T27764]  ? inet_sendmsg+0x2f4/0x370
[  520.033820][T27764]  __sock_sendmsg+0x19c/0x270
[  520.033850][T27764]  ____sys_sendmsg+0x505/0x830
[  520.033876][T27764]  ? __pfx_____sys_sendmsg+0x10/0x10
[  520.033897][T27764]  ? __might_fault+0xb0/0x130
[  520.033931][T27764]  ? import_iovec+0x74/0xa0
[  520.033957][T27764]  ___sys_sendmsg+0x21f/0x2a0
[  520.033981][T27764]  ? __pfx____sys_sendmsg+0x10/0x10
[  520.034024][T27764]  ? __fget_files+0x2a/0x420
[  520.034043][T27764]  ? __fget_files+0x3a0/0x420
[  520.034067][T27764]  __x64_sys_sendmsg+0x19b/0x260
[  520.034092][T27764]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  520.034121][T27764]  ? __pfx_ksys_write+0x10/0x10
[  520.034148][T27764]  ? rcu_is_watching+0x15/0xb0
[  520.034180][T27764]  ? rcu_is_watching+0x15/0xb0
[  520.034204][T27764]  do_syscall_64+0xfa/0x3b0
[  520.034224][T27764]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.034246][T27764]  ? clear_bhb_loop+0x60/0xb0
[  520.034269][T27764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.034291][T27764] RIP: 0033:0x7f92e3d8ebe9
[  520.034310][T27764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.034330][T27764] RSP: 002b:00007f92e4b77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  520.034355][T27764] RAX: ffffffffffffffda RBX: 00007f92e3fb5fa0 RCX: 00007f92e3d8ebe9
[  520.034372][T27764] RDX: 0000000024000044 RSI: 0000200000000040 RDI: 0000000000000003
[  520.034387][T27764] RBP: 00007f92e4b77090 R08: 0000000000000000 R09: 0000000000000000
[  520.034401][T27764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.034414][T27764] R13: 00007f92e3fb6038 R14: 00007f92e3fb5fa0 R15: 00007ffd14c461a8
[  520.034440][T27764]  </TASK>
[  520.438527][T27771] netlink: 'syz.4.7912': attribute type 10 has an invalid length.
[  520.455799][T27545] 8021q: adding VLAN 0 to HW filter on device batadv0
[  520.506502][T27545] veth0_vlan: entered promiscuous mode
[  520.520103][T27545] veth1_vlan: entered promiscuous mode
[  520.546502][T27545] veth0_macvtap: entered promiscuous mode
[  520.557455][T27545] veth1_macvtap: entered promiscuous mode
[  520.589167][T27545] batman_adv: batadv0: Interface activated: batadv_slave_0
[  520.604144][T27545] batman_adv: batadv0: Interface activated: batadv_slave_1
[  520.622540][T27775] __nla_validate_parse: 3 callbacks suppressed
[  520.622566][T27775] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7914'.
[  520.674543][   T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  520.691010][T20543] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  520.731779][T20543] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  520.770913][T20543] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  520.837595][ T5871] Bluetooth: hci4: command tx timeout
[  520.934879][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  520.955705][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  521.007013][  T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  521.029028][  T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  521.168028][T27805] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7831'.
[  521.232870][T27808] mac80211_hwsim hwsim50 wlan1: left allmulticast mode
[  521.389514][T27811] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7926'.
[  521.604573][T27821] netlink: 27 bytes leftover after parsing attributes in process `syz.2.7931'.
[  521.656812][T27824] netlink: 'syz.1.7930': attribute type 4 has an invalid length.
[  521.688699][T27826] FAULT_INJECTION: forcing a failure.
[  521.688699][T27826] name failslab, interval 1, probability 0, space 0, times 0
[  521.739772][T27826] CPU: 1 UID: 0 PID: 27826 Comm: syz.3.7933 Not tainted syzkaller #0 PREEMPT(full) 
[  521.739806][T27826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  521.739820][T27826] Call Trace:
[  521.739830][T27826]  <TASK>
[  521.739840][T27826]  dump_stack_lvl+0x189/0x250
[  521.739872][T27826]  ? __pfx____ratelimit+0x10/0x10
[  521.739903][T27826]  ? __pfx_dump_stack_lvl+0x10/0x10
[  521.739926][T27826]  ? __pfx__printk+0x10/0x10
[  521.739970][T27826]  ? fs_reclaim_acquire+0x7d/0x100
[  521.740005][T27826]  ? __pfx___might_resched+0x10/0x10
[  521.740026][T27826]  ? lock_acquire+0x5f/0x360
[  521.740058][T27826]  should_fail_ex+0x414/0x560
[  521.740090][T27826]  ? alloc_netdev_mqs+0x8a0/0x11b0
[  521.740117][T27826]  should_failslab+0xa8/0x100
[  521.740151][T27826]  __kvmalloc_node_noprof+0x161/0x5f0
[  521.740182][T27826]  ? alloc_netdev_mqs+0x8a0/0x11b0
[  521.740212][T27826]  alloc_netdev_mqs+0x8a0/0x11b0
[  521.740241][T27826]  rtnl_create_link+0x31f/0xd10
[  521.740273][T27826]  rtnl_newlink_create+0x25c/0xb00
[  521.740303][T27826]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  521.740327][T27826]  ? __pfx___mutex_lock+0x10/0x10
[  521.740365][T27826]  ? ns_capable+0x8a/0xf0
[  521.740388][T27826]  rtnl_newlink+0x16d6/0x1c70
[  521.740421][T27826]  ? netlink_sendmsg+0x805/0xb30
[  521.740446][T27826]  ? __pfx_rtnl_newlink+0x10/0x10
[  521.740486][T27826]  ? rcu_is_watching+0x15/0xb0
[  521.740511][T27826]  ? nlmon_xmit+0xb0/0x100
[  521.740532][T27826]  ? kmem_cache_free+0x18f/0x400
[  521.740565][T27826]  ? rcu_is_watching+0x15/0xb0
[  521.740586][T27826]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.740612][T27826]  ? __local_bh_enable_ip+0x12d/0x1c0
[  521.740634][T27826]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  521.740654][T27826]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.740676][T27826]  ? lock_release+0x4b/0x3e0
[  521.740707][T27826]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.740729][T27826]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.740755][T27826]  ? __dev_queue_xmit+0x1d79/0x3b50
[  521.740787][T27826]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  521.740820][T27826]  ? lock_release+0x4b/0x3e0
[  521.740849][T27826]  ? bpf_lsm_capable+0x9/0x20
[  521.740879][T27826]  ? security_capable+0x7e/0x2e0
[  521.740913][T27826]  ? __pfx_rtnl_newlink+0x10/0x10
[  521.740953][T27826]  rtnetlink_rcv_msg+0x7cc/0xb70
[  521.740987][T27826]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  521.741017][T27826]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  521.741046][T27826]  ? ref_tracker_free+0x63a/0x7d0
[  521.741078][T27826]  ? __asan_memcpy+0x40/0x70
[  521.741102][T27826]  ? __pfx_ref_tracker_free+0x10/0x10
[  521.741138][T27826]  netlink_rcv_skb+0x208/0x470
[  521.741174][T27826]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  521.741207][T27826]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  521.741250][T27826]  netlink_unicast+0x82f/0x9e0
[  521.741283][T27826]  ? __pfx_netlink_unicast+0x10/0x10
[  521.741311][T27826]  ? netlink_sendmsg+0x642/0xb30
[  521.741328][T27826]  ? skb_put+0x11b/0x210
[  521.741349][T27826]  netlink_sendmsg+0x805/0xb30
[  521.741371][T27826]  ? __pfx_netlink_sendmsg+0x10/0x10
[  521.741392][T27826]  ? aa_sock_msg_perm+0xf1/0x1d0
[  521.741411][T27826]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  521.741434][T27826]  ? __pfx_netlink_sendmsg+0x10/0x10
[  521.741454][T27826]  __sock_sendmsg+0x219/0x270
[  521.741485][T27826]  ____sys_sendmsg+0x505/0x830
[  521.741510][T27826]  ? __pfx_____sys_sendmsg+0x10/0x10
[  521.741537][T27826]  ? import_iovec+0x74/0xa0
[  521.741564][T27826]  ___sys_sendmsg+0x21f/0x2a0
[  521.741587][T27826]  ? __pfx____sys_sendmsg+0x10/0x10
[  521.741630][T27826]  ? __fget_files+0x2a/0x420
[  521.741648][T27826]  ? __fget_files+0x3a0/0x420
[  521.741673][T27826]  __x64_sys_sendmsg+0x19b/0x260
[  521.741698][T27826]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  521.741726][T27826]  ? __pfx_ksys_write+0x10/0x10
[  521.741754][T27826]  ? rcu_is_watching+0x15/0xb0
[  521.741778][T27826]  ? rcu_is_watching+0x15/0xb0
[  521.741800][T27826]  do_syscall_64+0xfa/0x3b0
[  521.741822][T27826]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.741843][T27826]  ? clear_bhb_loop+0x60/0xb0
[  521.741867][T27826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.741888][T27826] RIP: 0033:0x7f9aeb98ebe9
[  521.741907][T27826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.741927][T27826] RSP: 002b:00007f9aec878038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  521.741966][T27826] RAX: ffffffffffffffda RBX: 00007f9aebbb5fa0 RCX: 00007f9aeb98ebe9
[  521.741982][T27826] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000010
[  521.741997][T27826] RBP: 00007f9aec878090 R08: 0000000000000000 R09: 0000000000000000
[  521.742012][T27826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  521.742025][T27826] R13: 00007f9aebbb6038 R14: 00007f9aebbb5fa0 R15: 00007ffdba526a48
[  521.742050][T27826]  </TASK>
[  521.743316][T27831] FAULT_INJECTION: forcing a failure.
[  521.743316][T27831] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  521.838850][T27829] FAULT_INJECTION: forcing a failure.
[  521.838850][T27829] name failslab, interval 1, probability 0, space 0, times 0
[  521.840104][T27831] CPU: 0 UID: 0 PID: 27831 Comm: syz.0.7934 Not tainted syzkaller #0 PREEMPT(full) 
[  521.840136][T27831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  521.840153][T27831] Call Trace:
[  521.840163][T27831]  <TASK>
[  521.840174][T27831]  dump_stack_lvl+0x189/0x250
[  521.840222][T27831]  ? __pfx____ratelimit+0x10/0x10
[  521.840263][T27831]  ? __pfx_dump_stack_lvl+0x10/0x10
[  521.840291][T27831]  ? __pfx__printk+0x10/0x10
[  521.840323][T27831]  ? __might_fault+0xb0/0x130
[  521.840364][T27831]  ? rcu_is_watching+0x15/0xb0
[  521.840391][T27831]  should_fail_ex+0x414/0x560
[  521.840428][T27831]  _copy_from_user+0x2d/0xb0
[  521.840458][T27831]  ___sys_sendmsg+0x158/0x2a0
[  521.840487][T27831]  ? __pfx____sys_sendmsg+0x10/0x10
[  521.840515][T27831]  ? kstrtouint+0x6e/0xe0
[  521.840567][T27831]  ? __fget_files+0x2a/0x420
[  521.840588][T27831]  ? __fget_files+0x3a0/0x420
[  521.840616][T27831]  __sys_sendmmsg+0x227/0x430
[  521.840645][T27831]  ? __pfx___sys_sendmmsg+0x10/0x10
[  521.840670][T27831]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  521.840725][T27831]  ? ksys_write+0x22a/0x250
[  521.840759][T27831]  ? __pfx_ksys_write+0x10/0x10
[  521.840789][T27831]  ? rcu_is_watching+0x15/0xb0
[  521.840817][T27831]  __x64_sys_sendmmsg+0xa0/0xc0
[  521.840845][T27831]  do_syscall_64+0xfa/0x3b0
[  521.840868][T27831]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.840892][T27831]  ? clear_bhb_loop+0x60/0xb0
[  521.840920][T27831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.840943][T27831] RIP: 0033:0x7f49a078ebe9
[  521.840967][T27831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.840989][T27831] RSP: 002b:00007f49a1517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  521.841017][T27831] RAX: ffffffffffffffda RBX: 00007f49a09b5fa0 RCX: 00007f49a078ebe9
[  521.841037][T27831] RDX: 0000000000000001 RSI: 0000200000000900 RDI: 0000000000000003
[  521.841054][T27831] RBP: 00007f49a1517090 R08: 0000000000000000 R09: 0000000000000000
[  521.841070][T27831] R10: 0000000024000004 R11: 0000000000000246 R12: 0000000000000001
[  521.841086][T27831] R13: 00007f49a09b6038 R14: 00007f49a09b5fa0 R15: 00007fffca921028
[  521.841114][T27831]  </TASK>
[  521.930243][ T5863] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  521.984208][T27829] CPU: 1 UID: 0 PID: 27829 Comm: syz.2.7935 Not tainted syzkaller #0 PREEMPT(full) 
[  521.984252][T27829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  521.984267][T27829] Call Trace:
[  521.984278][T27829]  <TASK>
[  521.984291][T27829]  dump_stack_lvl+0x189/0x250
[  521.984331][T27829]  ? __pfx____ratelimit+0x10/0x10
[  521.984369][T27829]  ? __pfx_dump_stack_lvl+0x10/0x10
[  521.984398][T27829]  ? __pfx__printk+0x10/0x10
[  521.984435][T27829]  ? __pfx___might_resched+0x10/0x10
[  521.984457][T27829]  ? lock_acquire+0x5f/0x360
[  521.984495][T27829]  should_fail_ex+0x414/0x560
[  521.984534][T27829]  should_failslab+0xa8/0x100
[  521.984574][T27829]  __kmalloc_cache_noprof+0x70/0x3d0
[  521.984609][T27829]  ? rtnl_newlink+0xed/0x1c70
[  521.984645][T27829]  ? kasan_save_free_info+0x46/0x50
[  521.984673][T27829]  rtnl_newlink+0xed/0x1c70
[  521.984707][T27829]  ? netlink_sendmsg+0x805/0xb30
[  521.984729][T27829]  ? __sock_sendmsg+0x219/0x270
[  521.984759][T27829]  ? ____sys_sendmsg+0x505/0x830
[  521.984795][T27829]  ? ___sys_sendmsg+0x21f/0x2a0
[  521.984818][T27829]  ? __x64_sys_sendmsg+0x19b/0x260
[  521.984841][T27829]  ? do_syscall_64+0xfa/0x3b0
[  521.984864][T27829]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.984906][T27829]  ? __pfx_rtnl_newlink+0x10/0x10
[  521.984957][T27829]  ? rcu_is_watching+0x15/0xb0
[  521.984988][T27829]  ? nlmon_xmit+0xb0/0x100
[  521.985012][T27829]  ? kmem_cache_free+0x18f/0x400
[  521.985050][T27829]  ? rcu_is_watching+0x15/0xb0
[  521.985080][T27829]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.985109][T27829]  ? __local_bh_enable_ip+0x12d/0x1c0
[  521.985136][T27829]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  521.985159][T27829]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.985192][T27829]  ? lock_release+0x4b/0x3e0
[  521.985229][T27829]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.985254][T27829]  ? __dev_queue_xmit+0x27b/0x3b50
[  521.985284][T27829]  ? __dev_queue_xmit+0x1d79/0x3b50
[  521.985320][T27829]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  521.985357][T27829]  ? rcu_is_watching+0x15/0xb0
[  521.985382][T27829]  ? lock_release+0x4b/0x3e0
[  521.985414][T27829]  ? bpf_lsm_capable+0x9/0x20
[  521.985449][T27829]  ? security_capable+0x7e/0x2e0
[  521.985488][T27829]  ? __pfx_rtnl_newlink+0x10/0x10
[  521.985523][T27829]  rtnetlink_rcv_msg+0x7cc/0xb70
[  521.985561][T27829]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  521.985597][T27829]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  521.985633][T27829]  ? ref_tracker_free+0x63a/0x7d0
[  521.985666][T27829]  ? __asan_memcpy+0x40/0x70
[  521.985693][T27829]  ? __pfx_ref_tracker_free+0x10/0x10
[  521.985735][T27829]  netlink_rcv_skb+0x208/0x470
[  521.985780][T27829]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  521.985817][T27829]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  521.985866][T27829]  netlink_unicast+0x82f/0x9e0
[  521.985916][T27829]  ? __pfx_netlink_unicast+0x10/0x10
[  521.985951][T27829]  ? netlink_sendmsg+0x642/0xb30
[  521.985972][T27829]  ? skb_put+0x11b/0x210
[  521.985998][T27829]  netlink_sendmsg+0x805/0xb30
[  521.986028][T27829]  ? __pfx_netlink_sendmsg+0x10/0x10
[  521.986051][T27829]  ? aa_sock_msg_perm+0xf1/0x1d0
[  521.986077][T27829]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  521.986105][T27829]  ? __pfx_netlink_sendmsg+0x10/0x10
[  521.986127][T27829]  __sock_sendmsg+0x219/0x270
[  521.986163][T27829]  ____sys_sendmsg+0x505/0x830
[  521.986192][T27829]  ? __pfx_____sys_sendmsg+0x10/0x10
[  521.986223][T27829]  ? import_iovec+0x74/0xa0
[  521.986253][T27829]  ___sys_sendmsg+0x21f/0x2a0
[  521.986280][T27829]  ? __pfx____sys_sendmsg+0x10/0x10
[  521.986327][T27829]  ? __fget_files+0x2a/0x420
[  521.986346][T27829]  ? __fget_files+0x3a0/0x420
[  521.986373][T27829]  __x64_sys_sendmsg+0x19b/0x260
[  521.986401][T27829]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  521.986432][T27829]  ? __pfx_ksys_write+0x10/0x10
[  521.986462][T27829]  ? rcu_is_watching+0x15/0xb0
[  521.986489][T27829]  ? rcu_is_watching+0x15/0xb0
[  521.986515][T27829]  do_syscall_64+0xfa/0x3b0
[  521.986537][T27829]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.986562][T27829]  ? clear_bhb_loop+0x60/0xb0
[  521.986590][T27829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.986614][T27829] RIP: 0033:0x7fb25cb8ebe9
[  521.986637][T27829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.986661][T27829] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  521.986689][T27829] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  521.986708][T27829] RDX: 0000000004004804 RSI: 0000200000000380 RDI: 0000000000000003
[  521.986724][T27829] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  521.986739][T27829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  521.986754][T27829] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  521.986782][T27829]  </TASK>
[  522.136401][T27838] netlink: 248 bytes leftover after parsing attributes in process `syz.0.7937'.
[  522.178167][ T5863] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  522.209702][ T5863] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  522.312030][T27842] netlink: 'syz.3.7938': attribute type 11 has an invalid length.
[  522.318426][ T5863] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  522.557684][T27842] netlink: 52 bytes leftover after parsing attributes in process `syz.3.7938'.
[  522.737940][ T5863] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  522.919655][ T5865] Bluetooth: hci4: command tx timeout
[  523.261449][T27864] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7943'.
[  523.476613][T27877] batman_adv: batadv0: Removing interface: batadv_slave_1
[  523.520349][T27833] chnl_net:caif_netlink_parms(): no params data found
[  523.562304][T27875] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7948'.
[  523.715533][T27897] FAULT_INJECTION: forcing a failure.
[  523.715533][T27897] name failslab, interval 1, probability 0, space 0, times 0
[  523.731758][T27897] CPU: 1 UID: 0 PID: 27897 Comm: syz.0.7953 Not tainted syzkaller #0 PREEMPT(full) 
[  523.731794][T27897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  523.731809][T27897] Call Trace:
[  523.731819][T27897]  <TASK>
[  523.731830][T27897]  dump_stack_lvl+0x189/0x250
[  523.731865][T27897]  ? __pfx____ratelimit+0x10/0x10
[  523.731898][T27897]  ? __pfx_dump_stack_lvl+0x10/0x10
[  523.731924][T27897]  ? __pfx__printk+0x10/0x10
[  523.731956][T27897]  ? fs_reclaim_acquire+0x7d/0x100
[  523.731990][T27897]  ? rcu_is_watching+0x15/0xb0
[  523.732021][T27897]  ? __pfx___might_resched+0x10/0x10
[  523.732042][T27897]  ? lock_acquire+0x5f/0x360
[  523.732073][T27897]  should_fail_ex+0x414/0x560
[  523.732103][T27897]  should_failslab+0xa8/0x100
[  523.732147][T27897]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  523.732176][T27897]  ? __alloc_skb+0x112/0x2d0
[  523.732198][T27897]  __alloc_skb+0x112/0x2d0
[  523.732220][T27897]  __ip_append_data+0x2dae/0x40c0
[  523.732256][T27897]  ? __pfx_raw_getfrag+0x10/0x10
[  523.732291][T27897]  ? lock_release+0x4b/0x3e0
[  523.732323][T27897]  ? __pfx___ip_append_data+0x10/0x10
[  523.732349][T27897]  ? ipv4_mtu+0x4b2/0x5c0
[  523.732370][T27897]  ? ipv4_mtu+0x23/0x5c0
[  523.732393][T27897]  ? __pfx_ipv4_mtu+0x10/0x10
[  523.732415][T27897]  ? ip_setup_cork+0x577/0x9a0
[  523.732442][T27897]  ip_append_data+0x10e/0x190
[  523.732469][T27897]  ? __pfx_raw_getfrag+0x10/0x10
[  523.732495][T27897]  raw_sendmsg+0x13d8/0x18b0
[  523.732530][T27897]  ? __pfx_raw_sendmsg+0x10/0x10
[  523.732557][T27897]  ? unwind_next_frame+0xa5/0x2390
[  523.732581][T27897]  ? rcu_is_watching+0x15/0xb0
[  523.732608][T27897]  ? aa_sk_perm+0x81e/0x950
[  523.732642][T27897]  ? __pfx_aa_sk_perm+0x10/0x10
[  523.732675][T27897]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[  523.732700][T27897]  ? sock_rps_record_flow+0x19/0x410
[  523.732729][T27897]  ? inet_sendmsg+0x2f4/0x370
[  523.732753][T27897]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  523.732777][T27897]  __sock_sendmsg+0x19c/0x270
[  523.732803][T27897]  ____sys_sendmsg+0x505/0x830
[  523.732826][T27897]  ? __pfx_____sys_sendmsg+0x10/0x10
[  523.732854][T27897]  ? import_iovec+0x74/0xa0
[  523.732880][T27897]  ___sys_sendmsg+0x21f/0x2a0
[  523.732904][T27897]  ? __pfx____sys_sendmsg+0x10/0x10
[  523.732948][T27897]  ? __fget_files+0x2a/0x420
[  523.732966][T27897]  ? __fget_files+0x3a0/0x420
[  523.732990][T27897]  __x64_sys_sendmsg+0x19b/0x260
[  523.733023][T27897]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  523.733051][T27897]  ? __pfx_ksys_write+0x10/0x10
[  523.733079][T27897]  ? rcu_is_watching+0x15/0xb0
[  523.733102][T27897]  ? rcu_is_watching+0x15/0xb0
[  523.733124][T27897]  do_syscall_64+0xfa/0x3b0
[  523.733145][T27897]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.733166][T27897]  ? clear_bhb_loop+0x60/0xb0
[  523.733191][T27897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.733212][T27897] RIP: 0033:0x7f49a078ebe9
[  523.733231][T27897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  523.733251][T27897] RSP: 002b:00007f49a1517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  523.733276][T27897] RAX: ffffffffffffffda RBX: 00007f49a09b5fa0 RCX: 00007f49a078ebe9
[  523.733293][T27897] RDX: 0000000000000000 RSI: 0000200000001000 RDI: 0000000000000003
[  523.733307][T27897] RBP: 00007f49a1517090 R08: 0000000000000000 R09: 0000000000000000
[  523.733321][T27897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.733334][T27897] R13: 00007f49a09b6038 R14: 00007f49a09b5fa0 R15: 00007fffca921028
[  523.733360][T27897]  </TASK>
[  524.222683][T27909] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7956'.
[  524.336096][T27914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7956'.
[  524.374075][T27833] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.382611][T27833] bridge0: port 1(bridge_slave_0) entered disabled state
[  524.402917][T27833] bridge_slave_0: entered allmulticast mode
[  524.418915][T27833] bridge_slave_0: entered promiscuous mode
[  524.434813][T27833] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.443519][T27833] bridge0: port 2(bridge_slave_1) entered disabled state
[  524.451189][T27833] bridge_slave_1: entered allmulticast mode
[  524.458765][T27833] bridge_slave_1: entered promiscuous mode
[  524.467466][T27914] bond2 (unregistering): Released all slaves
[  524.510193][T27833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  524.528460][T27833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  524.594318][T27833] team0: Port device team_slave_0 added
[  524.618129][T27833] team0: Port device team_slave_1 added
[  524.632412][T27921] FAULT_INJECTION: forcing a failure.
[  524.632412][T27921] name failslab, interval 1, probability 0, space 0, times 0
[  524.653509][T27921] CPU: 1 UID: 0 PID: 27921 Comm: syz.2.7960 Not tainted syzkaller #0 PREEMPT(full) 
[  524.653541][T27921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  524.653554][T27921] Call Trace:
[  524.653564][T27921]  <TASK>
[  524.653574][T27921]  dump_stack_lvl+0x189/0x250
[  524.653609][T27921]  ? __pfx____ratelimit+0x10/0x10
[  524.653641][T27921]  ? __pfx_dump_stack_lvl+0x10/0x10
[  524.653667][T27921]  ? __pfx__printk+0x10/0x10
[  524.653708][T27921]  ? __pfx___might_resched+0x10/0x10
[  524.653733][T27921]  ? lock_acquire+0x5f/0x360
[  524.653767][T27921]  should_fail_ex+0x414/0x560
[  524.653801][T27921]  should_failslab+0xa8/0x100
[  524.653835][T27921]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  524.653867][T27921]  ? page_pool_create_percpu+0x76/0xbe0
[  524.653899][T27921]  page_pool_create_percpu+0x76/0xbe0
[  524.653926][T27921]  ? __kvmalloc_node_noprof+0x331/0x5f0
[  524.653956][T27921]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  524.653995][T27921]  bpf_test_run_xdp_live+0x1ca/0x1b10
[  524.654032][T27921]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  524.654073][T27921]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  524.654113][T27921]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  524.654147][T27921]  ? 0xffffffffa02057c0
[  524.654166][T27921]  ? 0xffffffffa02057c0
[  524.654210][T27921]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  524.654235][T27921]  ? _copy_from_user+0x94/0xb0
[  524.654260][T27921]  ? bpf_test_init+0x133/0x170
[  524.654288][T27921]  ? xdp_convert_md_to_buff+0x5b/0x330
[  524.654321][T27921]  bpf_prog_test_run_xdp+0x713/0x1000
[  524.654358][T27921]  ? rcu_is_watching+0x15/0xb0
[  524.654383][T27921]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  524.654417][T27921]  ? __fget_files+0x2a/0x420
[  524.654438][T27921]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  524.654471][T27921]  bpf_prog_test_run+0x2c7/0x340
[  524.654506][T27921]  __sys_bpf+0x581/0x870
[  524.654537][T27921]  ? __pfx___sys_bpf+0x10/0x10
[  524.654573][T27921]  ? ksys_write+0x22a/0x250
[  524.654604][T27921]  ? __pfx_ksys_write+0x10/0x10
[  524.654631][T27921]  ? rcu_is_watching+0x15/0xb0
[  524.654656][T27921]  __x64_sys_bpf+0x7c/0x90
[  524.654689][T27921]  do_syscall_64+0xfa/0x3b0
[  524.654716][T27921]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.654738][T27921]  ? clear_bhb_loop+0x60/0xb0
[  524.654762][T27921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.654784][T27921] RIP: 0033:0x7fb25cb8ebe9
[  524.654804][T27921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.654822][T27921] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  524.654846][T27921] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  524.654863][T27921] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  524.654878][T27921] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  524.654892][T27921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.654906][T27921] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  524.654932][T27921]  </TASK>
[  524.986896][T27833] batman_adv: batadv0: Adding interface: batadv_slave_0
[  525.001158][T27833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  525.027914][ T5865] Bluetooth: hci3: command tx timeout
[  525.045904][T27833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  525.064114][T27833] batman_adv: batadv0: Adding interface: batadv_slave_1
[  525.071307][T27833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  525.098829][T27833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  525.113283][T27924] FAULT_INJECTION: forcing a failure.
[  525.113283][T27924] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  525.130915][T27924] CPU: 1 UID: 0 PID: 27924 Comm: syz.1.7961 Not tainted syzkaller #0 PREEMPT(full) 
[  525.130949][T27924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  525.130964][T27924] Call Trace:
[  525.130974][T27924]  <TASK>
[  525.130985][T27924]  dump_stack_lvl+0x189/0x250
[  525.131019][T27924]  ? __pfx____ratelimit+0x10/0x10
[  525.131052][T27924]  ? __pfx_dump_stack_lvl+0x10/0x10
[  525.131078][T27924]  ? __pfx__printk+0x10/0x10
[  525.131112][T27924]  ? rcu_is_watching+0x15/0xb0
[  525.131136][T27924]  should_fail_ex+0x414/0x560
[  525.131169][T27924]  _copy_to_user+0x31/0xb0
[  525.131196][T27924]  simple_read_from_buffer+0xe1/0x170
[  525.131231][T27924]  proc_fail_nth_read+0x1b3/0x220
[  525.131258][T27924]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  525.131284][T27924]  ? rw_verify_area+0x2a6/0x4d0
[  525.131313][T27924]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  525.131338][T27924]  vfs_read+0x1fd/0xa30
[  525.131364][T27924]  ? fdget_pos+0x247/0x320
[  525.131386][T27924]  ? __pfx___mutex_lock+0x10/0x10
[  525.131420][T27924]  ? __pfx_vfs_read+0x10/0x10
[  525.131453][T27924]  ? __fget_files+0x3a0/0x420
[  525.131470][T27924]  ? __fget_files+0x2a/0x420
[  525.131506][T27924]  ksys_read+0x145/0x250
[  525.131535][T27924]  ? __pfx_ksys_read+0x10/0x10
[  525.131561][T27924]  ? rcu_is_watching+0x15/0xb0
[  525.131584][T27924]  ? rcu_is_watching+0x15/0xb0
[  525.131607][T27924]  do_syscall_64+0xfa/0x3b0
[  525.131627][T27924]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.131650][T27924]  ? clear_bhb_loop+0x60/0xb0
[  525.131676][T27924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.131706][T27924] RIP: 0033:0x7fcfc738d5fc
[  525.131727][T27924] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  525.131749][T27924] RSP: 002b:00007fcfc8236030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  525.131774][T27924] RAX: ffffffffffffffda RBX: 00007fcfc75b5fa0 RCX: 00007fcfc738d5fc
[  525.131791][T27924] RDX: 000000000000000f RSI: 00007fcfc82360a0 RDI: 0000000000000004
[  525.131806][T27924] RBP: 00007fcfc8236090 R08: 0000000000000000 R09: 0000000000000000
[  525.131820][T27924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.131834][T27924] R13: 00007fcfc75b6038 R14: 00007fcfc75b5fa0 R15: 00007ffcb112bbc8
[  525.131860][T27924]  </TASK>
[  525.406073][T27833] hsr_slave_0: entered promiscuous mode
[  525.413310][T27833] hsr_slave_1: entered promiscuous mode
[  525.425521][T27833] debugfs: 'hsr0' already exists in 'hsr'
[  525.433146][T27833] Cannot create hsr debugfs directory
[  525.482845][T27931] Bluetooth: hci4: Opcode 0x0401 failed: -4
[  525.571228][T27933] netlink: 'syz.2.7966': attribute type 4 has an invalid length.
[  525.603992][T27929] netlink: 'syz.1.7964': attribute type 11 has an invalid length.
[  525.622156][T27833] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.633035][T27929] __nla_validate_parse: 1 callbacks suppressed
[  525.633059][T27929] netlink: 52 bytes leftover after parsing attributes in process `syz.1.7964'.
[  525.754024][T27944] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  525.830435][T27833] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.843809][T27949] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7970'.
[  526.013477][T27949] netlink: 'syz.2.7970': attribute type 4 has an invalid length.
[  526.214135][T27962] IPVS: stopping backup sync thread 27966 ...
[  526.222567][T27966] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  526.265171][T27833] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.279263][T27944] netlink: 'syz.2.7970': attribute type 4 has an invalid length.
[  526.344991][T27833] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.413501][T27972] syzkaller1: entered promiscuous mode
[  526.423136][T27972] syzkaller1: entered allmulticast mode
[  526.432650][T27972] FAULT_INJECTION: forcing a failure.
[  526.432650][T27972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  526.451253][T27972] CPU: 0 UID: 0 PID: 27972 Comm: syz.2.7975 Not tainted syzkaller #0 PREEMPT(full) 
[  526.451289][T27972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  526.451305][T27972] Call Trace:
[  526.451314][T27972]  <TASK>
[  526.451324][T27972]  dump_stack_lvl+0x189/0x250
[  526.451359][T27972]  ? __pfx____ratelimit+0x10/0x10
[  526.451392][T27972]  ? __pfx_dump_stack_lvl+0x10/0x10
[  526.451418][T27972]  ? __pfx__printk+0x10/0x10
[  526.451447][T27972]  ? __might_fault+0xb0/0x130
[  526.451478][T27972]  ? set_page_refcounted+0xa0/0x1e0
[  526.451511][T27972]  ? rcu_is_watching+0x15/0xb0
[  526.451536][T27972]  should_fail_ex+0x414/0x560
[  526.451568][T27972]  _copy_from_iter+0x1db/0x16f0
[  526.451593][T27972]  ? sock_alloc_send_pskb+0x875/0x990
[  526.451623][T27972]  ? __pfx__copy_from_iter+0x10/0x10
[  526.451649][T27972]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  526.451676][T27972]  skb_copy_datagram_from_iter+0xf5/0x720
[  526.451707][T27972]  ? skb_put+0x11b/0x210
[  526.451729][T27972]  tun_get_user+0x1691/0x3e20
[  526.451763][T27972]  ? rcu_is_watching+0x15/0xb0
[  526.451783][T27972]  ? lock_release+0x4b/0x3e0
[  526.451819][T27972]  ? aa_file_perm+0x44d/0x1550
[  526.451843][T27972]  ? __pfx_tun_get_user+0x10/0x10
[  526.451863][T27972]  ? _parse_integer_limit+0x1ae/0x1f0
[  526.451899][T27972]  ? kstrtoull+0x12f/0x1d0
[  526.451934][T27972]  ? ref_tracker_alloc+0x318/0x460
[  526.451964][T27972]  ? get_pid_task+0x20/0x1f0
[  526.451992][T27972]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  526.452023][T27972]  ? tun_get+0x1c/0x2f0
[  526.452043][T27972]  ? tun_get+0x1c/0x2f0
[  526.452063][T27972]  ? rcu_is_watching+0x15/0xb0
[  526.452082][T27972]  ? tun_get+0x1c/0x2f0
[  526.452101][T27972]  ? lock_release+0x4b/0x3e0
[  526.452131][T27972]  ? common_file_perm+0x1b5/0x230
[  526.452167][T27972]  ? tun_get+0x1c/0x2f0
[  526.452194][T27972]  tun_chr_write_iter+0x113/0x200
[  526.452218][T27972]  vfs_write+0x5c9/0xb30
[  526.452250][T27972]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  526.452272][T27972]  ? __pfx_vfs_write+0x10/0x10
[  526.452305][T27972]  ? __fget_files+0x2a/0x420
[  526.452330][T27972]  ksys_write+0x145/0x250
[  526.452358][T27972]  ? __pfx_ksys_write+0x10/0x10
[  526.452382][T27972]  ? rcu_is_watching+0x15/0xb0
[  526.452406][T27972]  ? rcu_is_watching+0x15/0xb0
[  526.452425][T27972]  do_syscall_64+0xfa/0x3b0
[  526.452445][T27972]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.452467][T27972]  ? clear_bhb_loop+0x60/0xb0
[  526.452491][T27972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.452512][T27972] RIP: 0033:0x7fb25cb8ebe9
[  526.452532][T27972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  526.452552][T27972] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  526.452577][T27972] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  526.452593][T27972] RDX: 0000000000000fce RSI: 0000200000001240 RDI: 0000000000000003
[  526.452608][T27972] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  526.452621][T27972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.452635][T27972] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  526.452660][T27972]  </TASK>
[  526.819448][T27833] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  526.829671][T27833] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  526.841163][T27833] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  526.860677][T27833] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  526.961934][T27833] 8021q: adding VLAN 0 to HW filter on device bond0
[  526.980988][T27833] 8021q: adding VLAN 0 to HW filter on device team0
[  526.992942][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  527.000229][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  527.076151][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  527.083380][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  527.090756][ T5865] Bluetooth: hci3: command tx timeout
[  527.221514][T27995] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7979'.
[  527.238111][T27995] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7979'.
[  527.270223][T27995] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7979'.
[  527.531157][T27833] 8021q: adding VLAN 0 to HW filter on device batadv0
[  527.565785][ T5865] Bluetooth: hci4: command 0x0401 tx timeout
[  527.672001][T28023] FAULT_INJECTION: forcing a failure.
[  527.672001][T28023] name failslab, interval 1, probability 0, space 0, times 0
[  527.723946][T28023] CPU: 1 UID: 0 PID: 28023 Comm: syz.0.7986 Not tainted syzkaller #0 PREEMPT(full) 
[  527.723983][T28023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  527.723998][T28023] Call Trace:
[  527.724008][T28023]  <TASK>
[  527.724019][T28023]  dump_stack_lvl+0x189/0x250
[  527.724054][T28023]  ? __pfx____ratelimit+0x10/0x10
[  527.724087][T28023]  ? __pfx_dump_stack_lvl+0x10/0x10
[  527.724113][T28023]  ? __pfx__printk+0x10/0x10
[  527.724146][T28023]  ? __pfx___might_resched+0x10/0x10
[  527.724168][T28023]  ? lock_acquire+0x5f/0x360
[  527.724209][T28023]  should_fail_ex+0x414/0x560
[  527.724241][T28023]  should_failslab+0xa8/0x100
[  527.724275][T28023]  __kmalloc_noprof+0xcb/0x4f0
[  527.724305][T28023]  ? ip_options_get+0x51/0x4c0
[  527.724331][T28023]  ip_options_get+0x51/0x4c0
[  527.724359][T28023]  ip_cmsg_send+0x591/0xa70
[  527.724395][T28023]  ping_v4_sendmsg+0x5d6/0x1750
[  527.724438][T28023]  ? ip4_datagram_release_cb+0x82/0xbb0
[  527.724466][T28023]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[  527.724504][T28023]  ? ip4_datagram_release_cb+0x82/0xbb0
[  527.724531][T28023]  ? rcu_is_watching+0x15/0xb0
[  527.724554][T28023]  ? inet_sendmsg+0x14f/0x370
[  527.724582][T28023]  ? __local_bh_enable_ip+0x12d/0x1c0
[  527.724609][T28023]  ? inet_sendmsg+0x14f/0x370
[  527.724638][T28023]  ? inet_sendmsg+0x2f4/0x370
[  527.724668][T28023]  __sock_sendmsg+0x19c/0x270
[  527.724700][T28023]  ____sys_sendmsg+0x505/0x830
[  527.724726][T28023]  ? __pfx_____sys_sendmsg+0x10/0x10
[  527.724748][T28023]  ? __might_fault+0xb0/0x130
[  527.724783][T28023]  ? import_iovec+0x74/0xa0
[  527.724810][T28023]  ___sys_sendmsg+0x21f/0x2a0
[  527.724835][T28023]  ? __pfx____sys_sendmsg+0x10/0x10
[  527.724880][T28023]  ? __fget_files+0x2a/0x420
[  527.724904][T28023]  ? __fget_files+0x3a0/0x420
[  527.724929][T28023]  __x64_sys_sendmsg+0x19b/0x260
[  527.724954][T28023]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  527.724984][T28023]  ? __pfx_ksys_write+0x10/0x10
[  527.725011][T28023]  ? rcu_is_watching+0x15/0xb0
[  527.725035][T28023]  ? rcu_is_watching+0x15/0xb0
[  527.725058][T28023]  do_syscall_64+0xfa/0x3b0
[  527.725079][T28023]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.725101][T28023]  ? clear_bhb_loop+0x60/0xb0
[  527.725126][T28023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.725155][T28023] RIP: 0033:0x7f49a078ebe9
[  527.725174][T28023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.725195][T28023] RSP: 002b:00007f49a1517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  527.725219][T28023] RAX: ffffffffffffffda RBX: 00007f49a09b5fa0 RCX: 00007f49a078ebe9
[  527.725237][T28023] RDX: 0000000024000044 RSI: 0000200000000040 RDI: 0000000000000003
[  527.725252][T28023] RBP: 00007f49a1517090 R08: 0000000000000000 R09: 0000000000000000
[  527.725267][T28023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.725280][T28023] R13: 00007f49a09b6038 R14: 00007f49a09b5fa0 R15: 00007fffca921028
[  527.725308][T28023]  </TASK>
[  527.769169][T28027] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7987'.
[  527.963052][T28025] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7987'.
[  528.031629][   T30] audit: type=1800 audit(1756240451.920:4): pid=28032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.7989" name=5D80CEFF4AA6DC5F710E8DF1F7582C892AF8D26C5BD9C07CAA9E7DED20F3F5CE5E3A882A02450DCF19 dev="tmpfs" ino=3012 res=0 errno=0
[  528.078768][T28034] FAULT_INJECTION: forcing a failure.
[  528.078768][T28034] name failslab, interval 1, probability 0, space 0, times 0
[  528.113132][T28034] CPU: 1 UID: 0 PID: 28034 Comm: syz.1.7988 Not tainted syzkaller #0 PREEMPT(full) 
[  528.113170][T28034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  528.113186][T28034] Call Trace:
[  528.113194][T28034]  <TASK>
[  528.113204][T28034]  dump_stack_lvl+0x189/0x250
[  528.113240][T28034]  ? __pfx____ratelimit+0x10/0x10
[  528.113272][T28034]  ? __pfx_dump_stack_lvl+0x10/0x10
[  528.113297][T28034]  ? __pfx__printk+0x10/0x10
[  528.113326][T28034]  ? rcu_is_watching+0x15/0xb0
[  528.113349][T28034]  ? __pfx___might_resched+0x10/0x10
[  528.113371][T28034]  ? lock_acquire+0x5f/0x360
[  528.113503][T28034]  should_fail_ex+0x414/0x560
[  528.113535][T28034]  should_failslab+0xa8/0x100
[  528.113568][T28034]  __kmalloc_noprof+0xcb/0x4f0
[  528.113597][T28034]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  528.113628][T28034]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  528.113661][T28034]  genl_family_rcv_msg_doit+0xb8/0x300
[  528.113692][T28034]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  528.113724][T28034]  ? apparmor_capable+0x137/0x1b0
[  528.113752][T28034]  ? bpf_lsm_capable+0x9/0x20
[  528.113782][T28034]  ? security_capable+0x7e/0x2e0
[  528.113818][T28034]  genl_rcv_msg+0x60e/0x790
[  528.113848][T28034]  ? __pfx_genl_rcv_msg+0x10/0x10
[  528.113872][T28034]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  528.113898][T28034]  ? __pfx_nl80211_set_station+0x10/0x10
[  528.113925][T28034]  ? __pfx_nl80211_post_doit+0x10/0x10
[  528.113951][T28034]  ? __asan_memcpy+0x40/0x70
[  528.113975][T28034]  ? __pfx_ref_tracker_free+0x10/0x10
[  528.114010][T28034]  netlink_rcv_skb+0x208/0x470
[  528.114044][T28034]  ? __pfx_genl_rcv_msg+0x10/0x10
[  528.114069][T28034]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  528.114108][T28034]  ? lock_release+0x4b/0x3e0
[  528.114141][T28034]  ? down_read+0x1ad/0x2e0
[  528.114165][T28034]  genl_rcv+0x28/0x40
[  528.114188][T28034]  netlink_unicast+0x82f/0x9e0
[  528.114223][T28034]  ? __pfx_netlink_unicast+0x10/0x10
[  528.114253][T28034]  ? netlink_sendmsg+0x642/0xb30
[  528.114270][T28034]  ? skb_put+0x11b/0x210
[  528.114293][T28034]  netlink_sendmsg+0x805/0xb30
[  528.114318][T28034]  ? __pfx_netlink_sendmsg+0x10/0x10
[  528.114340][T28034]  ? aa_sock_msg_perm+0xf1/0x1d0
[  528.114360][T28034]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  528.114391][T28034]  ? __pfx_netlink_sendmsg+0x10/0x10
[  528.114410][T28034]  __sock_sendmsg+0x219/0x270
[  528.114442][T28034]  ____sys_sendmsg+0x505/0x830
[  528.114468][T28034]  ? __pfx_____sys_sendmsg+0x10/0x10
[  528.114496][T28034]  ? import_iovec+0x74/0xa0
[  528.114523][T28034]  ___sys_sendmsg+0x21f/0x2a0
[  528.114547][T28034]  ? __pfx____sys_sendmsg+0x10/0x10
[  528.114591][T28034]  ? __fget_files+0x2a/0x420
[  528.114610][T28034]  ? __fget_files+0x3a0/0x420
[  528.114635][T28034]  __x64_sys_sendmsg+0x19b/0x260
[  528.114659][T28034]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  528.114688][T28034]  ? __pfx_ksys_write+0x10/0x10
[  528.114716][T28034]  ? rcu_is_watching+0x15/0xb0
[  528.114740][T28034]  ? rcu_is_watching+0x15/0xb0
[  528.114763][T28034]  do_syscall_64+0xfa/0x3b0
[  528.114783][T28034]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.114806][T28034]  ? clear_bhb_loop+0x60/0xb0
[  528.114830][T28034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.114851][T28034] RIP: 0033:0x7fcfc738ebe9
[  528.114872][T28034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  528.114891][T28034] RSP: 002b:00007fcfc8236038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  528.114916][T28034] RAX: ffffffffffffffda RBX: 00007fcfc75b5fa0 RCX: 00007fcfc738ebe9
[  528.114931][T28034] RDX: 00000000000080c0 RSI: 0000200000000200 RDI: 0000000000000003
[  528.114945][T28034] RBP: 00007fcfc8236090 R08: 0000000000000000 R09: 0000000000000000
[  528.114958][T28034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  528.114971][T28034] R13: 00007fcfc75b6038 R14: 00007fcfc75b5fa0 R15: 00007ffcb112bbc8
[  528.114997][T28034]  </TASK>
[  528.601315][T27833] veth0_vlan: entered promiscuous mode
[  528.614285][T27833] veth1_vlan: entered promiscuous mode
[  528.636338][T27833] veth0_macvtap: entered promiscuous mode
[  528.646145][T27833] veth1_macvtap: entered promiscuous mode
[  528.703667][T27833] batman_adv: batadv0: Interface activated: batadv_slave_0
[  528.721834][T27833] batman_adv: batadv0: Interface activated: batadv_slave_1
[  528.734647][T20708] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  528.768015][T20708] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  528.776784][T20708] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  528.785612][T20708] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  528.800954][T28050] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7993'.
[  528.824039][T28052] batadv_slave_1: entered promiscuous mode
[  528.836876][T28046] netlink: 'syz.0.7990': attribute type 7 has an invalid length.
[  528.845211][T28046] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7990'.
[  528.864014][T28055] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7993'.
[  528.900702][T28050] bond2 (unregistering): Released all slaves
[  528.915005][T28051] batadv_slave_1: left promiscuous mode
[  528.971705][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  528.993706][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  529.018357][T28060] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  529.026619][T28060] batman_adv: batadv0: Removing interface: batadv_slave_0
[  529.036281][T28060] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  529.044832][T28060] batman_adv: batadv0: Removing interface: batadv_slave_1
[  529.105141][T28057] gtp7: entered promiscuous mode
[  529.112327][T28057] gtp7: entered allmulticast mode
[  529.158258][ T5865] Bluetooth: hci3: command tx timeout
[  529.163845][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  529.175772][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  529.246292][T28069] bond2 (unregistering): Released all slaves
[  529.417018][T28080] FAULT_INJECTION: forcing a failure.
[  529.417018][T28080] name failslab, interval 1, probability 0, space 0, times 0
[  529.462726][T28080] CPU: 0 UID: 0 PID: 28080 Comm: syz.2.8003 Not tainted syzkaller #0 PREEMPT(full) 
[  529.462760][T28080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  529.462775][T28080] Call Trace:
[  529.462785][T28080]  <TASK>
[  529.462796][T28080]  dump_stack_lvl+0x189/0x250
[  529.462830][T28080]  ? __pfx____ratelimit+0x10/0x10
[  529.462864][T28080]  ? __pfx_dump_stack_lvl+0x10/0x10
[  529.462889][T28080]  ? __pfx__printk+0x10/0x10
[  529.462922][T28080]  ? fs_reclaim_acquire+0x7d/0x100
[  529.462957][T28080]  ? rcu_is_watching+0x15/0xb0
[  529.462979][T28080]  ? __pfx___might_resched+0x10/0x10
[  529.463000][T28080]  ? lock_acquire+0x5f/0x360
[  529.463033][T28080]  should_fail_ex+0x414/0x560
[  529.463065][T28080]  should_failslab+0xa8/0x100
[  529.463099][T28080]  __kmalloc_cache_noprof+0x70/0x3d0
[  529.463128][T28080]  ? percpu_ref_init+0xc5/0x360
[  529.463164][T28080]  ? __pfx_nfsd_net_free+0x10/0x10
[  529.463188][T28080]  percpu_ref_init+0xc5/0x360
[  529.463223][T28080]  nfsd_create_serv+0x11f/0x840
[  529.463247][T28080]  ? __pfx_stack_trace_save+0x10/0x10
[  529.463275][T28080]  ? stack_depot_save_flags+0x40/0x860
[  529.463306][T28080]  ? __pfx_nfsd_create_serv+0x10/0x10
[  529.463331][T28080]  ? __pfx___mutex_lock+0x10/0x10
[  529.463365][T28080]  ? __asan_memset+0x22/0x50
[  529.463389][T28080]  ? ____sys_sendmsg+0x505/0x830
[  529.463411][T28080]  ? ___sys_sendmsg+0x21f/0x2a0
[  529.463440][T28080]  ? __x64_sys_sendmsg+0x19b/0x260
[  529.463468][T28080]  nfsd_nl_listener_set_doit+0x13f/0x1690
[  529.463498][T28080]  ? __pfx___nla_validate_parse+0x10/0x10
[  529.463549][T28080]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  529.463582][T28080]  ? __nla_parse+0x40/0x60
[  529.463616][T28080]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  529.463648][T28080]  genl_family_rcv_msg_doit+0x212/0x300
[  529.463679][T28080]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  529.463713][T28080]  ? bpf_lsm_capable+0x9/0x20
[  529.463743][T28080]  ? security_capable+0x7e/0x2e0
[  529.463779][T28080]  genl_rcv_msg+0x60e/0x790
[  529.463808][T28080]  ? __pfx_genl_rcv_msg+0x10/0x10
[  529.463832][T28080]  ? __kasan_slab_alloc+0x6c/0x80
[  529.463861][T28080]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  529.463890][T28080]  ? __netlink_lookup+0xbd/0x810
[  529.463909][T28080]  ? rcu_is_watching+0x15/0xb0
[  529.463936][T28080]  netlink_rcv_skb+0x208/0x470
[  529.463969][T28080]  ? __pfx_genl_rcv_msg+0x10/0x10
[  529.463995][T28080]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  529.464033][T28080]  ? lock_release+0x4b/0x3e0
[  529.464066][T28080]  ? down_read+0x1ad/0x2e0
[  529.464088][T28080]  genl_rcv+0x28/0x40
[  529.464111][T28080]  netlink_unicast+0x82f/0x9e0
[  529.464144][T28080]  ? __pfx_netlink_unicast+0x10/0x10
[  529.464174][T28080]  ? netlink_sendmsg+0x642/0xb30
[  529.464192][T28080]  ? skb_put+0x11b/0x210
[  529.464215][T28080]  netlink_sendmsg+0x805/0xb30
[  529.464239][T28080]  ? __pfx_netlink_sendmsg+0x10/0x10
[  529.464261][T28080]  ? aa_sock_msg_perm+0xf1/0x1d0
[  529.464283][T28080]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  529.464306][T28080]  ? __pfx_netlink_sendmsg+0x10/0x10
[  529.464326][T28080]  __sock_sendmsg+0x219/0x270
[  529.464357][T28080]  ____sys_sendmsg+0x505/0x830
[  529.464383][T28080]  ? __pfx_____sys_sendmsg+0x10/0x10
[  529.464410][T28080]  ? import_iovec+0x74/0xa0
[  529.464445][T28080]  ___sys_sendmsg+0x21f/0x2a0
[  529.464468][T28080]  ? __pfx____sys_sendmsg+0x10/0x10
[  529.464512][T28080]  ? __fget_files+0x2a/0x420
[  529.464530][T28080]  ? __fget_files+0x3a0/0x420
[  529.464554][T28080]  __x64_sys_sendmsg+0x19b/0x260
[  529.464578][T28080]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  529.464607][T28080]  ? __pfx_ksys_write+0x10/0x10
[  529.464635][T28080]  ? rcu_is_watching+0x15/0xb0
[  529.464659][T28080]  ? rcu_is_watching+0x15/0xb0
[  529.464682][T28080]  do_syscall_64+0xfa/0x3b0
[  529.464702][T28080]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.464723][T28080]  ? clear_bhb_loop+0x60/0xb0
[  529.464748][T28080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.464769][T28080] RIP: 0033:0x7fb25cb8ebe9
[  529.464788][T28080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  529.464807][T28080] RSP: 002b:00007fb25dae2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  529.464831][T28080] RAX: ffffffffffffffda RBX: 00007fb25cdb5fa0 RCX: 00007fb25cb8ebe9
[  529.464847][T28080] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  529.464862][T28080] RBP: 00007fb25dae2090 R08: 0000000000000000 R09: 0000000000000000
[  529.464876][T28080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  529.464890][T28080] R13: 00007fb25cdb6038 R14: 00007fb25cdb5fa0 R15: 00007ffcdb0d6aa8
[  529.464916][T28080]  </TASK>
[  530.105861][ T5863] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  530.113476][ T5863] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  530.120870][ T5863] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  530.129613][ T5863] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  530.137210][ T5863] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  530.182956][T28089] hsr_slave_0 (unregistering): left promiscuous mode
[  530.275291][T28096] openvswitch: netlink: IP tunnel TTL not specified.
[  530.432881][T20708] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.550931][T20708] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.581544][T28088] chnl_net:caif_netlink_parms(): no params data found
[  530.596188][T28104] netlink: 'syz.2.8011': attribute type 11 has an invalid length.
[  530.656234][T20708] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.790554][T20708] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.810124][T28121] C: renamed from team_slave_0 (while UP)
[  530.822915][T28121] netlink: 'syz.3.8016': attribute type 4 has an invalid length.
[  530.831447][T28121] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  530.852075][T28121] netlink: 'syz.3.8016': attribute type 11 has an invalid length.
[  530.882038][T28118] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.974606][T28118] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  531.036012][T28123] __nla_validate_parse: 9 callbacks suppressed
[  531.036034][T28123] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8017'.
[  531.053754][T28088] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.084122][T28088] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.101614][T28088] bridge_slave_0: entered allmulticast mode
[  531.107915][T28123] netlink: 'syz.2.8017': attribute type 30 has an invalid length.
[  531.117528][T28088] bridge_slave_0: entered promiscuous mode
[  531.133632][T28137] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8021'.
[  531.160314][T28118] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  531.181698][T28132] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8021'.
[  531.203415][T28088] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.211881][T28123] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8017'.
[  531.222742][T28088] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.230858][T28088] bridge_slave_1: entered allmulticast mode
[  531.237082][T28123] netlink: 'syz.2.8017': attribute type 30 has an invalid length.
[  531.245679][T28088] bridge_slave_1: entered promiscuous mode
[  531.248580][ T5863] Bluetooth: hci3: command tx timeout
[  531.258773][   T13] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  531.269603][T28138] netlink: 'syz.0.8022': attribute type 10 has an invalid length.
[  531.289742][T28118] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  531.300830][T28118] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  531.331132][   T13] ==================================================================
[  531.339318][   T13] BUG: KASAN: slab-use-after-free in __mutex_lock+0x147/0x1350
[  531.346949][   T13] Read of size 8 at addr ffff88807b04acb0 by task kworker/u8:1/13
[  531.354952][   T13] 
[  531.357293][   T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) 
[  531.357321][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  531.357337][   T13] Workqueue: udp_tunnel_nic udp_tunnel_nic_device_sync_work
[  531.357377][   T13] Call Trace:
[  531.357388][   T13]  <TASK>
[  531.357399][   T13]  dump_stack_lvl+0x189/0x250
[  531.357430][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.357456][   T13]  ? lock_release+0x4b/0x3e0
[  531.357492][   T13]  ? __virt_addr_valid+0x4a5/0x5c0
[  531.357523][   T13]  print_report+0xca/0x240
[  531.357543][   T13]  ? __mutex_lock+0x147/0x1350
[  531.357574][   T13]  kasan_report+0x118/0x150
[  531.357602][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  531.357631][   T13]  ? __mutex_lock+0x147/0x1350
[  531.357667][   T13]  __mutex_lock+0x147/0x1350
[  531.357702][   T13]  ? __mutex_lock+0x5bb/0x1350
[  531.357737][   T13]  ? udp_tunnel_nic_device_sync_work+0x39/0xa50
[  531.357762][   T13]  ? __pfx___mutex_lock+0x10/0x10
[  531.357785][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  531.357806][   T13]  ? rcu_is_watching+0x15/0xb0
[  531.357826][   T13]  udp_tunnel_nic_device_sync_work+0x39/0xa50
[  531.357852][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  531.357867][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  531.357882][   T13]  process_scheduled_works+0xae1/0x17b0
[  531.357909][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  531.357936][   T13]  worker_thread+0x8a0/0xda0
[  531.357963][   T13]  kthread+0x70e/0x8a0
[  531.357983][   T13]  ? __pfx_worker_thread+0x10/0x10
[  531.357998][   T13]  ? __pfx_kthread+0x10/0x10
[  531.358017][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  531.358037][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  531.358059][   T13]  ? __pfx_kthread+0x10/0x10
[  531.358077][   T13]  ret_from_fork+0x3f9/0x770
[  531.358095][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  531.358113][   T13]  ? __switch_to_asm+0x39/0x70
[  531.358133][   T13]  ? __switch_to_asm+0x33/0x70
[  531.358152][   T13]  ? __pfx_kthread+0x10/0x10
[  531.358171][   T13]  ret_from_fork_asm+0x1a/0x30
[  531.358197][   T13]  </TASK>
[  531.358203][   T13] 
[  531.564017][   T13] Allocated by task 20654:
[  531.568528][   T13]  kasan_save_track+0x3e/0x80
[  531.573235][   T13]  __kasan_kmalloc+0x93/0xb0
[  531.577923][   T13]  __kmalloc_noprof+0x27a/0x4f0
[  531.582951][   T13]  udp_tunnel_nic_netdevice_event+0x854/0x19f0
[  531.589127][   T13]  notifier_call_chain+0x1b3/0x3e0
[  531.594314][   T13]  register_netdevice+0x1608/0x1ae0
[  531.599544][   T13]  nsim_create+0xae8/0xf10
[  531.603978][   T13]  __nsim_dev_port_add+0x6b6/0xb10
[  531.609108][   T13]  nsim_dev_port_add_all+0x37/0xf0
[  531.614265][   T13]  nsim_drv_probe+0x88e/0xba0
[  531.619042][   T13]  really_probe+0x26a/0x9e0
[  531.623584][   T13]  __driver_probe_device+0x18c/0x2f0
[  531.628896][   T13]  driver_probe_device+0x4f/0x430
[  531.633947][   T13]  __device_attach_driver+0x2ce/0x530
[  531.639416][   T13]  bus_for_each_drv+0x251/0x2e0
[  531.644379][   T13]  __device_attach+0x2b8/0x400
[  531.649412][   T13]  bus_probe_device+0x185/0x260
[  531.654287][   T13]  device_add+0x7b6/0xb50
[  531.658730][   T13]  new_device_store+0x36c/0x6f0
[  531.663687][   T13]  kernfs_fop_write_iter+0x375/0x4f0
[  531.669187][   T13]  vfs_write+0x5c9/0xb30
[  531.673445][   T13]  ksys_write+0x145/0x250
[  531.677796][   T13]  do_syscall_64+0xfa/0x3b0
[  531.682322][   T13]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.688226][   T13] 
[  531.690559][   T13] Freed by task 28118:
[  531.694637][   T13]  kasan_save_track+0x3e/0x80
[  531.699348][   T13]  kasan_save_free_info+0x46/0x50
[  531.704397][   T13]  __kasan_slab_free+0x5b/0x80
[  531.709200][   T13]  kfree+0x18e/0x440
[  531.713113][   T13]  udp_tunnel_nic_netdevice_event+0x1332/0x19f0
[  531.719379][   T13]  notifier_call_chain+0x1b3/0x3e0
[  531.724542][   T13]  unregister_netdevice_many_notify+0x14d7/0x1ff0
[  531.730984][   T13]  unregister_netdevice_queue+0x33c/0x380
[  531.736722][   T13]  nsim_destroy+0x1dd/0x670
[  531.741252][   T13]  __nsim_dev_port_del+0x14d/0x1b0
[  531.746404][   T13]  nsim_dev_reload_destroy+0x288/0x490
[  531.751889][   T13]  nsim_dev_reload_down+0x8a/0xc0
[  531.756939][   T13]  devlink_reload+0x1b3/0x8d0
[  531.761663][   T13]  devlink_nl_reload_doit+0xb35/0xd50
[  531.767060][   T13]  genl_family_rcv_msg_doit+0x212/0x300
[  531.772646][   T13]  genl_rcv_msg+0x60e/0x790
[  531.777192][   T13]  netlink_rcv_skb+0x208/0x470
[  531.782181][   T13]  genl_rcv+0x28/0x40
[  531.786225][   T13]  netlink_unicast+0x82f/0x9e0
[  531.791025][   T13]  netlink_sendmsg+0x805/0xb30
[  531.795910][   T13]  __sock_sendmsg+0x219/0x270
[  531.800786][   T13]  ____sys_sendmsg+0x505/0x830
[  531.805833][   T13]  ___sys_sendmsg+0x21f/0x2a0
[  531.810616][   T13]  __x64_sys_sendmsg+0x19b/0x260
[  531.815573][   T13]  do_syscall_64+0xfa/0x3b0
[  531.820095][   T13]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.826087][   T13] 
[  531.828443][   T13] Last potentially related work creation:
[  531.834160][   T13]  kasan_save_stack+0x3e/0x60
[  531.838861][   T13]  kasan_record_aux_stack+0xbd/0xd0
[  531.844087][   T13]  insert_work+0x3d/0x330
[  531.848477][   T13]  __queue_work+0xbaf/0xfb0
[  531.852993][   T13]  queue_work_on+0x181/0x270
[  531.857595][   T13]  __udp_tunnel_nic_add_port+0xb71/0xd60
[  531.863276][   T13]  udp_tunnel_notify_add_rx_port+0x2c5/0x3d0
[  531.869296][   T13]  __vxlan_sock_add+0xda5/0x1310
[  531.874267][   T13]  vxlan_open+0x11c/0x220
[  531.878618][   T13]  __dev_open+0x470/0x880
[  531.882965][   T13]  __dev_change_flags+0x1ea/0x6d0
[  531.888013][   T13]  rtnl_newlink_create+0x555/0xb00
[  531.893136][   T13]  rtnl_newlink+0x16d6/0x1c70
[  531.897853][   T13]  rtnetlink_rcv_msg+0x7cc/0xb70
[  531.902811][   T13]  netlink_rcv_skb+0x208/0x470
[  531.907591][   T13]  netlink_unicast+0x82f/0x9e0
[  531.912369][   T13]  netlink_sendmsg+0x805/0xb30
[  531.917239][   T13]  __sock_sendmsg+0x219/0x270
[  531.921996][   T13]  ____sys_sendmsg+0x52d/0x830
[  531.926769][   T13]  ___sys_sendmsg+0x21f/0x2a0
[  531.931457][   T13]  __sys_sendmmsg+0x227/0x430
[  531.936169][   T13]  __x64_sys_sendmmsg+0xa0/0xc0
[  531.941029][   T13]  do_syscall_64+0xfa/0x3b0
[  531.945542][   T13]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.952064][   T13] 
[  531.954391][   T13] Second to last potentially related work creation:
[  531.960978][   T13]  kasan_save_stack+0x3e/0x60
[  531.965674][   T13]  kasan_record_aux_stack+0xbd/0xd0
[  531.970893][   T13]  insert_work+0x3d/0x330
[  531.975266][   T13]  __queue_work+0xcd2/0xfb0
[  531.979793][   T13]  queue_work_on+0x181/0x270
[  531.984412][   T13]  __udp_tunnel_nic_add_port+0xb71/0xd60
[  531.990064][   T13]  udp_tunnel_notify_add_rx_port+0x2c5/0x3d0
[  531.996056][   T13]  __vxlan_sock_add+0xda5/0x1310
[  532.001012][   T13]  vxlan_open+0xc7/0x220
[  532.005275][   T13]  __dev_open+0x470/0x880
[  532.009618][   T13]  __dev_change_flags+0x1ea/0x6d0
[  532.014690][   T13]  rtnl_newlink_create+0x555/0xb00
[  532.019812][   T13]  rtnl_newlink+0x16d6/0x1c70
[  532.024514][   T13]  rtnetlink_rcv_msg+0x7cc/0xb70
[  532.029532][   T13]  netlink_rcv_skb+0x208/0x470
[  532.034401][   T13]  netlink_unicast+0x82f/0x9e0
[  532.039235][   T13]  netlink_sendmsg+0x805/0xb30
[  532.044044][   T13]  __sock_sendmsg+0x219/0x270
[  532.048780][   T13]  ____sys_sendmsg+0x52d/0x830
[  532.053564][   T13]  ___sys_sendmsg+0x21f/0x2a0
[  532.058265][   T13]  __sys_sendmmsg+0x227/0x430
[  532.063134][   T13]  __x64_sys_sendmmsg+0xa0/0xc0
[  532.068094][   T13]  do_syscall_64+0xfa/0x3b0
[  532.072729][   T13]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.078636][   T13] 
[  532.080968][   T13] The buggy address belongs to the object at ffff88807b04ac00
[  532.080968][   T13]  which belongs to the cache kmalloc-256 of size 256
[  532.095179][   T13] The buggy address is located 176 bytes inside of
[  532.095179][   T13]  freed 256-byte region [ffff88807b04ac00, ffff88807b04ad00)
[  532.109016][   T13] 
[  532.111733][   T13] The buggy address belongs to the physical page:
[  532.118261][   T13] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b04a
[  532.127337][   T13] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  532.135866][   T13] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  532.143518][   T13] page_type: f5(slab)
[  532.147533][   T13] raw: 00fff00000000040 ffff88801a441b40 ffffea0001edaf00 dead000000000002
[  532.156225][   T13] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  532.164852][   T13] head: 00fff00000000040 ffff88801a441b40 ffffea0001edaf00 dead000000000002
[  532.173545][   T13] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  532.182240][   T13] head: 00fff00000000001 ffffea0001ec1281 00000000ffffffff 00000000ffffffff
[  532.190926][   T13] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  532.199600][   T13] page dumped because: kasan: bad access detected
[  532.206145][   T13] page_owner tracks the page as allocated
[  532.212042][   T13] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 20804, tgid 20803 (syz.0.5116), ts 391867009388, free_ts 391597340037
[  532.233698][   T13]  post_alloc_hook+0x240/0x2a0
[  532.238594][   T13]  get_page_from_freelist+0x21e4/0x22c0
[  532.244245][   T13]  __alloc_frozen_pages_noprof+0x181/0x370
[  532.250069][   T13]  alloc_pages_mpol+0x232/0x4a0
[  532.254941][   T13]  allocate_slab+0x8a/0x370
[  532.259466][   T13]  ___slab_alloc+0xbeb/0x1410
[  532.264168][   T13]  __kmalloc_noprof+0x305/0x4f0
[  532.269119][   T13]  __register_sysctl_table+0xba1/0x1340
[  532.274702][   T13]  mpls_dev_sysctl_register+0x188/0x270
[  532.280260][   T13]  mpls_dev_notify+0x357/0x7a0
[  532.285052][   T13]  notifier_call_chain+0x1b3/0x3e0
[  532.290378][   T13]  register_netdevice+0x1608/0x1ae0
[  532.295590][   T13]  tun_set_iff+0x844/0xf00
[  532.300049][   T13]  __tun_chr_ioctl+0x788/0x1df0
[  532.304912][   T13]  __se_sys_ioctl+0xf9/0x170
[  532.309719][   T13]  do_syscall_64+0xfa/0x3b0
[  532.314357][   T13] page last free pid 20387 tgid 20387 stack trace:
[  532.320871][   T13]  __free_frozen_pages+0xbc4/0xd30
[  532.326306][   T13]  rcu_core+0xca8/0x1770
[  532.330582][   T13]  handle_softirqs+0x283/0x870
[  532.335363][   T13]  __irq_exit_rcu+0xca/0x1f0
[  532.339994][   T13]  irq_exit_rcu+0x9/0x30
[  532.344249][   T13]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  532.349897][   T13]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  532.355890][   T13] 
[  532.358218][   T13] Memory state around the buggy address:
[  532.363859][   T13]  ffff88807b04ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  532.371923][   T13]  ffff88807b04ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  532.379991][   T13] >ffff88807b04ac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  532.388151][   T13]                                      ^
[  532.393801][   T13]  ffff88807b04ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  532.402349][   T13]  ffff88807b04ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  532.410423][   T13] ==================================================================
[  532.427411][ T5863] Bluetooth: hci5: command tx timeout
[  532.451820][   T13] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  532.459167][   T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) 
[  532.468484][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  532.478575][   T13] Workqueue: udp_tunnel_nic udp_tunnel_nic_device_sync_work
[  532.485917][   T13] Call Trace:
[  532.489315][   T13]  <TASK>
[  532.492447][   T13]  dump_stack_lvl+0x99/0x250
[  532.497470][   T13]  ? __asan_memcpy+0x40/0x70
[  532.502090][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  532.507370][   T13]  ? __pfx__printk+0x10/0x10
[  532.511992][   T13]  vpanic+0x281/0x750
[  532.516079][   T13]  ? preempt_schedule+0xae/0xc0
[  532.521049][   T13]  ? __pfx_vpanic+0x10/0x10
[  532.525606][   T13]  ? preempt_schedule_common+0x83/0xd0
[  532.531095][   T13]  ? preempt_schedule+0xae/0xc0
[  532.535976][   T13]  ? __pfx_preempt_schedule+0x10/0x10
[  532.541374][   T13]  panic+0xb9/0xc0
[  532.545291][   T13]  ? __pfx_panic+0x10/0x10
[  532.549832][   T13]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  532.555754][   T13]  ? __mutex_lock+0x147/0x1350
[  532.560560][   T13]  check_panic_on_warn+0x89/0xb0
[  532.565765][   T13]  ? __mutex_lock+0x147/0x1350
[  532.570556][   T13]  end_report+0x78/0x160
[  532.574823][   T13]  kasan_report+0x129/0x150
[  532.579442][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  532.585353][   T13]  ? __mutex_lock+0x147/0x1350
[  532.590180][   T13]  __mutex_lock+0x147/0x1350
[  532.594809][   T13]  ? __mutex_lock+0x5bb/0x1350
[  532.599604][   T13]  ? udp_tunnel_nic_device_sync_work+0x39/0xa50
[  532.605905][   T13]  ? __pfx___mutex_lock+0x10/0x10
[  532.611232][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  532.616464][   T13]  ? rcu_is_watching+0x15/0xb0
[  532.621254][   T13]  udp_tunnel_nic_device_sync_work+0x39/0xa50
[  532.627528][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  532.633277][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  532.639011][   T13]  process_scheduled_works+0xae1/0x17b0
[  532.644672][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  532.650854][   T13]  worker_thread+0x8a0/0xda0
[  532.655468][   T13]  kthread+0x70e/0x8a0
[  532.659675][   T13]  ? __pfx_worker_thread+0x10/0x10
[  532.664798][   T13]  ? __pfx_kthread+0x10/0x10
[  532.669407][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  532.674620][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  532.679838][   T13]  ? __pfx_kthread+0x10/0x10
[  532.684526][   T13]  ret_from_fork+0x3f9/0x770
[  532.689132][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  532.694257][   T13]  ? __switch_to_asm+0x39/0x70
[  532.699038][   T13]  ? __switch_to_asm+0x33/0x70
[  532.703844][   T13]  ? __pfx_kthread+0x10/0x10
[  532.708459][   T13]  ret_from_fork_asm+0x1a/0x30
[  532.713253][   T13]  </TASK>
[  532.716627][   T13] Kernel Offset: disabled
[  532.720972][   T13] Rebooting in 86400 seconds..