last executing test programs:

4.532901813s ago: executing program 0 (id=2741):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x18, 0x3, 0x1, 0x401, 0x0, 0xc000000, {0x2}, [@CTA_TUPLE_ORIG={0x4}]}, 0x18}}, 0x0)

4.445139087s ago: executing program 0 (id=2743):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000300)={0x1d, r2}, 0x18) (async)
bind$can_j1939(r1, &(0x7f0000000300)={0x1d, r2}, 0x18)
sendmsg$can_j1939(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {0x0, 0xff}}, 0x18, &(0x7f0000000100)={&(0x7f00000000c0)="d45dac54b098953bd2", 0x9}}, 0x0) (async)
sendmsg$can_j1939(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {0x0, 0xff}}, 0x18, &(0x7f0000000100)={&(0x7f00000000c0)="d45dac54b098953bd2", 0x9}}, 0x0)
sendmsg$can_j1939(r1, &(0x7f0000000000)={&(0x7f0000000500)={0x1d, 0x0, 0x2}, 0x18, &(0x7f0000000380)={0x0}}, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x2, 0x250, [0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000050000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5d626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000000002000000000000000000000000000000000000000000000000000000636c757374657200000000000000000000000000000000000000000000000000100000000000fdffffffffffffff000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000449300000000000000000000000000000000000000000000000000369da91a00000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8)

4.269299596s ago: executing program 2 (id=2745):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x0, 0x0, &(0x7f0000000840)='GPL\x00', 0x0, 0x56, &(0x7f0000000880)=""/86, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000900), 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x0, 0x21e, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x6c}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x42}}, 0xe8)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0xf00, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

4.204168589s ago: executing program 2 (id=2746):
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x300, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c)

4.101629497s ago: executing program 2 (id=2747):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x13, &(0x7f0000000400)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r4, 0x104, 0x2, 0x0, &(0x7f0000000640))

4.056784464s ago: executing program 2 (id=2750):
syz_emit_ethernet(0x5e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd60cb653e00283afffb800000000000000000000000000000ff0200000000000000000000000000018900907800000000fc0100e12d02ed7c3c67fe19fc889049f5f20800000000000000000000000000fe8000000000000000000000000000aa"], 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x32)
getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f0000000080))
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$inet_sctp(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000002c0)="0cc4c53e52cd4f1e2787e1cd1e55684e749d3b21ae068680fadc5cc648c79186f3d98ccd3a5b1732936dcf74538ffc97a9f82112023f2567972515712c7ec4e0ed2220f5425ba6ed76928e28b07ec50b135954b94c32030210aa0e2f4645f46be81d746c6b", 0x65}, {&(0x7f0000000340)="9c89ca312f027074ae7d79f183f678fc695c50a34d0e4133881f084b6d440ab6868186a9eabf0b8e5760adbc5a349da9d1620af787745bee2d6d2e6a84ee1fe7132e692fed0e0fe948d775263f5b67a91c4bd74ceeb68e733b2389262377b79861ddf5d86ca1a6388ab7257d5f1271a35a8c79a96e3e28f094fdfa96736ef41516bd3fbec3fd955247007a18dd527d224592b6fc09a05d5628e73b", 0x9b}], 0x2}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
close(r0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r10 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r10, 0x10d, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r8, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0500000000000000000001000000040002800400030004000180"], 0x20}, 0x1, 0x0, 0x0, 0x44091}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b700000000000000620affffff7f000007000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x3, &(0x7f000000cf3d)=""/195}, 0x23)

3.905487555s ago: executing program 3 (id=2751):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x60, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x8024}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r1 = socket(0x200000100000011, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0))
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)={0x30, 0x0, 0x0, 0x0, 0x0, "", [@generic="d96e6c8d5e85080045f00d80724e11d569116e3a1ce41e2a560254cc0043"]}, 0x30}], 0x1}, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x10, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6, 0xe, 0xa79c}]}}}]}, 0x40}}, 0x0)

3.758706696s ago: executing program 3 (id=2754):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000e40)={0x13, 0x18, 0x1, 0x0, 0x0, {0x1d, 0xd601, 0x9}, [@nested={0x4}]}, 0x18}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2}, 0x48)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$SIOCGSTAMPNS(r2, 0x8907, 0x0)
sendmsg$802154_raw(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000040)="f10ec55757e2e31ca16c2b1802", 0xd}}, 0x0)
recvmmsg(r2, &(0x7f0000004300)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r1}, @call={0x85, 0x0, 0x0, 0x1f}]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000100)={<r4=>0x0, 0xfffe}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000240)={r4, @in={{0x2, 0x4e21, @rand_addr=0x64010101}}, 0x965, 0x4}, &(0x7f00000001c0)=0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a3312779a", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.081341833s ago: executing program 0 (id=2757):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='hybla\x00', 0x6)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)={0x150, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7ab}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5ef2}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_MEDIA={0x8c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1beb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x20}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}, @TIPC_NLA_PUBL_UPPER={0x8}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x8000000}, 0x4)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

2.580960508s ago: executing program 0 (id=2761):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="10030000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fcdbdf2501000000080005000100000014000200776730000000000000000000000000000800070009000000240003000000000000000000000000000000000000000000000000000000000000000000080005000000000064020880cc0100801400040002004e24ffffffff000000000000000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b640109801c000080060001000200000008000200ac1414bb05000300000000000c010080060001000200000008000200ac1414bb0500030000000000060001000a00000014000200fc0100000000000000000000000000000500030003000000060001000200000008000200ac1e01010500030002000000060001000200000008000200000000000500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200ac1e00010500030001000000060001000200000008000200e00000010500030001000000060001000a00000014000200fe80000000000000000000000000000d0500030003000000060001000a000000140002000000000000000000000000000000000105000700030000001c000080060001000200000008000200ac14141205000300020000001c000080060001000200000008000200ffffffff050003000200000008000300000000002000008006000500018000001400040002004e20ffffffff00000000000000007400008008000a00010000000600050009000000200004000a004e21ffffffff200100000000000000000000000000000600000008000300050000002400020050323b6574fe3e3c9a20086a18027141271584832c54d70bc5bf223fbaafcae51400040002004e237f0000010000000000000000240003000000000000000000000000000000000000000000000000000000000000000000060006004e23000014000200776730000000000000000000000000000800050000000000"], 0x310}}, 0x20048800)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, <r5=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000006c0)=ANY=[@ANYBLOB="b80000002d000100000008000000000000000000", @ANYRES32=r5, @ANYBLOB="0b000080976b640868603000910001809bc805e83f918a5caae8d4d9159fbeff56b5445fd9e2397d70cce66623127bfd3181ae29da4d071576c9bf8ab0a71d7b380fed9efec13d7ada1cc8504b07e87032eda8d60fa3efc56afe6b9df3191c2a20a12a8b348fd65055c56eaab0080bcbec1b9e01682dbc82018e06930ae4a8fb7650048ab78045d761a9f61a6c32040f2bd81d90ef632439094314c505000000"], 0xb8}], 0x1}, 0x0)
ioctl$SIOCAX25DELUID(r2, 0x89e2, &(0x7f0000000340)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, r5})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@delneigh={0xac, 0x1d, 0x4, 0x70bd2d, 0x25dfdbfe, {0x1c, 0x0, 0x0, r6, 0x1c, 0x30}, [@NDA_DST_IPV6={0x14, 0x1, @loopback}, @NDA_SRC_VNI={0x8, 0xb, 0x2}, @NDA_VNI={0x8, 0x7, 0x3}, @NDA_DST_IPV6={0x14, 0x1, @private2}, @NDA_FDB_EXT_ATTRS={0x14, 0xe, 0x0, 0x1, [@NFEA_DONT_REFRESH={0x4}, @NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x41}, @NFEA_DONT_REFRESH={0x4}]}, @NDA_PROBES={0x8, 0x4, 0xffffff31}, @NDA_FDB_EXT_ATTRS={0x28, 0xe, 0x0, 0x1, [@NFEA_DONT_REFRESH={0x4}, @NFEA_ACTIVITY_NOTIFY={0x0, 0x1, 0x5}, @NFEA_DONT_REFRESH={0x4}, @NFEA_DONT_REFRESH={0x4}, @NFEA_DONT_REFRESH={0x4}, @NFEA_DONT_REFRESH={0x4}, @NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x2}, @NFEA_DONT_REFRESH={0x4}]}, @NDA_LLADDR={0xa, 0x2, @random="ac8227e587ed"}, @NDA_DST_IPV4={0xfffffffffffffd67, 0x1, @local}]}, 0xac}}, 0x0)
write$binfmt_script(r1, 0x0, 0xfffffe5d)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r7, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64"], 0x3c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14)
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14}}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x50}}, 0x0)

1.72951553s ago: executing program 1 (id=2762):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x4888, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r8, @ANYBLOB="01"], 0x20}}, 0x0)

1.112347016s ago: executing program 3 (id=2763):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad4104c60000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='netlink_extack\x00', r0}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000bc0)={r0, 0xe0, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000940)=[0x0], 0x0, 0x62, &(0x7f0000000980)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000a00), &(0x7f0000000a40), 0x8, 0xe0, 0x8, 0x8, &(0x7f0000000a80)}}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r3 = socket(0x200000000000011, 0x2, 0x0) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x7}]}}}]}, 0x3c}}, 0x0) (async, rerun: 64)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000c80)={'syztnl1\x00', &(0x7f0000000c00)={'syztnl2\x00', <r5=>0x0, 0x40, 0x1, 0x4, 0xfffffc01, {{0xa, 0x4, 0x2, 0x2, 0x28, 0x65, 0x0, 0x2, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, {[@timestamp_addr={0x44, 0x14, 0x74, 0x1, 0xc, [{@broadcast, 0x2}, {@rand_addr=0x64010100, 0x9}]}]}}}}}) (async, rerun: 64)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000002300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r8], 0x20}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000cc0)={'batadv_slave_0\x00', <r9=>0x0})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r11=>0x0}) (async)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000001c00070c000000000000000007000000", @ANYRES32=r11, @ANYBLOB="410196000a000200aaaa1baaaabb000004000e80"], 0x2c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000d00)={'team0\x00', <r13=>0x0}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000e00)={'syztnl1\x00', &(0x7f0000000d40)={'syztnl1\x00', <r14=>0x0, 0x40, 0x97, 0x7fffffff, 0x3, {{0x19, 0x4, 0x1, 0x1e, 0x64, 0x64, 0x0, 0xcc, 0x4, 0x0, @broadcast, @local, {[@end, @rr={0x7, 0x13, 0xbd, [@remote, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @rr={0x7, 0x27, 0xab, [@remote, @loopback, @multicast2, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @empty, @rand_addr=0x64010100, @multicast2]}, @lsrr={0x83, 0x7, 0xb, [@rand_addr=0x64010102]}, @ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x7, 0x48, [@local]}]}}}}}) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000e40)={'geneve1\x00', <r15=>0x0}) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000f00)={'ip6tnl0\x00', &(0x7f0000000e80)={'syztnl1\x00', <r16=>0x0, 0xcf093633dba06462, 0x8, 0x6, 0xc4, 0x2, @dev={0xfe, 0x80, '\x00', 0x42}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1, 0x0, 0x1ad9, 0x45c}}) (async, rerun: 32)
r17 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r18 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r18, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r19=>0x0})
sendmsg$nl_route_sched(r17, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r19, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x1f}}}}]}, 0x48}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000f40)={'team0\x00', <r20=>0x0})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000f80)={0x11, 0x0, <r21=>0x0}, &(0x7f0000000fc0)=0x14)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f00000019c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001980)={&(0x7f0000001000)={0x968, 0x0, 0x20, 0x70bd2d, 0x25dfdbfb, {}, [{{0x8}, {0x1e0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x180}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x150, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x8, 0x4, 0x3, 0x6}, {0xd01f, 0x0, 0xd, 0xcd84}, {0x4, 0xab, 0x3, 0x1}, {0x4, 0x8, 0x2, 0x1}, {0x7ff, 0x8, 0x6a}]}}}]}}, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}, {{0x8}, {0x17c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x6, 0x6, 0xfa, 0x7}, {0x9, 0x1, 0x8, 0xffff}]}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}]}}, {{0x8, 0x1, r4}, {0xf4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x20d}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7f}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r9}}}]}}, {{0x8, 0x1, r11}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r13}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r15}}}]}}, {{0x8}, {0x1f4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x96b}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r16}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r19}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xd540}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x3, 0x9, 0x10, 0x5}, {0x0, 0x8, 0x4, 0x80}, {0x3, 0x1, 0x0, 0x7}]}}}]}}, {{0x8, 0x1, r20}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r21}}}]}}]}, 0x968}, 0x1, 0x0, 0x0, 0x200040d0}, 0x26004040) (async, rerun: 64)
r22 = socket$key(0xf, 0x3, 0x2) (rerun: 64)
sendmsg$key(r22, &(0x7f0000000000)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="020300020c0000000000000000000000030006000000000002000000ac1414bb000000000000000002000100000000000000fb00000000000300050000200000020000000000000000000000000000000100080000000000010014"], 0x60}, 0x1, 0x7}, 0x0)

1.10716715s ago: executing program 4 (id=2764):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x803, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x275a, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x18}}, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0))
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@newtfilter={0x24, 0x10, 0xc27, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0xc}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x12, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

997.433164ms ago: executing program 2 (id=2765):
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000080)=0x9, 0x4)
bind$bt_hci(r1, &(0x7f0000000380)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0xf113a000)
recvmmsg(r1, &(0x7f0000004d40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002200)=""/166, 0xa6}}], 0x1, 0x0, 0x0)
listen(r0, 0x400000001ffffffd)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x7, [@struct={0x0, 0x2, 0x0, 0x13, 0x0, 0x2, [{0x5}, {0x1000000}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x2e]}}, 0x0, 0x43}, 0x20)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x400000000000235, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NETID(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0xe, r3, 0x12e, 0x70bd2c, 0x25dfdbff, {{}, {}, {0x8, 0x2, 0x7}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40094}, 0x4080)
r4 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = accept4(r0, 0x0, 0x0, 0x0)
shutdown(r5, 0x1)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)

982.860956ms ago: executing program 0 (id=2766):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000180), 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r3, 0x117, 0x5, 0x0, 0x1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000005000c0001000000080006004802000005000b"], 0x44}}, 0x0)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r7}, 0x10)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8)
close(r9)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12, 0x4100}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_RSS_QUERY_EN={0xc, 0x7, {0x2}}]}]}, @IFLA_TXQLEN={0x8}]}, 0x3c}}, 0x0)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r9)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r3, &(0x7f0000000640)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9f0000", @ANYRES16=r13, @ANYBLOB="00032cbd7000ffdbdf255a000000"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000180)={&(0x7f0000000440)=""/112, 0x70, 0x0, &(0x7f00000004c0)=""/134, 0x86}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuset.effective_cpus\x00', 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)

887.005496ms ago: executing program 2 (id=2767):
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x0, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
listen(r0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(&(0x7f0000000180)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x802c}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)

854.139402ms ago: executing program 1 (id=2768):
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000006080)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001d00)=[@ip_retopts={{0x14, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xffff}}], 0x30}}], 0x2, 0x0)

657.048216ms ago: executing program 1 (id=2769):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$PPPIOCDISCONN(r0, 0x7439)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$PPPIOCGIDLE64(r1, 0x8010743f, &(0x7f0000000080))
r2 = accept(0xffffffffffffffff, &(0x7f00000000c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000140)=0x80)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000180))
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r2)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r3, 0x300, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x80}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xd8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000019}, 0x890)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000340), r2)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r5, 0x2, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x800)
sendmsg$inet(r4, &(0x7f00000007c0)={&(0x7f0000000440)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000480)="289807b95d49a3093b445fc86ecfc532859d76abef9e16b78a8e01f42678b3a8cc8a912054e9b7026dba6024b4c8566eb38b8625345555a0dc8e", 0x3a}, {&(0x7f00000004c0)="3064cd70da96f6ffa620479b19cb87e28e2fd111f3f9443787a22bd14432385b18759fc2790bd12cda8ceb8d2df139ca0904b832", 0x34}, {&(0x7f0000000500)="0ce898def901c07bfe8bbba16386f1363d1ab956a57fe45a1abc9ee855cc5d", 0x1f}, {&(0x7f0000000540)="cb89299d44edcfbdc971c92c0b4a2b6397454e755399237d49360239503e9f454f26f7d492934765d0b8f1990deb34723dbe9205da353a1b6857f1f0602b6fdf104cae536c39", 0x46}, {&(0x7f00000005c0)="d96cb90373b4a092853da135ca2ce5e45b81a19c2aae60edfe51b28a62d60674c125e0ced92266276b83fe8f5e9cc3cd12ee1683a60a38ef164f174d0340e7978094cfbc9aeaaeb424caea3ac135678717bbfc086323b3abd4d0bacbfa325aa91937b2e1874c2d604812c1d31de9016e1bea53fb123a1c6edecbac397ba55d262437d0bece631c03ea12bd990ae232", 0x8f}, {&(0x7f0000000680)="e1137508c21a0634f2f26bd4377d10283ead7b68c95b28c141c3efc210ac5e292d944fc104ed1850a51c4933b74d131f3c", 0x31}, {&(0x7f00000006c0)="6e5674d59811153db8a84c4de74fdf799f18749ce89800f8336462fcae9ca6b6ce602d71ca81575da2104044eb0273048f83e776", 0x34}], 0x7, &(0x7f0000000780)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}], 0x18}, 0x4000000)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), r4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000880)={'vxcan0\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x64, r6, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004050}, 0xc000)
ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x1)
ioctl$PPPIOCDISCONN(r0, 0x7439)
r8 = syz_init_net_socket$ax25(0x3, 0x3, 0xcc)
close(r8)
ioctl$PPPIOCBRIDGECHAN(r1, 0x40047435, &(0x7f00000009c0)=0xf)
recvmmsg(r2, &(0x7f0000002440)=[{{&(0x7f0000000a00)=@alg, 0x80, &(0x7f0000001f40)=[{&(0x7f0000000a80)=""/87, 0x57}, {&(0x7f0000000b00)=""/88, 0x58}, {&(0x7f0000000b80)=""/185, 0xb9}, {&(0x7f0000000c40)}, {&(0x7f0000000c80)=""/33, 0x21}, {&(0x7f0000000cc0)=""/253, 0xfd}, {&(0x7f0000000dc0)=""/176, 0xb0}, {&(0x7f0000000e80)=""/169, 0xa9}, {&(0x7f0000000f40)=""/4096, 0x1000}], 0x9, &(0x7f0000002000)=""/70, 0x46}, 0x766c}, {{&(0x7f0000002080)=@xdp, 0x80, &(0x7f0000002180)=[{&(0x7f0000002100)=""/112, 0x70}], 0x1, &(0x7f00000021c0)=""/36, 0x24}, 0x2}, {{&(0x7f0000002200)=@rc={0x1f, @none}, 0x80, &(0x7f0000002340)=[{&(0x7f0000002280)=""/163, 0xa3}], 0x1, &(0x7f0000002380)=""/142, 0x8e}, 0x2bc}], 0x3, 0x40000000, &(0x7f0000002500))
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000002580), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r9, &(0x7f0000002640)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002600)={&(0x7f00000025c0)={0x14, r10, 0x400, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000002680)='./cgroup.cpu/syz1\x00', 0x1ff)
ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f00000026c0)={{r8}, "438c8f4801dd43dde37d36af1031067cf98b0337f98e42c77034d25fb064c017356c97d15bfe87c02fc4e7e44d9dc1ace65312b39f4bef894cd9cec23ed30cbf9794faf59b870d14d55d973772ea786e9bf121088f8f776ca15b85e3457bd636ce83a4a3600ea4438ccca145f15f9dc55bd1bf9aed4b874876de9aef8725402b911c3c1dba321d7f66a83aea7e2c714a380d5b897c6f2d9bcdaa568587fa4b63a06eebc260fdf2b48f95da44bb80903ce83f59a6a4071447a86c1e63716c9bfad78e9aea9d7da95f77f9652dea1c792c1dece792d245310a7258ba89f48d8cc05675158d9d711648e6933ef6a15bd2fc7098a652759fd85cdfeeef43f36aaab24c9d96c7a82751efa37215fbe350b0f9a99fda3cbcb9922b6786acc1f74abea527cfa502b53526f6ba7d8d2e3dd60de442ab14e23cecaa496eac72555f202b3ac0981395497a36b84d4e422d82045ccd54ae3b2e1f41b8a9c3384068f5dc223054e9e9402f6dacb02cc5ee7bc591040851fa817c05ea6dab5c0dfd3b1d8b8756cd2d3eed4c45b54da12f5953f513cbe2bab27f461aa6c9cd9b3452c93a2a86a07c7f8c3da3bfe3f4d1efebe4436d24b2be1017ab53844dc543a018e36dab434fe74573fce29f96a3021e542c3000151e35fb1567a52035b5f4aba93172c38a053049c7457f2927d9ecf35031ece0186ba72598177920f74f60cde8256478d4ac71a4b3e9040e1a88d10e1600d006b6d3fcc5ef609ec3a839cddcaabbbd9fd50ae71fd22d5ff19728e1ca4c4173ab074ad3314183cf465fd42d52951f7a324bce557061a4c5271025c8b612ce77febea3ed95803c9ff60f1d8874745e37179a9f5ae4f63d0b631e9c26fae85099fc591cbb5821e2cf72351de4fe249ee086a93974e9cbdd7b8caa9c7044f24ad8de386eaae0e0de383cce02276ff2972702d36377b5a81ace28bb9e2b336bc5b3b29921919d881ccc1a2c854f57d3305f19a3f23563b478baf8c8da92e4e509420b709f20a6e061486ae70c819d0edc52712ca73a7219d09ac2a09b5e2e96275de40ec2128bd343b5adc5f5844379d72c3744b9d992e7f8146bd486e53a12a3a5f4b5bcebca4b57f11955c3f4f071876c6c008d6196af8ddd48231f32320a95d836cbf3f6cfb1a47290fb0a819b5340cfff6b5dbfe8bedff4e68f45686c49377a4c2fbc66fbc2d7439d84f013b7f9063822b10a40845c2863f0e5b38f9e6f58aee810433e3421b3f79e8e8523d3bbdf9a58a180ec605ad717f668ef9b712d6274ed6aebe589cc08c925d61949e299516b0319f806be752a586ef41c506a9c749c83d02811b3e3c75b87d17fd66b9c60a1d6e2ed0a7adeb88979ca584b3dd399c26421f5ecb7e0b96227a325e78f1f0395ca623ecc5f932ca6feb8883cdbf104ef1d54e659b9b83477638f3cd0b0f7d051e3848a429ec8760399a196e56f27bc4450ea02caf13e3b7d62311827fe1d7f4fe9449d015ec72ef687bc58e2491ca288828a368977fe55ae13fe17cbdb647c59623bfb3dbe1531ce9a69e8fdd1cd3f21e86a128358003800ec35ef125091aeb04ef8a0601ae5c7e55e2656fe2ab8ca0ceef6adcf30e4fbec0c2ab3903a5a2cf784f2f862116280a48ec76f4f6f152e8aa2a275b22de32a1d76ca95423090a794c0bcc05c472d9130da4a9ecf5bb0114f2aa6068d87fa1520688c7c90c5c8d48b36232a0c08f0ef2a7a23f879bfbc355dfbf39e452b5dad2abe96af5770dcb31f6c9d96deb8955b460dc41369dadaf7e2ce380c1ead3ecc697400dff82e721906c281cb9c01d4875c3201bb6f3b75ab83ea041628cabb9591301ef1edb8a087d5e84320667e69f833463cc3fc0d08608abf896543e1bf1098de943ef5f0256e13b429c4a8a24798174eae5d466102c26168254d861001cade938fed2b76a9fa7766a144a56a5115a4d5731b2a24f437a3650ae36aac71d7e13b211b4670b124360c7c57437fbdc244102c5de69ad03263c378e9c714b5d410a098490ba2b0e42ef600625e710dd810adbb33028b670bf4c37c23bc1f1e712fb4cb5e55c962e9330134e78beaaf5e06061c1c1b001e77bc9c7a615f2ebbe88db90046cb349e568efe7cdffea00274a392ad312084d251a18a57831faac15f811d260df6032b46fbfbc63fca94d8963b5e90514a95a20e9dd7eb927f7fc9300e2eb2d8260b9c178265d80f910682440e5b896a2ec05163ebf7dd2fd84638cc20d66b23531c109d2aecfe56c4d70e650e5066d019e7f5148c679b837e61d6befba78a7e0e3e3254a5e5f267ec4f870563802a745d5332ed4b61696b35e4a5cf77d5ed9a1948a44321e7030c4232da685f9e930364631239a7c14205cf42d46bd54228f7384a1729959ebfb5a7dc46846e7a89961bd9e2d2cc980983bb5eaa0dc5469cce8494391859ec63dd3da1e704d0550aca880e936ed82aae04176fe59c6a30b9ac57752d15fcae94dd73c1ae6076552950b6e06329f931742e0de2cb20ea6e28ef62b12b67125d4bb4ca4d3cf13acbbbf669a7157b70a10254c6c4a9f8ffc8db211712692e45c001f79a6f6ef4aa31262b97e241f91275031e3aeeb4ad02a50ae0da0b7471cf898dbce86da17edae4ead4fe2e14f26b63f91c0302a378da0f305ffe8c00fcd70d33378553e833f1fc62faba83e9b53faafb1b32a7e518358271182dfedb08d58e82cfea9fddd815b399eaa722a82f03aa4c46ee02427246f3dc89f489d226eed086eba816daecba84a06e593b0c7991baec46c6a9a72517fe67b50dc4d35a386eddaeed0c734ee33962c7f378cbdd7e64d0ce89af79c83ff171513a3a33ca7b5481f283d53229ad978da04727a790d974975bf12896bf000f9e35f366c59120f993d2a01abbdbcda6a22a7bcabc202a8e8007d4e8be6ba6052a11bfcb90497ca5898d3f7622b0fe1be4f621358a25cabf2161265657fcaeaa78f2603639d0f88e5502bf3d62583fb0d72b65ac5c15fc270cad67a9cd229b00f2e0d729750fed32a2c3b0dc99ded66b607af4a09b9dd3c2a0b2b64e83f762a3d58806569b6c1b18b98c22b5ebf474bfeca0d97e61c6ffb3be5a15226cfdaf80d7ed06b7c0d21b0101111efd6851c3adc3f671ea9e5f8d8a54054c7fd5d6934403aeac8c90b25e8422d8954eae0aa64272c50840b21fbba1da129393dceb23d0d37c0f97bcedc4817113016318d866d3f5d5b54d74da8bbe5a51345841076cd58fc6ea5f513d2e98293e3838ad053989a6b90ed538922a297d4f314a2881226a7526beb4e2160c8e6bbea8bbed8ec1b1cfb21f533968732ba9a0fd25138de0b8c83c6b4f4a86d45e9c9422d5b6ce51d7fb2ed3c35f32016cbd62e58a5e4dc768a03adc91136e7247dcd6faa39b07ee57f65b87eca5e5b1ef8769875ad498a6b18d788d5ecfe05dd5ba3b2125432e2889ce6c6b4750aee21f36f47ad662ee997f9fc7ac4df0314f8c6fa7c7b7a146e29a54d51b1baa2c36141d0513c2764360f30cc28271e6766cc0c1d95834b2c6d3f53fbd329642cf5d59a0547f7b67e48d175aa0c3e34888ae3e70c4b1706cf19ebdbb7b9eb7c6bf9811c7601543d65ecc435dea5e877362ab12a903680e44fb8c0c44e902f7d8e3f71adeefe8df5dc503a13eb37ee22f710007d86a5ca4980bba8431689e8a92607bdd5df56d22842c8032020aec521db4bdf51d2d752f4ec0246e58106313df23fa6bba8ebdb994b6def00dee959955802c953e5e7da1662cf469931b0498b13efdf34eb0bfb90e410c1868b6261835228b3b7dc6dfaa0ad3b48ba8afad178499a07f36e1917921f1d8a17b2fa2a517483d3722f532dd2fa29f71ab04730862ed585c39d65195d93c46d47b2cff902b975ed8d8cee1ada14caec16d01631d0eb9390d727828db2b1469a87e4514cd035de817e6c20a6b6fdba47ab8331e24aa473b6d9886e61e6e1c7175aac2335e8ae2c09922e65d7d94990c9039ced4fde601ecff17f5823de5d7408fbaf07592aa376819f3743e97ea0307766647f33002eb13da1a6bfe3890bcdc8e0141005a7856e1ecf05e5985faea007607b758602ca97218465285b637bb95b335436fb5500ebc24aaf3c76bbece4084a91bc4ce2b80a9a9e46fa9a6238897698f52d0e7aebecd69b1f76cac48d0f2dcca88096081a84d34db7bebf237eb8c7cc714fef89e58f83c1459b6474872c9d3cf4ff302d819b4fa9a0880912bf60b3fab87958777d5343433347aec9cc8943d2f0319a576dd87e6416029b54647fe3c39fb5f32fe6c8ef448949d6b0a549d3814ea8d657be57d1f0c61996c5a085b434164800f55fad4ab14603d876450b6c64bc6dddd8ac0f7de9e36a8d4c1f58c1852bb3fba7353c1aed96f2a3503b8cd7f4dec87b7620791086e72efa57c781b6116292a3bb8b02a849eccdc6a292e7a97099ff8c61a1068a94c06a22fe4c62e5d61663fccc3d8bb1c1bae61cab2c4c8d99d373a489848299a1493d22430c16f7e3728fef43f2c878114401442b1dd0dc9d12ddd62482a9b2b5f1f19f0d9c902f5e7b7da26153e9d6b6251aa3ab25c59e58d2b28dd1c99c4b3cbd2124bfd2762d6c264e8498204aef35918a9e6bd1f5f9e5ab02046c675c883e5f2ed892da9e0fcf3561b4fc7011805ad210a3489fad3a7ebe613e3cc9eecc5d5d90ebe5ce2f51968b68fa4adb91da0143e3fc80ff9790748b56de3fcae560e8165f517c4ab2532f34b570875e999cfad7fe449216fb6fa19b5d94e74ad613327014b564a6d604cc461ba8a154a1e77ca78de5e8120f2d395354ed483f41dc20a85ea4a869ba424593dfe83a9daa98a8faa8437c8f056672c356425cdb0d8d3119deb46a1f25382ca12c9e57f00621c0f522abc283738d6c52a5800df5206a1ed1378a4fe8e6b0e0ad28855b829168c89b8a514dbd93f0aac3f1807d08857e4bde808e2f648108e28fce179ebd8bd6fa6923dd1193eab0cf1863214c92bae926302becc6e5488eef12a97cf0493df797b519f36592085ab85fcb69df81536f3809814421f15779bbbe9deb13bc5db011e8b21573025b6c5695bb967bd62b4b8a894cf6abe1a38258fde3de5b831e38a43fc5191df58e854350cf0cde6fccfda2fd6352a911faceff678e8d8bb03a1a9c8c46c55abe7a6743651c6367093692ad963e53867dc6434371644a4cf579f3222480c4e9b3d61f0eb371a8943a0b948c1377f452c5509a9236cf0d8798e5eb1433cd2effe6f71a16f51ca2cec1008d18efef7a63444994ffff06611b10ad6a56dc97da2d3782575ae0398a26520d363922ce789da0937a071ec0cdbdf8ca472921fb2baa6be21adc6634579c11573d10279b76d9389bce334f07a724050adc3d3774470aa7c1d5a1cce8cdff9a0be3e99944179ff5c156c635f23cbdc968098452bd3c79f79fa04c7e3c7fa4a0078a7d331d61f7e93fb792a52a43b6c6c560dd0527b8d891db992d5af25035a81b4c87d31857f3bc055dcab515cb7cffe027cfc3a0bbe2564c797d6095cb577a8c87683d683c938a1010e2bc5f674ef8d337e69182bf531e0e4aceaa5f9415225662197185fd1f9c16f553b42408f72dd6f67c8a580a0b5e250235ffcba6485dac285b28f921c5c5ebb36032adce0760a88d3496d5d78c627172e844ec5e905cfcce02a5814043d779d7fb2ad86427d0fab620e1763b07a317063d6d512d98cb85fb6107e6554acfa41ecc08f48c47a243182232c35e0a5cb60820e8cf05ac447f29ad64c1c43fe168b272ca5"})
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000003700)={0x4, &(0x7f00000036c0)=[{0x2, 0x0, 0x4, 0x3}, {0x8, 0x0, 0x7, 0x1}, {0x5794, 0xff, 0x5a, 0x7}, {0x0, 0x1, 0x3, 0x3ff}]}, 0x10)
r11 = accept(r4, &(0x7f0000003740)=@phonet, &(0x7f00000037c0)=0x80)
sendmsg$nl_route(r11, &(0x7f0000003900)={&(0x7f0000003800)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000038c0)={&(0x7f0000003840)=@ipv6_newnexthop={0x60, 0x68, 0x0, 0x70bd29, 0x25dfdbfe, {0xa, 0x0, 0x2, 0x0, 0x1}, [@NHA_FDB={0x4}, @NHA_RES_GROUP={0x14, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_IDLE_TIMER={0x8, 0x2, 0x1}, @NHA_RES_GROUP_IDLE_TIMER={0x8, 0x2, 0x7}]}, @NHA_GROUP={0x1c, 0x2, [{0x2, 0x4}, {0x0, 0xe0}, {0x1, 0x2}]}, @NHA_GATEWAY={0x14, 0x6, @ip4=@private=0xa010100}]}, 0x60}, 0x1, 0x0, 0x0, 0x48040}, 0x8004)
sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000003cc0)={&(0x7f0000003940)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000003c80)={&(0x7f00000039c0)={0x2b8, 0x0, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x68, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffa}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3ff}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x62}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}]}, @TIPC_NLA_MEDIA={0x38, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2cc6}]}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8000}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_BEARER={0x17c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8000}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}}, {0x14, 0x2, @in={0x2, 0x4e22, @local}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast1}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast2}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @local}}, {0x14, 0x2, @in={0x2, 0x4e21, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'xfrm0\x00'}}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x193b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7c78f8a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}]}]}, 0x2b8}, 0x1, 0x0, 0x0, 0x20044884}, 0x11)

584.55571ms ago: executing program 3 (id=2770):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
unshare(0x8040480) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
pread64(r1, &(0x7f0000000240)=""/202, 0xfffffffffffffdef, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r2, &(0x7f0000000500)="91", 0x0}, 0x20) (async)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000000000000007"], 0x38}}, 0x0) (async)
unshare(0x4000400) (async)
syz_emit_ethernet(0xda, &(0x7f0000000380)={@multicast, @remote, @void, {@mpls_uc={0x8847, {[{0x1f, 0x0, 0x1}, {0x8001, 0x0, 0x1}, {0xd00, 0x0, 0x1}], @ipv4=@icmp={{0x2e, 0x4, 0x0, 0x27, 0xc0, 0x66, 0x0, 0x0, 0x1, 0x0, @empty, @private=0xa010102, {[@end, @timestamp_prespec={0x44, 0x3c, 0xb3, 0x3, 0xb, [{@dev={0xac, 0x14, 0x14, 0x3c}, 0x5}, {@multicast2, 0x200}, {@multicast1, 0x1f}, {@broadcast, 0x8000}, {@multicast1, 0x1}, {@remote, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @cipso={0x86, 0xc, 0x2, [{0x0, 0x2}, {0x0, 0x2}, {0x0, 0x2}]}, @rr={0x7, 0x1b, 0xd1, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @remote]}, @timestamp_addr={0x44, 0x34, 0x84, 0x1, 0x0, [{@rand_addr=0x64010101, 0xb7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x80000000}, {@private=0xa010102, 0x3ff}, {@remote, 0x80000000}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1000}, {@multicast1, 0x5}]}, @ra={0x94, 0x4}, @timestamp={0x44, 0x4, 0xa0, 0x0, 0xc}, @noop]}}, @address_request={0x11, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000000)={0x1, 0x3, [0xed1, 0x32f, 0xfd, 0x8e]})
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000005c0)={0x0, 0x1c, &(0x7f0000000540)=[@in6={0xa, 0x4e20, 0x21a446c0, @empty, 0xaa}]}, &(0x7f0000000180)=0x10) (async)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x18)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x103, 0x1}, 0x20) (async)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r5, 0x29, 0x37, &(0x7f0000000140)=ANY=[@ANYBLOB="0500000000000000"], 0x8) (async)
sendmsg$inet6(r5, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="6000000000000000290000000b0000000008000000000000c910fe880000000000000000000000000001c910fe8000000000000000000000000000000720000000000600"/96], 0x60}, 0x0) (async)
socket$xdp(0x2c, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f00000001c0)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000004c0)=0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x9e}]}, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
write(r0, &(0x7f0000000340)="07000000010000", 0x7)

570.640418ms ago: executing program 4 (id=2771):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x6cc7}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000005200016000000000000000000200000008"], 0x1c}}, 0x0)

491.371203ms ago: executing program 1 (id=2772):
r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
r1 = accept4(r0, &(0x7f0000000540)=@pppol2tpv3, &(0x7f0000000100)=0xfffffffffffffee9, 0x80400)
r2 = syz_init_net_socket$ax25(0x3, 0x0, 0x0)
ioctl$SIOCAX25CTLCON(r2, 0x89e8, 0xfffffffffffffffe)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
pwrite64(r4, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
close(0xffffffffffffffff)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="192e407a", @ANYRES16=0x0, @ANYBLOB="000000000000000000001000000018000180140002006e657464657673696d300000000000000800030000000000"], 0x34}}, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0)
sendmsg$NL80211_CMD_TESTMODE(r4, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="e4010000", @ANYRES16=r5, @ANYBLOB="000127bd7000fcdbdf252d0000002400450096dce4efe36158862aaba9297c8f42bab32a069c3d4190cf1be5db4b34d74f1b300045000427264343723b90ae97c61e159e8ebcbf420776eef3017395f0ad28724b78a8004500a5b738468ab5b2757a249a1ee0c9766e8fc41a3cbeaa83946f40fb820d10f36f8dbcc08bfd251aebbcac4a8d2f422cf556ddd40abfb5d24a9e031eeeb4e4b5f89281df9363f5830d72a2db99c11b71a0a4e860b72a7176c53c8d070b0d0c487cf6246a26c0d8a855001d087a0dc5d062d4b3ef9bf66025e6edcc4471ec850496ea27a5077536bfe036833c0b19c62d06fdb2c2ffb229c9c83fe9f1ba6204c7ee379976b1d400450066d501ba9415fe82883061dc594e12e85a6e91483972c78b854481927ad2e54cc341037df85937f2746a16ba185045031e496669f2fde119f889cfa30879400266dba503253f8ae2ac5ec44bf642549bb2f1ef9f645613eda3330d45ff225615122d6367f0e1b537747d55556b4c85ebfd7028cb5ff32db73865176bd828e707e998c526b3b6ca58563b11512c7ffccf4cf0b114653fc6c19588127c077f226124b0dffe4a4dbb2db77917473f7eafa747d080890b63d5b2f510323587f8d65ae456d7fcb884530634d41377b89cd601"], 0x1e4}, 0x1, 0x0, 0x0, 0x8011}, 0x20000010)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
sendmsg$nl_route(r7, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r9 = socket(0x2, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r9, 0x6, 0x2, 0x0, &(0x7f00000011c0)=0xff7b)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r1)
socket$packet(0x11, 0x3, 0x300)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="1400000010000100000000000000000000056d09f552d8520d0000000a00"/40], 0x28}}, 0x0)
r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r11, &(0x7f0000000000), 0x6)

377.315991ms ago: executing program 3 (id=2773):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x1b8, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x18e, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, @device_a, @broadcast, @random="90e488f9971a", {}, @value}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xb06}}, [{0xdd, 0x66, "eb13a8b3df323b58645505746aa35226d44912415c3d4ac256aa5c2291a3317d27815fda589135d0308f4ff131b3c4a96dde0f9c497c9bbde281223c0596f01156deb1f851f7602fb2299c382c07898a4d7dddbc046ef6a9b938b13f76ccceb4d339a7d92a6a"}, {0xdd, 0x60, "5dad8ac12f96664d51c30bd3379c2d305630cd93fec0b4249d429b451f52399f26b866650e0e9464949a974045190fa9251c8b6aacda7ecc351ee9cb5512364284512cf7643040ee1f52573ed7bb7527b9a86fc2f33bffce71947a0f29cfb9ac"}, {0xdd, 0x78, "83534cd40fda26eabadf3814f88fa9c5d39124ac6ffcf2583cbdd58fa0969b3e6783c46ed2318e977c080347f36fa8d773079f6224521c4c8b10e4a9454bece9457b66b239a7eaff140a8d9131349399c804bb1a81f829c6ab11af5cfe8df9f59ec093d26c17fe50bb0550d71068d1627631bb2db934cb18"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x1b8}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000001580), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000000), 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000003100)={@ifindex, 0xffffffffffffffff, 0x11, 0x10, 0xffffffffffffffff, @prog_fd}, 0x20)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x2f, 0x6e, 0x1, 0x2fb, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40, 0x80, 0x800, 0xe5b}})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="7300000081780000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afc0513466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea01d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a07f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a126a1bdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0d5d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f10bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d00b07862c4fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52c094016406cdd32abf77fea373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515dca8811922929e08538fab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f57cbc05cd897f40693ec427ea71578130cde48de3b4dda0c7b615b57ccd4f8ac729a80f891d91a89d967948b9d95b1f22480ab48969e86b854a8c17f3e264ce11f9f63552364e759eec94572f2f7b0e2f293573d0b80709815f4344f908c00"/2646], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000001500)=ANY=[@ANYBLOB="9feb0100180000000000000028000000280000000200000000000000000000030000000003000000010000a40cdbd684466233299900ffffffff000000000000000100000000000000040000"], &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r7, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000240)="482eadffffffffffff", 0x0}, 0x50)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x6, @multicast}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0180c2000b0086dd6012000800383a00fc010000000000000000000000000000ff0200000000000000000000000000010100007800000000600ad91500002c00ff010000000000000000000000000001fe8000000000000000000000000000040000009000000000"], 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="00e7ff0000000000140003007465616d5f736c6176655f300000000008000a"], 0x3c}}, 0x0)

376.259256ms ago: executing program 4 (id=2774):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073114300000000008510000002000000850000002a00000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x6, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
socket$igmp(0x2, 0x3, 0x2)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000180)={@private, @multicast2, 0x0, "941621a61c5815f4678d8fd4a8e14b0447113c694d1fd55708018620fd419884"}, 0x3c)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a300000f500797a320000000008000440000000000800034000000d001400000000000001439d7a7b2d98232b8ca4e88b2c000000c4a20ac80000010000", @ANYBLOB="7f6a75b5e68cc651630928223c86a08de21aa004fd7ab728528b28d29b3fe2a7d99e84fc3bb914f1e677fac77d58cf976bb8bd939dc765d0b60f937576b7d9bbff972c55d51d20d01fb82b1e55c96764eefe5053074a3ede3e5733761f7bf7262d3718f8caa4e88f9fc0598a72e31c8e1a07", @ANYRES16=r0], 0x58}}, 0x28000004)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd60e7f07500080000fc010000000000000000000000000000fe800000666fa9562f0000000000000000000000aa0000050000000000"], 0x0)

328.21388ms ago: executing program 4 (id=2775):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x5e, &(0x7f00000003c0)={@local, @random="d6c8d81c005b", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x28, 0x6, 0x0, @local, @local, {[], {{0x7266, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@add_addr={0x1e, 0x12, 0x0, 0x12, 0x0, @loopback, 0x0, "95dbb51c0521deaa"}]}}}}}}}}, 0x0)

200.241778ms ago: executing program 4 (id=2776):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x209d}, 0x10)
write(r0, &(0x7f00000000c0)="180000f016005f0214fffffffffffff80700000001000000", 0x18)

173.569938ms ago: executing program 1 (id=2777):
socket$kcm(0x10, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x401, 0x900, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x8}]}}}]}, 0x3c}}, 0x0)

172.746403ms ago: executing program 0 (id=2778):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x4888, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r8, @ANYBLOB="01"], 0x20}}, 0x0)

57.336873ms ago: executing program 3 (id=2779):
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000070000000000000000000000bbfe8000000000000000000000000000aa"], 0x0)

50.452449ms ago: executing program 4 (id=2780):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0xa888, &(0x7f0000000040)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="03011400ff1e430057000800ad0001140000002f0600ac14141fe000e502808a8972bd0f72e410820c520f068c3f1fe4fdfe4b449430ebb52997e36e039b1c598825f80100a3c06376c3304176a167d50261a67a34a09e5fe2bb07b6f14607a8d84bf8"], 0xdd12}], 0x1}, 0x0)

0s ago: executing program 1 (id=2781):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000080)={r2, 0x0, 0x30, 0x0, 0x3000000}, &(0x7f00000000c0)=0x18)

kernel console output (not intermixed with test programs):

y exists on: batadv_slave_1
[  167.167207][ T9342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.177545][ T9342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.188256][ T9342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.198466][ T9342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.209165][ T9342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.242308][ T9342] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.267231][ T9680] netlink: 'syz.1.1504': attribute type 1 has an invalid length.
[  167.283865][ T9342] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.299953][ T9342] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.306925][ T9680] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1504'.
[  167.309508][ T9342] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.327485][ T9342] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.338436][ T9680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1504'.
[  167.394120][ T9680] netlink: 'syz.1.1504': attribute type 72 has an invalid length.
[  167.437553][ T9680] netlink: 'syz.1.1504': attribute type 8 has an invalid length.
[  167.547198][ T2872] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.555064][ T2872] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.662880][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.666336][ T9702] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  167.691186][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.731074][ T9693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.803576][ T9693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.858002][ T9693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.880221][ T9708] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1512'.
[  167.930461][ T9708] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1512'.
[  168.219840][ T9715] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  168.304289][ T9725] netlink: 'syz.4.1517': attribute type 10 has an invalid length.
[  168.333269][ T9725] team0: Device ipvlan1 failed to register rx_handler
[  168.534290][ T9728] netlink: 'syz.2.1518': attribute type 1 has an invalid length.
[  168.545374][ T9728] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1518'.
[  168.557245][ T9728] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1518'.
[  168.570680][ T9728] netlink: 'syz.2.1518': attribute type 72 has an invalid length.
[  168.579312][ T9728] netlink: 'syz.2.1518': attribute type 8 has an invalid length.
[  168.681516][ T9736] syz_tun: entered promiscuous mode
[  168.692539][ T9736] netlink: 'syz.2.1520': attribute type 44 has an invalid length.
[  168.715131][ T9735] syz_tun: left promiscuous mode
[  168.732549][ T9738] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1522'.
[  168.743707][ T9738] gretap0: entered promiscuous mode
[  168.770382][ T9738] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1522'.
[  168.785344][ T9738] 0ªX¹¦Dö»: renamed from gretap0
[  168.795862][ T9738] 0ªX¹¦Dö»: left promiscuous mode
[  168.801247][ T9738] 0ªX¹¦Dö»: entered allmulticast mode
[  169.155824][ T9762] netlink: 'syz.0.1530': attribute type 1 has an invalid length.
[  169.174726][ T9762] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1530'.
[  169.195760][ T9762] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1530'.
[  169.219350][ T9754] netlink: 'syz.0.1530': attribute type 72 has an invalid length.
[  169.327228][ T9767] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1534'.
[  169.401731][ T9773] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  169.469936][ T9765] sit0: left allmulticast mode
[  169.544325][ T9765] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.552448][ T9765] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.695713][ T9777] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  169.835956][ T9765] team_slave_0: left promiscuous mode
[  169.845671][ T9765] team_slave_0: left allmulticast mode
[  169.878514][ T9765] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.920852][ T9765] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.030707][ T9765] vlan0: left promiscuous mode
[  170.084838][ T9765] ipvlan1: left promiscuous mode
[  170.112306][ T9765] ipvlan1: left allmulticast mode
[  170.133502][ T9765] veth0_vlan: left allmulticast mode
[  170.221991][ T9765] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  170.237702][ T9765] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  170.277083][ T9765] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  170.286015][ T9765] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  170.674641][ T9819] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1545'.
[  170.759371][ T9832] x_tables: duplicate underflow at hook 3
[  171.130356][ T9840] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  171.788258][ T9870] FAULT_INJECTION: forcing a failure.
[  171.788258][ T9870] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.840891][ T9870] CPU: 1 PID: 9870 Comm: syz.3.1564 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  171.851029][ T9870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  171.861114][ T9870] Call Trace:
[  171.864417][ T9870]  <TASK>
[  171.867377][ T9870]  dump_stack_lvl+0x241/0x360
[  171.872095][ T9870]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.877329][ T9870]  ? __pfx__printk+0x10/0x10
[  171.881952][ T9870]  ? __pfx_lock_release+0x10/0x10
[  171.886982][ T9870]  ? __lock_acquire+0x1346/0x1fd0
[  171.892009][ T9870]  should_fail_ex+0x3b0/0x4e0
[  171.896691][ T9870]  _copy_from_user+0x2f/0xe0
[  171.901288][ T9870]  kstrtouint_from_user+0xc6/0x190
[  171.906409][ T9870]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  171.912136][ T9870]  ? __pfx_lock_acquire+0x10/0x10
[  171.917167][ T9870]  proc_fail_nth_write+0xaa/0x2d0
[  171.922186][ T9870]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  171.928078][ T9870]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  171.933711][ T9870]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  171.939338][ T9870]  vfs_write+0x2a2/0xc90
[  171.943585][ T9870]  ? __pfx_vfs_write+0x10/0x10
[  171.948388][ T9870]  ? __fget_files+0x29/0x470
[  171.952989][ T9870]  ? __fget_files+0x3f6/0x470
[  171.957676][ T9870]  ksys_write+0x1a0/0x2c0
[  171.962007][ T9870]  ? __pfx_ksys_write+0x10/0x10
[  171.966855][ T9870]  ? do_syscall_64+0x100/0x230
[  171.971620][ T9870]  ? do_syscall_64+0xb6/0x230
[  171.976300][ T9870]  do_syscall_64+0xf3/0x230
[  171.980803][ T9870]  ? clear_bhb_loop+0x35/0x90
[  171.985483][ T9870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.991375][ T9870] RIP: 0033:0x7fc38b97475f
[  171.995785][ T9870] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  172.015398][ T9870] RSP: 002b:00007fc38c6e3040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  172.023815][ T9870] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc38b97475f
[  172.031779][ T9870] RDX: 0000000000000001 RSI: 00007fc38c6e30b0 RDI: 0000000000000006
[  172.039741][ T9870] RBP: 00007fc38c6e30a0 R08: 0000000000000000 R09: 0000000000000000
[  172.047714][ T9870] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  172.055723][ T9870] R13: 000000000000000b R14: 00007fc38bb03f60 R15: 00007ffdf20140a8
[  172.063707][ T9870]  </TASK>
[  172.149431][ T9880] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  172.343963][ T9897] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  172.575227][ T9914] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  172.933450][ T9929] __nla_validate_parse: 8 callbacks suppressed
[  172.933464][ T9929] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1587'.
[  173.004570][ T9931] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1588'.
[  173.050826][ T9933] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1589'.
[  173.062933][ T9933] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1589'.
[  173.349213][ T9949] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1595'.
[  173.460998][ T9942] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  173.773642][ T9957] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  173.799842][ T9957] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  173.823584][ T9957] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  173.833057][ T9957] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  173.842698][ T9957] geneve3: entered promiscuous mode
[  173.853865][ T9957] geneve3: entered allmulticast mode
[  174.005033][ T9969] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1599'.
[  174.031801][ T9968] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  174.339307][ T9985] FAULT_INJECTION: forcing a failure.
[  174.339307][ T9985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.357162][ T9985] CPU: 0 PID: 9985 Comm: syz.0.1608 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  174.367288][ T9985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  174.377370][ T9985] Call Trace:
[  174.380679][ T9985]  <TASK>
[  174.383641][ T9985]  dump_stack_lvl+0x241/0x360
[  174.388363][ T9985]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.393597][ T9985]  ? __pfx__printk+0x10/0x10
[  174.398223][ T9985]  ? __pfx_lock_release+0x10/0x10
[  174.403277][ T9985]  should_fail_ex+0x3b0/0x4e0
[  174.407991][ T9985]  _copy_from_user+0x2f/0xe0
[  174.412607][ T9985]  copy_msghdr_from_user+0xae/0x680
[  174.417855][ T9985]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  174.423755][ T9985]  __sys_sendmsg+0x23d/0x3a0
[  174.428412][ T9985]  ? __pfx___sys_sendmsg+0x10/0x10
[  174.433562][ T9985]  ? vfs_write+0x7c4/0xc90
[  174.438049][ T9985]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  174.444410][ T9985]  ? do_syscall_64+0x100/0x230
[  174.449213][ T9985]  ? do_syscall_64+0xb6/0x230
[  174.453931][ T9985]  do_syscall_64+0xf3/0x230
[  174.458465][ T9985]  ? clear_bhb_loop+0x35/0x90
[  174.463175][ T9985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.469105][ T9985] RIP: 0033:0x7f8e83375bd9
[  174.473624][ T9985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.493255][ T9985] RSP: 002b:00007f8e840f5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.501707][ T9985] RAX: ffffffffffffffda RBX: 00007f8e83503f60 RCX: 00007f8e83375bd9
[  174.509713][ T9985] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  174.517806][ T9985] RBP: 00007f8e840f50a0 R08: 0000000000000000 R09: 0000000000000000
[  174.525807][ T9985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.533805][ T9985] R13: 000000000000000b R14: 00007f8e83503f60 R15: 00007ffe6ac34b28
[  174.541825][ T9985]  </TASK>
[  174.569148][ T9983] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1607'.
[  174.607183][ T9987] validate_nla: 4 callbacks suppressed
[  174.607203][ T9987] netlink: 'syz.4.1609': attribute type 1 has an invalid length.
[  174.633716][ T9987] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1609'.
[  174.721817][ T9987] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1609'.
[  174.811983][ T9999] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  174.823041][ T9999] FAULT_INJECTION: forcing a failure.
[  174.823041][ T9999] name failslab, interval 1, probability 0, space 0, times 0
[  174.834903][T10001] syz_tun: entered promiscuous mode
[  174.836157][ T9999] CPU: 1 PID: 9999 Comm: syz.0.1613 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  174.851434][ T9999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  174.861515][ T9999] Call Trace:
[  174.864821][ T9999]  <TASK>
[  174.867776][ T9999]  dump_stack_lvl+0x241/0x360
[  174.872489][ T9999]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.877716][ T9999]  ? __pfx__printk+0x10/0x10
[  174.882348][ T9999]  ? fib_lookup+0x81/0x450
[  174.886805][ T9999]  should_fail_ex+0x3b0/0x4e0
[  174.891523][ T9999]  ? dst_alloc+0x12b/0x190
[  174.896057][ T9999]  should_failslab+0x9/0x20
[  174.900589][ T9999]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  174.906002][ T9999]  dst_alloc+0x12b/0x190
[  174.910299][ T9999]  ip_route_output_key_hash_rcu+0x13cc/0x2390
[  174.916427][ T9999]  ip_route_output_key_hash+0x193/0x2b0
[  174.922015][ T9999]  ? ip_route_output_key_hash+0xdf/0x2b0
[  174.927678][ T9999]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  174.933782][ T9999]  ? make_kuid+0x204/0x710
[  174.938247][ T9999]  ? l3mdev_fib_table+0x14b/0x160
[  174.943333][ T9999]  icmp_route_lookup+0x519/0x9d0
[  174.948311][ T9999]  ? __pfx_lock_acquire+0x10/0x10
[  174.953386][ T9999]  ? __pfx_icmp_route_lookup+0x10/0x10
[  174.958882][ T9999]  ? __ip_options_echo+0x3a8/0x1590
[  174.964118][ T9999]  ? __asan_memcpy+0x40/0x70
[  174.968741][ T9999]  ? __ip_options_echo+0xdfd/0x1590
[  174.973994][ T9999]  __icmp_send+0xcd0/0x14e0
[  174.978558][ T9999]  ? __icmp_send+0x59c/0x14e0
[  174.983271][ T9999]  ? __pfx___icmp_send+0x10/0x10
[  174.988308][ T9999]  ? ip_vs_conn_hashkey_param+0x3ad/0x6b0
[  174.994079][ T9999]  ip_vs_leave+0x510/0xdc0
[  174.998531][ T9999]  ? __pfx_ip_vs_schedule+0x10/0x10
[  175.003771][ T9999]  ? __pfx_ip_vs_leave+0x10/0x10
[  175.008746][ T9999]  ? ip_vs_conn_out_get+0xba6/0xc00
[  175.013986][ T9999]  ? ip_vs_service_find+0xd92/0xf40
[  175.019237][ T9999]  tcp_conn_schedule+0x569/0x880
[  175.024214][ T9999]  ? __pfx_tcp_conn_schedule+0x10/0x10
[  175.029710][ T9999]  ? __pfx_ip_vs_conn_out_get_proto+0x10/0x10
[  175.035819][ T9999]  ip_vs_in_hook+0xe39/0x2280
[  175.040551][ T9999]  ? __pfx_ip_vs_in_hook+0x10/0x10
[  175.045721][ T9999]  ? ip_route_input_noref+0x203/0x260
[  175.051126][ T9999]  ? __pfx_ip_vs_in_hook+0x10/0x10
[  175.056270][ T9999]  nf_hook_slow+0xc3/0x220
[  175.060722][ T9999]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  175.066733][ T9999]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  175.072754][ T9999]  NF_HOOK+0x29e/0x450
[  175.076862][ T9999]  ? NF_HOOK+0x9a/0x450
[  175.081047][ T9999]  ? __pfx_NF_HOOK+0x10/0x10
[  175.085671][ T9999]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  175.091689][ T9999]  ? ip_rcv_finish+0x406/0x560
[  175.096489][ T9999]  ? __pfx_ip_rcv_finish+0x10/0x10
[  175.101641][ T9999]  NF_HOOK+0x3a4/0x450
[  175.105751][ T9999]  ? NF_HOOK+0x9a/0x450
[  175.109947][ T9999]  ? __pfx_NF_HOOK+0x10/0x10
[  175.114571][ T9999]  ? ip_rcv_core+0x7ff/0xd10
[  175.119210][ T9999]  ? __pfx_ip_rcv_finish+0x10/0x10
[  175.124367][ T9999]  ? __pfx_ip_rcv+0x10/0x10
[  175.128910][ T9999]  __netif_receive_skb+0x2bf/0x650
[  175.134070][ T9999]  ? __pfx_lock_acquire+0x10/0x10
[  175.139132][ T9999]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  175.145412][ T9999]  ? __pfx___netif_receive_skb+0x10/0x10
[  175.151077][ T9999]  ? __kasan_slab_alloc+0x66/0x80
[  175.156140][ T9999]  ? read_tsc+0x9/0x20
[  175.160245][ T9999]  ? timekeeping_get_ns+0x2c0/0x420
[  175.165489][ T9999]  ? netif_receive_skb+0x131/0x890
[  175.170635][ T9999]  ? netif_receive_skb+0x131/0x890
[  175.175786][ T9999]  netif_receive_skb+0x1e8/0x890
[  175.180766][ T9999]  ? tun_rx_batched+0x160/0x8f0
[  175.185663][ T9999]  ? __pfx_netif_receive_skb+0x10/0x10
[  175.191177][ T9999]  ? tun_rx_batched+0x160/0x8f0
[  175.196069][ T9999]  tun_rx_batched+0x1b7/0x8f0
[  175.200778][ T9999]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  175.207143][ T9999]  ? __pfx_lock_acquire+0x10/0x10
[  175.212205][ T9999]  ? __pfx_tun_rx_batched+0x10/0x10
[  175.217469][ T9999]  tun_get_user+0x2f35/0x4560
[  175.222196][ T9999]  ? tun_get_user+0x2a2f/0x4560
[  175.227094][ T9999]  ? __pfx_tun_get_user+0x10/0x10
[  175.232152][ T9999]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  175.237716][ T9999]  ? tun_get+0x1e/0x2f0
[  175.241919][ T9999]  ? tun_get+0x1e/0x2f0
[  175.246098][ T9999]  ? tun_get+0x27d/0x2f0
[  175.250360][ T9999]  tun_chr_write_iter+0x113/0x1f0
[  175.255401][ T9999]  vfs_write+0xa72/0xc90
[  175.259661][ T9999]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  175.265201][ T9999]  ? __pfx_vfs_write+0x10/0x10
[  175.269974][ T9999]  ksys_write+0x1a0/0x2c0
[  175.274328][ T9999]  ? __pfx_ksys_write+0x10/0x10
[  175.279183][ T9999]  ? do_syscall_64+0x100/0x230
[  175.283954][ T9999]  ? do_syscall_64+0xb6/0x230
[  175.288664][ T9999]  do_syscall_64+0xf3/0x230
[  175.293187][ T9999]  ? clear_bhb_loop+0x35/0x90
[  175.297889][ T9999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.303807][ T9999] RIP: 0033:0x7f8e8337475f
[  175.308342][ T9999] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  175.328068][ T9999] RSP: 002b:00007f8e840f5010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  175.336536][ T9999] RAX: ffffffffffffffda RBX: 00007f8e83503f60 RCX: 00007f8e8337475f
[  175.344518][ T9999] RDX: 0000000000000052 RSI: 0000000020000080 RDI: 00000000000000c8
[  175.352505][ T9999] RBP: 00007f8e840f50a0 R08: 0000000000000000 R09: 0000000000000000
[  175.360490][ T9999] R10: 0000000000000052 R11: 0000000000000293 R12: 0000000000000002
[  175.368462][ T9999] R13: 000000000000000b R14: 00007f8e83503f60 R15: 00007ffe6ac34b28
[  175.376439][ T9999]  </TASK>
[  175.392806][T10001] syz_tun: left promiscuous mode
[  175.465409][T10006] sch_tbf: burst 88 is lower than device macvlan1 mtu (1514) !
[  175.887403][T10044] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1632'.
[  176.370380][T10079] netlink: 'syz.4.1643': attribute type 1 has an invalid length.
[  176.524111][T10090] syzkaller1: entered promiscuous mode
[  176.540077][T10090] syzkaller1: entered allmulticast mode
[  176.871149][T10108] xt_ecn: cannot match TCP bits for non-tcp packets
[  176.999770][T10124] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  177.447701][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.658607][T10152] netlink: 'syz.4.1668': attribute type 1 has an invalid length.
[  177.826284][T10156] xt_CT: You must specify a L4 protocol and not use inversions on it
[  177.997593][T10160] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  178.782403][T10176] geneve2: entered promiscuous mode
[  178.805671][T10176] geneve2: entered allmulticast mode
[  178.966697][T10195] netlink: 'syz.3.1683': attribute type 10 has an invalid length.
[  179.056189][T10195] bond0: (slave netdevsim0): Releasing backup interface
[  179.081451][T10195] team0: Port device netdevsim0 added
[  179.097676][T10201] netlink: 'syz.3.1683': attribute type 10 has an invalid length.
[  179.130871][ T5145] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.157136][T10209] netlink: 'syz.4.1689': attribute type 10 has an invalid length.
[  179.194849][T10209] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  179.362607][T10214] tipc: Started in network mode
[  179.372520][T10214] tipc: Node identity 86fc5b7dc2d2, cluster identity 4711
[  179.396029][T10214] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  179.403515][T10221] __nla_validate_parse: 7 callbacks suppressed
[  179.403532][T10221] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1694'.
[  179.436338][T10226] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1696'.
[  179.468026][T10214] tipc: Resetting bearer <eth:syzkaller0>
[  179.496475][T10213] tipc: Disabling bearer <eth:syzkaller0>
[  179.784260][T10242] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1701'.
[  179.799565][T10249] FAULT_INJECTION: forcing a failure.
[  179.799565][T10249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.820509][T10249] CPU: 0 PID: 10249 Comm: syz.1.1704 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  179.830783][T10249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  179.840864][T10249] Call Trace:
[  179.844176][T10249]  <TASK>
[  179.847128][T10249]  dump_stack_lvl+0x241/0x360
[  179.851846][T10249]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.857091][T10249]  ? __pfx__printk+0x10/0x10
[  179.861713][T10249]  ? __pfx_lock_release+0x10/0x10
[  179.866767][T10249]  should_fail_ex+0x3b0/0x4e0
[  179.871477][T10249]  _copy_from_user+0x2f/0xe0
[  179.876103][T10249]  copy_msghdr_from_user+0xae/0x680
[  179.881339][T10249]  ? __pfx___might_resched+0x10/0x10
[  179.886658][T10249]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  179.892504][T10249]  ? __might_fault+0xaa/0x120
[  179.897215][T10249]  do_recvmmsg+0x40f/0xae0
[  179.901672][T10249]  ? __pfx_lock_release+0x10/0x10
[  179.906724][T10249]  ? __pfx_do_recvmmsg+0x10/0x10
[  179.911712][T10249]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  179.917723][T10249]  ? ksys_write+0x23e/0x2c0
[  179.922250][T10249]  ? __pfx_lock_release+0x10/0x10
[  179.927304][T10249]  ? vfs_write+0x7c4/0xc90
[  179.931766][T10249]  ? __mutex_unlock_slowpath+0x21d/0x750
[  179.937437][T10249]  ? __fget_files+0x3f6/0x470
[  179.942146][T10249]  __x64_sys_recvmmsg+0x199/0x250
[  179.947198][T10249]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  179.952778][T10249]  ? do_syscall_64+0x100/0x230
[  179.957579][T10249]  ? do_syscall_64+0xb6/0x230
[  179.962292][T10249]  do_syscall_64+0xf3/0x230
[  179.966819][T10249]  ? clear_bhb_loop+0x35/0x90
[  179.971521][T10249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.977452][T10249] RIP: 0033:0x7f14e7375bd9
[  179.981898][T10249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.001618][T10249] RSP: 002b:00007f14e8128048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  180.010069][T10249] RAX: ffffffffffffffda RBX: 00007f14e7503f60 RCX: 00007f14e7375bd9
[  180.018068][T10249] RDX: 000000000000049f RSI: 0000000020006100 RDI: 0000000000000009
[  180.026067][T10249] RBP: 00007f14e81280a0 R08: 0000000000000000 R09: 0000000000000000
[  180.034154][T10249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  180.042155][T10249] R13: 000000000000000b R14: 00007f14e7503f60 R15: 00007fffc52d18c8
[  180.050173][T10249]  </TASK>
[  180.125194][T10259] vlan2: entered promiscuous mode
[  180.132032][T10259] veth0: entered promiscuous mode
[  180.148267][T10259] vlan2: entered allmulticast mode
[  180.154678][T10259] veth0: entered allmulticast mode
[  180.180975][T10259] veth0: left allmulticast mode
[  180.186064][T10259] veth0: left promiscuous mode
[  180.286525][T10270] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1713'.
[  180.431141][T10281] netlink: 'syz.4.1718': attribute type 1 has an invalid length.
[  180.446986][T10279] FAULT_INJECTION: forcing a failure.
[  180.446986][T10279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.481858][T10282] bond0: option miimon: invalid value (18446744073072082944)
[  180.488438][T10279] CPU: 0 PID: 10279 Comm: syz.1.1717 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  180.497209][T10282] bond0: option miimon: allowed values 0 - 2147483647
[  180.499401][T10279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  180.516255][T10279] Call Trace:
[  180.519555][T10279]  <TASK>
[  180.522501][T10279]  dump_stack_lvl+0x241/0x360
[  180.527215][T10279]  ? __pfx_dump_stack_lvl+0x10/0x10
[  180.532438][T10279]  ? __pfx__printk+0x10/0x10
[  180.537061][T10279]  ? snprintf+0xda/0x120
[  180.538104][T10285] bond0: option miimon: invalid value (18446744073072082944)
[  180.541306][T10279]  should_fail_ex+0x3b0/0x4e0
[  180.553368][T10279]  _copy_to_user+0x2f/0xb0
[  180.557819][T10279]  simple_read_from_buffer+0xca/0x150
[  180.563225][T10279]  proc_fail_nth_read+0x1e9/0x250
[  180.568280][T10279]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  180.573847][T10279]  ? rw_verify_area+0x520/0x6b0
[  180.578716][T10279]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  180.584267][T10279]  vfs_read+0x204/0xbc0
[  180.588423][T10279]  ? __pfx_lock_release+0x10/0x10
[  180.593444][T10279]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  180.599341][T10279]  ? __pfx_vfs_read+0x10/0x10
[  180.604020][T10279]  ? __fget_files+0x29/0x470
[  180.608615][T10279]  ? __fget_files+0x3f6/0x470
[  180.613299][T10279]  ksys_read+0x1a0/0x2c0
[  180.617559][T10279]  ? __pfx_ksys_read+0x10/0x10
[  180.622336][T10279]  ? do_syscall_64+0x100/0x230
[  180.627112][T10279]  ? do_syscall_64+0xb6/0x230
[  180.631799][T10279]  do_syscall_64+0xf3/0x230
[  180.636306][T10279]  ? clear_bhb_loop+0x35/0x90
[  180.640990][T10279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.646995][T10279] RIP: 0033:0x7f14e73746bc
[  180.651421][T10279] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  180.671027][T10279] RSP: 002b:00007f14e8128040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  180.679452][T10279] RAX: ffffffffffffffda RBX: 00007f14e7503f60 RCX: 00007f14e73746bc
[  180.687417][T10279] RDX: 000000000000000f RSI: 00007f14e81280b0 RDI: 0000000000000006
[  180.695381][T10279] RBP: 00007f14e81280a0 R08: 0000000000000000 R09: 0000000000000000
[  180.703366][T10279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.711335][T10279] R13: 000000000000000b R14: 00007f14e7503f60 R15: 00007fffc52d18c8
[  180.719314][T10279]  </TASK>
[  180.744198][T10281] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.1718'.
[  180.751107][T10285] bond0: option miimon: allowed values 0 - 2147483647
[  180.780523][T10281] netlink: 'syz.4.1718': attribute type 1 has an invalid length.
[  180.930112][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  180.991037][T10307] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1722'.
[  181.244535][T10318] netlink: 'syz.4.1729': attribute type 1 has an invalid length.
[  181.254564][T10318] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1729'.
[  181.265287][T10318] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1729'.
[  181.946424][T10342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.965968][T10342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.992875][ T9784] IPVS: starting estimator thread 0...
[  182.036104][T10338] tap0: tun_chr_ioctl cmd 1074025677
[  182.043112][T10338] tap0: linktype set to 147
[  182.097231][T10344] IPVS: using max 32 ests per chain, 76800 per kthread
[  182.235363][T10349] IPVS: set_ctl: invalid protocol: 44 172.20.20.170:20004
[  182.305777][T10353] netlink: 'syz.4.1743': attribute type 1 has an invalid length.
[  182.317094][T10353] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1743'.
[  182.343757][T10353] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1743'.
[  182.439783][T10361] netlink: 'syz.1.1745': attribute type 3 has an invalid length.
[  182.609669][T10365] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  183.017635][T10388] netlink: 'syz.0.1758': attribute type 1 has an invalid length.
[  183.313482][T10406] FAULT_INJECTION: forcing a failure.
[  183.313482][T10406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.358648][T10406] CPU: 0 PID: 10406 Comm: syz.3.1767 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  183.368864][T10406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  183.378958][T10406] Call Trace:
[  183.382252][T10406]  <TASK>
[  183.385198][T10406]  dump_stack_lvl+0x241/0x360
[  183.389915][T10406]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.395142][T10406]  ? __pfx__printk+0x10/0x10
[  183.399765][T10406]  ? __pfx_lock_release+0x10/0x10
[  183.404810][T10406]  ? rcu_is_watching+0x15/0xb0
[  183.409594][T10406]  should_fail_ex+0x3b0/0x4e0
[  183.414289][T10406]  _copy_from_iter+0x1f6/0x1960
[  183.419166][T10406]  ? alloc_pages_mpol_noprof+0x417/0x680
[  183.424796][T10406]  ? __pfx__copy_from_iter+0x10/0x10
[  183.430083][T10406]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  183.436067][T10406]  ? alloc_pages_noprof+0xef/0x170
[  183.441174][T10406]  ? page_copy_sane+0x46/0x260
[  183.445938][T10406]  copy_page_from_iter+0x7a/0x100
[  183.450957][T10406]  tun_get_user+0x1f48/0x4560
[  183.455638][T10406]  ? tun_get_user+0x84c/0x4560
[  183.460408][T10406]  ? __pfx_tun_get_user+0x10/0x10
[  183.465431][T10406]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  183.470889][T10406]  ? tun_get+0x1e/0x2f0
[  183.475050][T10406]  ? tun_get+0x1e/0x2f0
[  183.479204][T10406]  ? tun_get+0x27d/0x2f0
[  183.483445][T10406]  tun_chr_write_iter+0x113/0x1f0
[  183.488468][T10406]  vfs_write+0xa72/0xc90
[  183.492709][T10406]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  183.498250][T10406]  ? __pfx_vfs_write+0x10/0x10
[  183.503023][T10406]  ksys_write+0x1a0/0x2c0
[  183.507354][T10406]  ? __pfx_ksys_write+0x10/0x10
[  183.512203][T10406]  ? do_syscall_64+0x100/0x230
[  183.516973][T10406]  ? do_syscall_64+0xb6/0x230
[  183.521661][T10406]  do_syscall_64+0xf3/0x230
[  183.526164][T10406]  ? clear_bhb_loop+0x35/0x90
[  183.530841][T10406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.536733][T10406] RIP: 0033:0x7fc38b97475f
[  183.541151][T10406] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  183.560751][T10406] RSP: 002b:00007fc38c6e3010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  183.569163][T10406] RAX: ffffffffffffffda RBX: 00007fc38bb03f60 RCX: 00007fc38b97475f
[  183.577130][T10406] RDX: 0000000000000046 RSI: 0000000020000540 RDI: 00000000000000c8
[  183.585116][T10406] RBP: 00007fc38c6e30a0 R08: 0000000000000000 R09: 0000000000000000
[  183.593082][T10406] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[  183.601047][T10406] R13: 000000000000000b R14: 00007fc38bb03f60 R15: 00007ffdf20140a8
[  183.609025][T10406]  </TASK>
[  183.636403][T10412] delete_channel: no stack
[  183.851634][T10418] vlan2: entered promiscuous mode
[  183.998441][T10429] netlink: 'syz.0.1774': attribute type 1 has an invalid length.
[  184.171745][T10444] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  184.325117][T10463] FAULT_INJECTION: forcing a failure.
[  184.325117][T10463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.341515][T10466] FAULT_INJECTION: forcing a failure.
[  184.341515][T10466] name failslab, interval 1, probability 0, space 0, times 0
[  184.347662][T10463] CPU: 1 PID: 10463 Comm: syz.0.1787 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  184.364314][T10463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  184.374462][T10463] Call Trace:
[  184.377751][T10463]  <TASK>
[  184.380685][T10463]  dump_stack_lvl+0x241/0x360
[  184.385379][T10463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.390586][T10463]  ? __pfx__printk+0x10/0x10
[  184.395191][T10463]  ? __pfx_lock_release+0x10/0x10
[  184.400232][T10463]  should_fail_ex+0x3b0/0x4e0
[  184.404936][T10463]  _copy_to_user+0x2f/0xb0
[  184.409364][T10463]  generic_map_lookup_batch+0x8f5/0xf90
[  184.414923][T10463]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  184.420990][T10463]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  184.427050][T10463]  bpf_map_do_batch+0x2d2/0x690
[  184.431894][T10463]  __sys_bpf+0x654/0x810
[  184.436136][T10463]  ? __pfx___sys_bpf+0x10/0x10
[  184.440910][T10463]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  184.446984][T10463]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.453312][T10463]  ? do_syscall_64+0x100/0x230
[  184.458078][T10463]  __x64_sys_bpf+0x7c/0x90
[  184.462494][T10463]  do_syscall_64+0xf3/0x230
[  184.466992][T10463]  ? clear_bhb_loop+0x35/0x90
[  184.471664][T10463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.477590][T10463] RIP: 0033:0x7f8e83375bd9
[  184.482002][T10463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.501621][T10463] RSP: 002b:00007f8e840f5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  184.510058][T10463] RAX: ffffffffffffffda RBX: 00007f8e83503f60 RCX: 00007f8e83375bd9
[  184.518025][T10463] RDX: 0000000000000038 RSI: 00000000200003c0 RDI: 0000000000000018
[  184.525986][T10463] RBP: 00007f8e840f50a0 R08: 0000000000000000 R09: 0000000000000000
[  184.533946][T10463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  184.541911][T10463] R13: 000000000000000b R14: 00007f8e83503f60 R15: 00007ffe6ac34b28
[  184.549895][T10463]  </TASK>
[  184.553275][T10466] CPU: 0 PID: 10466 Comm: syz.2.1788 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  184.563466][T10466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  184.573627][T10466] Call Trace:
[  184.576926][T10466]  <TASK>
[  184.579878][T10466]  dump_stack_lvl+0x241/0x360
[  184.584585][T10466]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.589820][T10466]  ? __pfx__printk+0x10/0x10
[  184.594440][T10466]  ? __pfx___might_resched+0x10/0x10
[  184.599767][T10466]  should_fail_ex+0x3b0/0x4e0
[  184.604481][T10466]  should_failslab+0x9/0x20
[  184.609014][T10466]  __kmalloc_node_noprof+0xdf/0x440
[  184.614241][T10466]  ? qdisc_alloc+0x97/0xa80
[  184.618777][T10466]  qdisc_alloc+0x97/0xa80
[  184.623138][T10466]  qdisc_create+0x182/0x11a0
[  184.627761][T10466]  ? __pfx_qdisc_create+0x10/0x10
[  184.632792][T10466]  tc_modify_qdisc+0xa26/0x1e40
[  184.637648][T10466]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  184.642952][T10466]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  184.648249][T10466]  rtnetlink_rcv_msg+0x89b/0x1180
[  184.653283][T10466]  ? rtnetlink_rcv_msg+0x208/0x1180
[  184.658486][T10466]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  184.663946][T10466]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  184.669920][T10466]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.676244][T10466]  ? __local_bh_enable_ip+0x168/0x200
[  184.681607][T10466]  ? lockdep_hardirqs_on+0x99/0x150
[  184.686806][T10466]  ? __local_bh_enable_ip+0x168/0x200
[  184.692174][T10466]  ? dev_hard_start_xmit+0x773/0x7e0
[  184.697460][T10466]  ? __dev_queue_xmit+0x2d2/0x3d30
[  184.702566][T10466]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  184.708283][T10466]  ? __dev_queue_xmit+0x2d2/0x3d30
[  184.713393][T10466]  ? __dev_queue_xmit+0x16c9/0x3d30
[  184.718596][T10466]  ? __dev_queue_xmit+0x2d2/0x3d30
[  184.723707][T10466]  ? ref_tracker_free+0x643/0x7e0
[  184.728737][T10466]  netlink_rcv_skb+0x1e3/0x430
[  184.733503][T10466]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  184.738962][T10466]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  184.744259][T10466]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.749457][T10466]  netlink_unicast+0x7ea/0x980
[  184.754223][T10466]  ? __pfx_netlink_unicast+0x10/0x10
[  184.759501][T10466]  ? __virt_addr_valid+0x183/0x520
[  184.764612][T10466]  ? __check_object_size+0x49c/0x900
[  184.769892][T10466]  ? bpf_lsm_netlink_send+0x9/0x10
[  184.775009][T10466]  netlink_sendmsg+0x8db/0xcb0
[  184.779783][T10466]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.785065][T10466]  ? __import_iovec+0x536/0x820
[  184.789905][T10466]  ? aa_sock_msg_perm+0x91/0x160
[  184.794839][T10466]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  184.800114][T10466]  ? security_socket_sendmsg+0x87/0xb0
[  184.805566][T10466]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.810842][T10466]  __sock_sendmsg+0x221/0x270
[  184.815520][T10466]  ____sys_sendmsg+0x525/0x7d0
[  184.820290][T10466]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.825588][T10466]  __sys_sendmsg+0x2b0/0x3a0
[  184.830178][T10466]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.835286][T10466]  ? vfs_write+0x7c4/0xc90
[  184.839732][T10466]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.846053][T10466]  ? do_syscall_64+0x100/0x230
[  184.850824][T10466]  ? do_syscall_64+0xb6/0x230
[  184.855769][T10466]  do_syscall_64+0xf3/0x230
[  184.860271][T10466]  ? clear_bhb_loop+0x35/0x90
[  184.864953][T10466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.870843][T10466] RIP: 0033:0x7f0b6a775bd9
[  184.875264][T10466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.894953][T10466] RSP: 002b:00007f0b6b58d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.903362][T10466] RAX: ffffffffffffffda RBX: 00007f0b6a903f60 RCX: 00007f0b6a775bd9
[  184.911326][T10466] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  184.919287][T10466] RBP: 00007f0b6b58d0a0 R08: 0000000000000000 R09: 0000000000000000
[  184.927259][T10466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.935223][T10466] R13: 000000000000000b R14: 00007f0b6a903f60 R15: 00007fff5fde6e98
[  184.943197][T10466]  </TASK>
[  185.027740][   T12] bridge_slave_1: left allmulticast mode
[  185.056385][   T12] bridge_slave_1: left promiscuous mode
[  185.066788][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.118036][   T12] bridge_slave_0: left allmulticast mode
[  185.123747][   T12] bridge_slave_0: left promiscuous mode
[  185.178391][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.454415][T10499] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  185.909715][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.922101][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.933537][   T12] bond0 (unregistering): Released all slaves
[  185.947189][   T12] bond1 (unregistering): Released all slaves
[  186.056726][   T12] bond2 (unregistering): Released all slaves
[  186.203404][T10512] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.217486][   T12] tipc: Left network mode
[  186.258340][T10512] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.261931][T10517] hsr0: entered promiscuous mode
[  186.449488][T10523] netlink: 'syz.2.1809': attribute type 7 has an invalid length.
[  186.473033][T10523] netlink: 'syz.2.1809': attribute type 5 has an invalid length.
[  186.484648][T10523] __nla_validate_parse: 6 callbacks suppressed
[  186.484666][T10523] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1809'.
[  186.490835][T10525] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1811'.
[  186.563985][T10525] team0: entered promiscuous mode
[  186.579901][T10525] team_slave_0: entered promiscuous mode
[  186.607872][T10525] team_slave_1: entered promiscuous mode
[  186.616780][T10525] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  186.711950][T10524] team0: left promiscuous mode
[  186.733285][T10524] team_slave_0: left promiscuous mode
[  186.750816][T10524] team_slave_1: left promiscuous mode
[  186.774078][T10524] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  186.926350][   T12] hsr_slave_0: left promiscuous mode
[  186.957305][   T12] hsr_slave_1: left promiscuous mode
[  186.975567][T10552] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  187.007587][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.019352][   T53] Bluetooth: hci2: command 0x0401 tx timeout
[  187.019363][ T5097] Bluetooth: hci0: command 0x0c1a tx timeout
[  187.036455][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.064990][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.090987][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.187483][   T12] veth1_macvtap: left promiscuous mode
[  187.193082][   T12] veth0_macvtap: left promiscuous mode
[  187.199705][   T12] veth1_vlan: left promiscuous mode
[  187.205048][   T12] veth0_vlan: left promiscuous mode
[  187.685427][   T12] team0 (unregistering): Port device team_slave_1 removed
[  187.733964][   T12] team0 (unregistering): Port device team_slave_0 removed
[  188.436628][T10587] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  188.468334][T10587] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  188.637735][T10592] xt_CT: No such helper "snmp"
[  188.643501][T10593] team0: Port device macvlan3 added
[  188.957724][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  188.967476][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  188.990486][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  189.008861][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  189.021520][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  189.030882][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  189.084642][   T12] IPVS: stop unused estimator thread 0...
[  189.383413][T10631] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  189.467708][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.487620][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  189.567482][T10630] netlink: 'syz.1.1848': attribute type 1 has an invalid length.
[  189.622204][T10635] 8021q: adding VLAN 0 to HW filter on device batadv1
[  189.636071][T10635] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[  189.647518][   T61] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  189.651380][T10644] 8021q: adding VLAN 0 to HW filter on device bond1
[  189.764737][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.787631][   T61] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  189.788609][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  189.818596][T10655] FAULT_INJECTION: forcing a failure.
[  189.818596][T10655] name failslab, interval 1, probability 0, space 0, times 0
[  189.831359][T10655] CPU: 1 PID: 10655 Comm: syz.3.1853 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  189.841540][T10655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  189.851624][T10655] Call Trace:
[  189.854927][T10655]  <TASK>
[  189.857874][T10655]  dump_stack_lvl+0x241/0x360
[  189.862594][T10655]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.867835][T10655]  ? __pfx__printk+0x10/0x10
[  189.872478][T10655]  ? pskb_expand_head+0xc89/0x1390
[  189.877714][T10655]  should_fail_ex+0x3b0/0x4e0
[  189.882430][T10655]  ? skb_clone+0x20c/0x390
[  189.886877][T10655]  should_failslab+0x9/0x20
[  189.891413][T10655]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  189.896824][T10655]  skb_clone+0x20c/0x390
[  189.901104][T10655]  bpf_clone_redirect+0xab/0x3d0
[  189.906078][T10655]  ? bpf_test_run+0x31e/0x910
[  189.910791][T10655]  bpf_prog_64e505a7b7f97a05+0x5d/0x62
[  189.916286][T10655]  ? debug_mutex_wake_waiter+0xb0/0x320
[  189.921872][T10655]  ? timekeeping_get_ns+0x5c/0x420
[  189.927034][T10655]  ? bpf_test_run+0x31e/0x910
[  189.931749][T10655]  ? __pfx_lockdep_softirqs_off+0x10/0x10
[  189.937506][T10655]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  189.943864][T10655]  ? ktime_get+0x3c/0xb0
[  189.948160][T10655]  ? bpf_test_run+0x31e/0x910
[  189.952873][T10655]  ? __pfx___cant_migrate+0x10/0x10
[  189.958112][T10655]  ? bpf_test_run+0x31e/0x910
[  189.962824][T10655]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  189.968579][T10655]  ? bpf_test_timer_continue+0x11a/0x350
[  189.974254][T10655]  ? bpf_test_run+0x31e/0x910
[  189.978987][T10655]  bpf_test_run+0x409/0x910
[  189.983552][T10655]  ? __pfx_bpf_test_run+0x10/0x10
[  189.988604][T10655]  ? eth_type_trans+0x3d1/0x7a0
[  189.993498][T10655]  ? __pfx_eth_type_trans+0x10/0x10
[  189.998723][T10655]  ? bpf_prog_test_run_skb+0x7b4/0x13a0
[  190.004298][T10655]  ? convert___skb_to_skb+0x41/0x620
[  190.009624][T10655]  bpf_prog_test_run_skb+0xafa/0x13a0
[  190.015034][T10655]  ? __pfx_lock_release+0x10/0x10
[  190.020114][T10655]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  190.025962][T10655]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  190.031803][T10655]  bpf_prog_test_run+0x33a/0x3b0
[  190.036864][T10655]  __sys_bpf+0x48d/0x810
[  190.041154][T10655]  ? __pfx___sys_bpf+0x10/0x10
[  190.045971][T10655]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  190.051994][T10655]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  190.058494][T10655]  ? do_syscall_64+0x100/0x230
[  190.063299][T10655]  __x64_sys_bpf+0x7c/0x90
[  190.067748][T10655]  do_syscall_64+0xf3/0x230
[  190.072278][T10655]  ? clear_bhb_loop+0x35/0x90
[  190.076983][T10655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.082939][T10655] RIP: 0033:0x7fc38b975bd9
[  190.087365][T10655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.107004][T10655] RSP: 002b:00007fc38c6e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  190.115448][T10655] RAX: ffffffffffffffda RBX: 00007fc38bb03f60 RCX: 00007fc38b975bd9
[  190.123515][T10655] RDX: 0000000000000028 RSI: 00000000200000c0 RDI: 000000000000000a
[  190.131738][T10655] RBP: 00007fc38c6e30a0 R08: 0000000000000000 R09: 0000000000000000
[  190.139706][T10655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  190.147668][T10655] R13: 000000000000000b R14: 00007fc38bb03f60 R15: 00007ffdf20140a8
[  190.155643][T10655]  </TASK>
[  190.170737][   T53] Bluetooth: hci3: command tx timeout
[  190.252640][T10604] chnl_net:caif_netlink_parms(): no params data found
[  190.414380][T10687] RDS: rds_bind could not find a transport for fc02::, load rds_tcp or rds_rdma?
[  190.440926][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.461849][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  190.509727][T10688] netlink: 'syz.1.1864': attribute type 1 has an invalid length.
[  190.547115][T10688] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1864'.
[  190.558394][T10688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1864'.
[  190.587161][T10688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1864'.
[  190.635168][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.646692][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  190.779643][T10604] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.800629][T10604] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.808719][T10604] bridge_slave_0: entered allmulticast mode
[  190.816327][T10604] bridge_slave_0: entered promiscuous mode
[  190.828471][T10604] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.851318][T10604] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.860757][T10604] bridge_slave_1: entered allmulticast mode
[  190.868556][T10604] bridge_slave_1: entered promiscuous mode
[  191.038986][T10604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.081712][T10718] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.089023][T10718] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.098005][   T53] Bluetooth: hci1: command tx timeout
[  191.214691][T10604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.232252][   T12] bridge_slave_1: left allmulticast mode
[  191.243663][   T12] bridge_slave_1: left promiscuous mode
[  191.257742][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.278688][   T12] bridge_slave_0: left allmulticast mode
[  191.284552][   T12] bridge_slave_0: left promiscuous mode
[  191.291193][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.339220][T10735] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1881'.
[  191.539011][T10737] netlink: 'syz.3.1882': attribute type 29 has an invalid length.
[  191.921983][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.947408][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.983560][   T12] bond0 (unregistering): Released all slaves
[  192.091789][T10737] netlink: 'syz.3.1882': attribute type 29 has an invalid length.
[  192.172819][T10740] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  192.257388][T10604] team0: Port device team_slave_0 added
[  192.266458][   T12] tipc: Left network mode
[  192.280323][T10604] team0: Port device team_slave_1 added
[  192.409064][T10748] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  192.617847][T10604] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.624871][T10604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.658750][T10604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.680543][T10604] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.697007][T10604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.738906][T10604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.876726][T10775] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1897'.
[  192.979922][T10604] hsr_slave_0: entered promiscuous mode
[  192.988826][T10604] hsr_slave_1: entered promiscuous mode
[  192.995368][T10779] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1899'.
[  193.176945][   T53] Bluetooth: hci1: command tx timeout
[  193.228777][   T12] hsr_slave_0: left promiscuous mode
[  193.247691][   T12] hsr_slave_1: left promiscuous mode
[  193.261684][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.274811][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.289101][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.307470][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.361182][   T12] veth1_macvtap: left promiscuous mode
[  193.374204][   T12] veth0_macvtap: left promiscuous mode
[  193.385720][   T12] veth1_vlan: left promiscuous mode
[  193.400626][   T12] veth0_vlan: left promiscuous mode
[  193.924502][T10796] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  194.314965][   T12] team0 (unregistering): Port device team_slave_1 removed
[  194.357441][   T12] team0 (unregistering): Port device team_slave_0 removed
[  194.719341][ T1241] ieee802154 phy0 wpan0: encryption failed: -22
[  194.725687][ T1241] ieee802154 phy1 wpan1: encryption failed: -22
[  195.266967][   T53] Bluetooth: hci1: command tx timeout
[  195.911922][T10828] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  195.948814][    C0] vxcan0: j1939_tp_rxtimer: 0xffff888029ee7000: rx timeout, send abort
[  195.957439][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88802dbc0000: rx timeout, send abort
[  195.966043][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff888029ee7000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  195.980574][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff88802dbc0000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  196.255326][T10838] batadv0: entered promiscuous mode
[  196.262305][T10838] vlan2: entered promiscuous mode
[  196.278655][T10838] vlan2: entered allmulticast mode
[  196.284337][T10838] batadv0: entered allmulticast mode
[  196.433334][   T12] IPVS: stop unused estimator thread 0...
[  196.493330][T10855] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1926'.
[  196.570703][T10856] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1927'.
[  196.723827][T10868] netlink: 'syz.4.1931': attribute type 1 has an invalid length.
[  196.746393][T10868] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1931'.
[  196.764624][T10868] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1931'.
[  196.812502][T10868] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1931'.
[  196.830789][T10604] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  196.875899][T10604] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  196.915110][T10604] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  196.955781][T10871] vlan2: entered promiscuous mode
[  196.965907][T10871] vlan2: entered allmulticast mode
[  197.021640][T10604] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  197.100913][T10880] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.124751][T10880] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.156120][T10880] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.167978][T10880] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.177229][T10880] geneve2: entered promiscuous mode
[  197.182618][T10880] geneve2: entered allmulticast mode
[  197.192597][T10880] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  197.202041][T10880] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  197.211214][T10880] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  197.223205][T10880] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  197.346247][   T53] Bluetooth: hci1: command tx timeout
[  197.492618][T10604] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.523996][T10906] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1945'.
[  197.533468][T10905] netlink: 'syz.1.1944': attribute type 1 has an invalid length.
[  197.543502][T10905] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1944'.
[  197.549417][T10906] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  197.563354][T10905] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1944'.
[  197.587042][T10906] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  197.595884][T10906] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  197.604971][T10906] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  197.615124][T10906] geneve2: entered promiscuous mode
[  197.620781][T10906] geneve2: entered allmulticast mode
[  197.651762][T10604] 8021q: adding VLAN 0 to HW filter on device team0
[  197.692141][ T8812] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.699470][ T8812] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.762265][ T8812] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.769480][ T8812] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.883258][T10604] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  198.158346][T10939] netlink: 'syz.0.1958': attribute type 7 has an invalid length.
[  198.166125][T10939] netlink: 'syz.0.1958': attribute type 8 has an invalid length.
[  198.192041][T10939] __nla_validate_parse: 1 callbacks suppressed
[  198.192060][T10939] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1958'.
[  198.323910][T10604] 8021q: adding VLAN 0 to HW filter on device batadv0
[  198.501556][T10604] veth0_vlan: entered promiscuous mode
[  198.524813][T10960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1965'.
[  198.547659][T10604] veth1_vlan: entered promiscuous mode
[  198.653122][T10604] veth0_macvtap: entered promiscuous mode
[  198.694653][T10604] veth1_macvtap: entered promiscuous mode
[  198.758379][T10604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  198.774293][T10604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.785466][T10604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  198.796121][T10604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.817005][T10604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  198.840547][T10604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.862387][T10604] batman_adv: batadv0: Interface activated: batadv_slave_0
[  198.881173][T10974] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1971'.
[  198.896299][T10983] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1974'.
[  198.898049][T10976] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  198.982154][T10988] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1974'.
[  199.033087][T10604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.069583][T10604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.097367][T10604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.122967][T10604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.139194][T10604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.153518][T10604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.184306][T10604] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.205490][T10604] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.215333][T10604] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.225481][T10604] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.236241][T10604] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.425795][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.441427][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.495220][T11013] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1984'.
[  199.552329][ T2456] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.571166][ T2456] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.860326][T11024] FAULT_INJECTION: forcing a failure.
[  199.860326][T11024] name failslab, interval 1, probability 0, space 0, times 0
[  199.910005][T11024] CPU: 1 PID: 11024 Comm: syz.3.1988 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  199.920220][T11024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  199.930301][T11024] Call Trace:
[  199.933601][T11024]  <TASK>
[  199.936555][T11024]  dump_stack_lvl+0x241/0x360
[  199.941276][T11024]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.946515][T11024]  ? __pfx__printk+0x10/0x10
[  199.951150][T11024]  ? __pfx___might_resched+0x10/0x10
[  199.956481][T11024]  should_fail_ex+0x3b0/0x4e0
[  199.961212][T11024]  ? ptlock_alloc+0x20/0x70
[  199.965756][T11024]  should_failslab+0x9/0x20
[  199.970297][T11024]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  199.975679][T11024]  ptlock_alloc+0x20/0x70
[  199.980093][T11024]  pte_alloc_one+0xcd/0x5d0
[  199.984591][T11024]  ? __pfx_pte_alloc_one+0x10/0x10
[  199.989697][T11024]  ? process_measurement+0x1af3/0x1fb0
[  199.995157][T11024]  ? validate_chain+0x11e/0x5900
[  200.000098][T11024]  handle_pte_fault+0x21de/0x7090
[  200.005124][T11024]  ? __pfx_validate_chain+0x10/0x10
[  200.010323][T11024]  ? __lock_acquire+0x1346/0x1fd0
[  200.015353][T11024]  ? __pfx_handle_pte_fault+0x10/0x10
[  200.020732][T11024]  ? __lock_acquire+0x1346/0x1fd0
[  200.025780][T11024]  ? __thp_vma_allowable_orders+0x7bf/0x860
[  200.031676][T11024]  ? __pfx_lock_release+0x10/0x10
[  200.036697][T11024]  handle_mm_fault+0x10df/0x1ba0
[  200.041653][T11024]  ? __pfx_handle_mm_fault+0x10/0x10
[  200.046956][T11024]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  200.053366][T11024]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  200.058654][T11024]  exc_page_fault+0x2b9/0x8c0
[  200.063337][T11024]  asm_exc_page_fault+0x26/0x30
[  200.068184][T11024] RIP: 0010:__get_user_4+0x11/0x20
[  200.073289][T11024] Code: 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  200.092998][T11024] RSP: 0018:ffffc90004047c18 EFLAGS: 00050206
[  200.099084][T11024] RAX: 0000000020000000 RBX: 0000000020000000 RCX: ffffc90004047b03
[  200.107070][T11024] RDX: 0000000000000000 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1fe940
[  200.115049][T11024] RBP: ffffc90004047cf0 R08: ffffffff8fad49ef R09: 1ffffffff1f5a93d
[  200.123017][T11024] R10: dffffc0000000000 R11: fffffbfff1f5a93e R12: 1ffff92000808f8c
[  200.130999][T11024] R13: 000000000000010d R14: 0000000000000000 R15: ffff888020e23340
[  200.138986][T11024]  dccp_getsockopt+0xb7/0x1910
[  200.143760][T11024]  ? __pfx_dccp_getsockopt+0x10/0x10
[  200.149043][T11024]  ? aa_sock_opt_perm+0x79/0x120
[  200.153983][T11024]  ? sock_common_getsockopt+0x2e/0xb0
[  200.159365][T11024]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  200.165259][T11024]  do_sock_getsockopt+0x373/0x850
[  200.170287][T11024]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  200.175926][T11024]  ? __fget_files+0x3f6/0x470
[  200.180610][T11024]  __sys_getsockopt+0x271/0x330
[  200.185464][T11024]  ? __pfx___sys_getsockopt+0x10/0x10
[  200.190831][T11024]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  200.197157][T11024]  ? do_syscall_64+0x100/0x230
[  200.201922][T11024]  __x64_sys_getsockopt+0xb5/0xd0
[  200.206957][T11024]  do_syscall_64+0xf3/0x230
[  200.211473][T11024]  ? clear_bhb_loop+0x35/0x90
[  200.216151][T11024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.222129][T11024] RIP: 0033:0x7fc38b975bd9
[  200.226558][T11024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.246259][T11024] RSP: 002b:00007fc38c6e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  200.254671][T11024] RAX: ffffffffffffffda RBX: 00007fc38bb03f60 RCX: 00007fc38b975bd9
[  200.262728][T11024] RDX: 00000000000000b8 RSI: 000000000000010d RDI: 0000000000000003
[  200.270694][T11024] RBP: 00007fc38c6e30a0 R08: 0000000020000000 R09: 0000000000000000
[  200.278660][T11024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.286651][T11024] R13: 000000000000000b R14: 00007fc38bb03f60 R15: 00007ffdf20140a8
[  200.294641][T11024]  </TASK>
[  200.344137][T11028] netlink: 'syz.2.1830': attribute type 10 has an invalid length.
[  200.723074][T11028] team0: Port device wlan1 added
[  200.792132][T11028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  201.153577][T11057] netlink: 'syz.1.2002': attribute type 1 has an invalid length.
[  201.184403][T11057] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2002'.
[  201.212839][T11057] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2002'.
[  201.247024][T11060] netlink: 'syz.3.2003': attribute type 2 has an invalid length.
[  201.249303][T11058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2002'.
[  201.259987][T11060] netlink: 179916 bytes leftover after parsing attributes in process `syz.3.2003'.
[  201.423589][T11071] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  201.619494][T11085] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  201.673272][T11085] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  202.384567][T11122] netlink: 'syz.4.2028': attribute type 1 has an invalid length.
[  202.709872][T11146] xt_recent: Unsupported userspace flags (00000042)
[  202.872674][T11154] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x2
[  203.063374][T11164] netlink: 'syz.4.2040': attribute type 10 has an invalid length.
[  203.108049][T11168] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  203.111627][T11164] team0: Device veth1_macvtap failed to register rx_handler
[  203.187202][T11167] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  203.233736][T11172] netlink: 'syz.3.2043': attribute type 1 has an invalid length.
[  203.250319][T11172] __nla_validate_parse: 9 callbacks suppressed
[  203.250339][T11172] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2043'.
[  203.265008][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  203.295245][T11172] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2043'.
[  203.321097][T11172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2043'.
[  203.662631][T11198] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2050'.
[  203.711206][T11193] netlink: 'syz.2.2050': attribute type 3 has an invalid length.
[  203.848842][T11211] netlink: 210596 bytes leftover after parsing attributes in process `syz.1.2059'.
[  203.985468][T11218] netlink: 'syz.0.2062': attribute type 1 has an invalid length.
[  204.009864][T11218] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.2062'.
[  204.033349][T11218] raw_sendmsg: syz.0.2062 forgot to set AF_INET. Fix it!
[  204.040203][T11219] netlink: 'syz.4.2061': attribute type 1 has an invalid length.
[  204.055926][T11219] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2061'.
[  204.076575][T11219] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2061'.
[  204.093605][T11219] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2061'.
[  204.208083][T11228] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2066'.
[  204.412373][T11238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  204.468747][T11233] netlink: 'syz.1.2068': attribute type 4 has an invalid length.
[  204.504468][ T1146] IPVS: starting estimator thread 0...
[  204.528718][T11235] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  204.617791][T11243] IPVS: using max 21 ests per chain, 50400 per kthread
[  204.847261][T11259] netlink: 'syz.1.2076': attribute type 1 has an invalid length.
[  205.672018][T11287] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.722251][    T8] IPVS: starting estimator thread 0...
[  205.739455][T11286] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.763045][T11285] netlink: 'syz.1.2089': attribute type 1 has an invalid length.
[  205.815083][T11261] dccp_close: ABORT with 32 bytes unread
[  205.847020][T11298] netlink: 'syz.3.2094': attribute type 1 has an invalid length.
[  205.857872][T11291] IPVS: using max 22 ests per chain, 52800 per kthread
[  206.209731][T11319] openvswitch: netlink: Flow actions attr not present in new flow.
[  206.698513][T11357] hsr0: entered promiscuous mode
[  206.705996][T11356] FAULT_INJECTION: forcing a failure.
[  206.705996][T11356] name failslab, interval 1, probability 0, space 0, times 0
[  206.725919][T11351] hsr_slave_0: left promiscuous mode
[  206.732428][T11356] CPU: 1 PID: 11356 Comm: syz.0.2118 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  206.742624][T11356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  206.752707][T11356] Call Trace:
[  206.756000][T11356]  <TASK>
[  206.758947][T11356]  dump_stack_lvl+0x241/0x360
[  206.763659][T11356]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.768883][T11356]  ? __pfx__printk+0x10/0x10
[  206.773480][T11356]  ? netlink_insert+0x10b7/0x14b0
[  206.778497][T11356]  should_fail_ex+0x3b0/0x4e0
[  206.783175][T11356]  ? __alloc_skb+0x1c3/0x440
[  206.787764][T11356]  should_failslab+0x9/0x20
[  206.792265][T11356]  kmem_cache_alloc_node_noprof+0x71/0x320
[  206.798072][T11356]  __alloc_skb+0x1c3/0x440
[  206.802488][T11356]  ? __pfx___alloc_skb+0x10/0x10
[  206.807420][T11356]  ? netlink_autobind+0xd6/0x2f0
[  206.812351][T11356]  ? netlink_autobind+0x2b0/0x2f0
[  206.817409][T11356]  netlink_sendmsg+0x631/0xcb0
[  206.822178][T11356]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.827461][T11356]  ? __import_iovec+0x536/0x820
[  206.832302][T11356]  ? aa_sock_msg_perm+0x91/0x160
[  206.837246][T11356]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  206.842519][T11356]  ? security_socket_sendmsg+0x87/0xb0
[  206.847971][T11356]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.853250][T11356]  __sock_sendmsg+0x221/0x270
[  206.857930][T11356]  ____sys_sendmsg+0x525/0x7d0
[  206.862696][T11356]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.867991][T11356]  __sys_sendmsg+0x2b0/0x3a0
[  206.872672][T11356]  ? __pfx___sys_sendmsg+0x10/0x10
[  206.877775][T11356]  ? vfs_write+0x7c4/0xc90
[  206.882211][T11356]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  206.888537][T11356]  ? do_syscall_64+0x100/0x230
[  206.893301][T11356]  ? do_syscall_64+0xb6/0x230
[  206.897975][T11356]  do_syscall_64+0xf3/0x230
[  206.902473][T11356]  ? clear_bhb_loop+0x35/0x90
[  206.907148][T11356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.913042][T11356] RIP: 0033:0x7f8e83375bd9
[  206.917450][T11356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.937047][T11356] RSP: 002b:00007f8e840f5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.945456][T11356] RAX: ffffffffffffffda RBX: 00007f8e83503f60 RCX: 00007f8e83375bd9
[  206.953417][T11356] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005
[  206.961386][T11356] RBP: 00007f8e840f50a0 R08: 0000000000000000 R09: 0000000000000000
[  206.969363][T11356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.977325][T11356] R13: 000000000000000b R14: 00007f8e83503f60 R15: 00007ffe6ac34b28
[  206.985301][T11356]  </TASK>
[  207.038175][T11351] hsr_slave_1: left promiscuous mode
[  207.170398][T11351] hsr0 (unregistering): left promiscuous mode
[  207.183524][T11365] geneve0: entered promiscuous mode
[  207.191954][T11365] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.207571][T11365] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.228943][T11365] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.240173][T11365] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.255456][T11365] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  207.732744][T11405] validate_nla: 4 callbacks suppressed
[  207.732766][T11405] netlink: 'syz.3.2131': attribute type 1 has an invalid length.
[  208.076140][T11426] netlink: 'syz.4.2136': attribute type 15 has an invalid length.
[  208.171931][T11431] hsr0: entered promiscuous mode
[  208.188913][T11426] hsr_slave_0: left promiscuous mode
[  208.199462][T11426] hsr_slave_1: left promiscuous mode
[  208.281514][T11426] hsr0 (unregistering): left promiscuous mode
[  208.685799][T11437] sock: sock_timestamping_bind_phc: sock not bind to device
[  209.096731][T11443] netlink: 'syz.2.2144': attribute type 1 has an invalid length.
[  209.134806][T11443] __nla_validate_parse: 14 callbacks suppressed
[  209.134829][T11443] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2144'.
[  209.178934][T11443] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2144'.
[  209.222963][T11452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2144'.
[  209.540762][T11464] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2151'.
[  209.661849][T11471] ip6t_REJECT: ECHOREPLY is not supported
[  209.679230][T11471] netlink: 'syz.2.2155': attribute type 1 has an invalid length.
[  209.699017][T11471] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.2155'.
[  209.716989][T11471] netlink: 'syz.2.2155': attribute type 1 has an invalid length.
[  209.744975][T11471] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  209.764390][T11471] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  209.817624][T11483] netlink: 'syz.3.2160': attribute type 1 has an invalid length.
[  209.841947][T11483] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2160'.
[  209.864914][T11483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2160'.
[  209.889281][T11483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2160'.
[  210.511180][T11533] netlink: 'syz.4.2175': attribute type 1 has an invalid length.
[  210.529292][T11533] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2175'.
[  210.557745][T11533] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2175'.
[  210.675097][T11543] netlink: 'syz.0.2180': attribute type 4 has an invalid length.
[  210.862869][T11559] tun0: tun_chr_ioctl cmd 1074812117
[  210.926288][T11564] syz_tun: entered promiscuous mode
[  210.956758][T11564] batadv_slave_0: entered promiscuous mode
[  210.976440][T11564] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  210.994700][T11564] Cannot create hsr debugfs directory
[  211.000777][T11564] hsr0: entered allmulticast mode
[  211.015297][T11564] syz_tun: entered allmulticast mode
[  211.027172][T11564] batadv_slave_0: entered allmulticast mode
[  211.384465][T11582] netlink: 'syz.4.2193': attribute type 1 has an invalid length.
[  212.267495][T11613] netlink: 'syz.2.2206': attribute type 1 has an invalid length.
[  212.381759][T11625] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  212.870544][T11652] vlan2: entered promiscuous mode
[  212.884291][T11652] vlan2: entered allmulticast mode
[  212.948231][T11660] netlink: 'syz.2.2224': attribute type 1 has an invalid length.
[  213.585262][T11689] netlink: 'syz.2.2236': attribute type 1 has an invalid length.
[  213.677593][T11686] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  213.707080][T11701] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  213.758626][T11695] vlan2: entered promiscuous mode
[  213.765784][T11695] vlan2: entered allmulticast mode
[  214.163940][T11729] SET target dimension over the limit!
[  214.489477][T11745] vlan2: entered promiscuous mode
[  214.497347][T11745] vlan2: entered allmulticast mode
[  214.677969][T11759] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  214.807791][T11760] __nla_validate_parse: 16 callbacks suppressed
[  214.807809][T11760] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2262'.
[  215.311211][T11785] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  215.330109][T11796] FAULT_INJECTION: forcing a failure.
[  215.330109][T11796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.352961][T11796] CPU: 1 PID: 11796 Comm: syz.3.2272 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  215.363169][T11796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  215.373257][T11796] Call Trace:
[  215.376562][T11796]  <TASK>
[  215.379518][T11796]  dump_stack_lvl+0x241/0x360
[  215.384242][T11796]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.389475][T11796]  ? __pfx__printk+0x10/0x10
[  215.394080][T11796]  ? __pfx_lock_release+0x10/0x10
[  215.394117][T11796]  should_fail_ex+0x3b0/0x4e0
[  215.394147][T11796]  _copy_from_iter+0x1f6/0x1960
[  215.408720][T11796]  ? __virt_addr_valid+0x183/0x520
[  215.413866][T11796]  ? __pfx_lock_release+0x10/0x10
[  215.418931][T11796]  ? __alloc_skb+0x28f/0x440
[  215.423552][T11796]  ? __pfx__copy_from_iter+0x10/0x10
[  215.428872][T11796]  ? __virt_addr_valid+0x183/0x520
[  215.434017][T11796]  ? __virt_addr_valid+0x183/0x520
[  215.439183][T11796]  ? __virt_addr_valid+0x44e/0x520
[  215.444332][T11796]  ? __check_object_size+0x49c/0x900
[  215.449655][T11796]  netlink_sendmsg+0x743/0xcb0
[  215.454464][T11796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.459779][T11796]  ? __import_iovec+0x536/0x820
[  215.464635][T11796]  ? aa_sock_msg_perm+0x91/0x160
[  215.469576][T11796]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  215.474853][T11796]  ? security_socket_sendmsg+0x87/0xb0
[  215.480317][T11796]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.485605][T11796]  __sock_sendmsg+0x221/0x270
[  215.490286][T11796]  ____sys_sendmsg+0x525/0x7d0
[  215.495051][T11796]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.500343][T11796]  __sys_sendmsg+0x2b0/0x3a0
[  215.504928][T11796]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.510036][T11796]  ? vfs_write+0x7c4/0xc90
[  215.514566][T11796]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  215.520888][T11796]  ? do_syscall_64+0x100/0x230
[  215.525658][T11796]  ? do_syscall_64+0xb6/0x230
[  215.530336][T11796]  do_syscall_64+0xf3/0x230
[  215.534834][T11796]  ? clear_bhb_loop+0x35/0x90
[  215.539527][T11796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.545418][T11796] RIP: 0033:0x7fc38b975bd9
[  215.549851][T11796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.569469][T11796] RSP: 002b:00007fc38c6e3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.577886][T11796] RAX: ffffffffffffffda RBX: 00007fc38bb03f60 RCX: 00007fc38b975bd9
[  215.585852][T11796] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000005
[  215.593816][T11796] RBP: 00007fc38c6e30a0 R08: 0000000000000000 R09: 0000000000000000
[  215.601779][T11796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.609750][T11796] R13: 000000000000000b R14: 00007fc38bb03f60 R15: 00007ffdf20140a8
[  215.617738][T11796]  </TASK>
[  215.756363][T11809] netlink: 'syz.4.2279': attribute type 4 has an invalid length.
[  215.832385][T11809] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  216.189412][T11839] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2289'.
[  216.312351][T11851] netlink: 'syz.1.2293': attribute type 4 has an invalid length.
[  216.563468][T11856] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  216.618998][T11873] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2301'.
[  216.711984][T11876] IPv6: Can't replace route, no match found
[  216.774072][T11881] wg2: entered promiscuous mode
[  216.788898][T11881] wg2: entered allmulticast mode
[  216.791246][T11883] FAULT_INJECTION: forcing a failure.
[  216.791246][T11883] name failslab, interval 1, probability 0, space 0, times 0
[  216.807809][T11883] CPU: 0 PID: 11883 Comm: syz.3.2305 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  216.818003][T11883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  216.828086][T11883] Call Trace:
[  216.831379][T11883]  <TASK>
[  216.834330][T11883]  dump_stack_lvl+0x241/0x360
[  216.839068][T11883]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.844308][T11883]  ? __pfx__printk+0x10/0x10
[  216.848951][T11883]  ? __lock_acquire+0x1346/0x1fd0
[  216.854011][T11883]  should_fail_ex+0x3b0/0x4e0
[  216.858727][T11883]  ? __alloc_skb+0x1c3/0x440
[  216.863360][T11883]  should_failslab+0x9/0x20
[  216.867893][T11883]  kmem_cache_alloc_node_noprof+0x71/0x320
[  216.873741][T11883]  __alloc_skb+0x1c3/0x440
[  216.878269][T11883]  ? __pfx___alloc_skb+0x10/0x10
[  216.883214][T11883]  ? __mutex_trylock_common+0x183/0x2e0
[  216.888770][T11883]  netlink_dump+0x233/0xe50
[  216.893273][T11883]  ? rcu_is_watching+0x15/0xb0
[  216.898044][T11883]  ? trace_contention_end+0x3c/0x120
[  216.903340][T11883]  ? __pfx_netlink_dump+0x10/0x10
[  216.908376][T11883]  ? __pfx_lock_acquire+0x10/0x10
[  216.913417][T11883]  __netlink_dump_start+0x59d/0x780
[  216.918625][T11883]  rtnetlink_rcv_msg+0xda2/0x1180
[  216.923652][T11883]  ? __pfx_rtnl_mdb_dump+0x10/0x10
[  216.928766][T11883]  ? rtnetlink_rcv_msg+0x208/0x1180
[  216.933962][T11883]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  216.939417][T11883]  ? is_bpf_text_address+0x285/0x2a0
[  216.944701][T11883]  ? __pfx_validate_chain+0x10/0x10
[  216.949897][T11883]  ? __pfx_validate_chain+0x10/0x10
[  216.955089][T11883]  ? arch_stack_walk+0x16d/0x1b0
[  216.960036][T11883]  ? mark_lock+0x9a/0x350
[  216.964360][T11883]  ? __pfx_validate_chain+0x10/0x10
[  216.969566][T11883]  ? __lock_acquire+0x1346/0x1fd0
[  216.974593][T11883]  ? mark_lock+0x9a/0x350
[  216.979015][T11883]  ? __lock_acquire+0x1346/0x1fd0
[  216.984033][T11883]  ? __pfx_rtnl_mdb_dump+0x10/0x10
[  216.989154][T11883]  netlink_rcv_skb+0x1e3/0x430
[  216.993938][T11883]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  216.999411][T11883]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  217.005062][T11883]  ? netlink_deliver_tap+0x2e/0x1b0
[  217.010259][T11883]  netlink_unicast+0x7ea/0x980
[  217.015116][T11883]  ? __pfx_netlink_unicast+0x10/0x10
[  217.020397][T11883]  ? __virt_addr_valid+0x183/0x520
[  217.025514][T11883]  ? __check_object_size+0x49c/0x900
[  217.030890][T11883]  ? bpf_lsm_netlink_send+0x9/0x10
[  217.036003][T11883]  netlink_sendmsg+0x8db/0xcb0
[  217.040776][T11883]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.046059][T11883]  ? __import_iovec+0x536/0x820
[  217.050903][T11883]  ? aa_sock_msg_perm+0x91/0x160
[  217.055845][T11883]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  217.061121][T11883]  ? security_socket_sendmsg+0x87/0xb0
[  217.066576][T11883]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.071858][T11883]  __sock_sendmsg+0x221/0x270
[  217.076540][T11883]  ____sys_sendmsg+0x525/0x7d0
[  217.081311][T11883]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.086609][T11883]  __sys_sendmsg+0x2b0/0x3a0
[  217.091203][T11883]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.096328][T11883]  ? vfs_write+0x7c4/0xc90
[  217.100774][T11883]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  217.107100][T11883]  ? do_syscall_64+0x100/0x230
[  217.111864][T11883]  ? do_syscall_64+0xb6/0x230
[  217.116536][T11883]  do_syscall_64+0xf3/0x230
[  217.121208][T11883]  ? clear_bhb_loop+0x35/0x90
[  217.125885][T11883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.131796][T11883] RIP: 0033:0x7fc38b975bd9
[  217.136290][T11883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.155894][T11883] RSP: 002b:00007fc38c6e3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.164300][T11883] RAX: ffffffffffffffda RBX: 00007fc38bb03f60 RCX: 00007fc38b975bd9
[  217.172267][T11883] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000007
[  217.180227][T11883] RBP: 00007fc38c6e30a0 R08: 0000000000000000 R09: 0000000000000000
[  217.188191][T11883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.196149][T11883] R13: 000000000000000b R14: 00007fc38bb03f60 R15: 00007ffdf20140a8
[  217.204126][T11883]  </TASK>
[  217.437502][T11899] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2312'.
[  217.878832][T11913] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  217.944248][T11932] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  218.029972][T11936] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  218.056441][T11936] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  218.544706][T11950] FAULT_INJECTION: forcing a failure.
[  218.544706][T11950] name failslab, interval 1, probability 0, space 0, times 0
[  218.558347][T11950] CPU: 1 PID: 11950 Comm: syz.1.2331 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  218.568539][T11950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  218.578607][T11950] Call Trace:
[  218.581881][T11950]  <TASK>
[  218.584802][T11950]  dump_stack_lvl+0x241/0x360
[  218.589478][T11950]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.594666][T11950]  ? __pfx__printk+0x10/0x10
[  218.599256][T11950]  ? __pfx___might_resched+0x10/0x10
[  218.604531][T11950]  ? __lock_acquire+0x1346/0x1fd0
[  218.609545][T11950]  should_fail_ex+0x3b0/0x4e0
[  218.614223][T11950]  should_failslab+0x9/0x20
[  218.618741][T11950]  kmalloc_node_track_caller_noprof+0xda/0x440
[  218.624916][T11950]  ? __kernfs_new_node+0x9d/0x870
[  218.629957][T11950]  kstrdup+0x3a/0x80
[  218.633845][T11950]  __kernfs_new_node+0x9d/0x870
[  218.638695][T11950]  ? __pfx___kernfs_new_node+0x10/0x10
[  218.644153][T11950]  ? sysfs_do_create_link_sd+0x77/0x110
[  218.649696][T11950]  ? do_raw_spin_lock+0x14f/0x370
[  218.654716][T11950]  ? __pfx_lock_release+0x10/0x10
[  218.659740][T11950]  kernfs_new_node+0x137/0x240
[  218.664509][T11950]  kernfs_create_link+0xa5/0x1f0
[  218.669543][T11950]  sysfs_do_create_link_sd+0x85/0x110
[  218.674928][T11950]  device_add_class_symlinks+0x1c5/0x250
[  218.680560][T11950]  device_add+0x553/0xbf0
[  218.684889][T11950]  ? device_initialize+0x266/0x460
[  218.689998][T11950]  wakeup_source_sysfs_add+0x1aa/0x270
[  218.695452][T11950]  wakeup_source_register+0x171/0x250
[  218.700820][T11950]  ep_insert+0xe7a/0x1ac0
[  218.705158][T11950]  ? __pfx_ep_insert+0x10/0x10
[  218.709924][T11950]  ? bpf_lsm_capable+0x9/0x10
[  218.714601][T11950]  do_epoll_ctl+0x8d2/0xf70
[  218.719101][T11950]  ? do_epoll_ctl+0x761/0xf70
[  218.723775][T11950]  __x64_sys_epoll_ctl+0x161/0x1a0
[  218.728885][T11950]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  218.734514][T11950]  ? do_syscall_64+0x100/0x230
[  218.739285][T11950]  ? do_syscall_64+0xb6/0x230
[  218.743964][T11950]  do_syscall_64+0xf3/0x230
[  218.748474][T11950]  ? clear_bhb_loop+0x35/0x90
[  218.753156][T11950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.759044][T11950] RIP: 0033:0x7f14e7375bd9
[  218.763451][T11950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.783052][T11950] RSP: 002b:00007f14e8128048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  218.791548][T11950] RAX: ffffffffffffffda RBX: 00007f14e7503f60 RCX: 00007f14e7375bd9
[  218.799510][T11950] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000003
[  218.807470][T11950] RBP: 00007f14e81280a0 R08: 0000000000000000 R09: 0000000000000000
[  218.815429][T11950] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000002
[  218.823391][T11950] R13: 000000000000000b R14: 00007f14e7503f60 R15: 00007fffc52d18c8
[  218.831367][T11950]  </TASK>
[  219.031052][T11962] netlink: 'syz.1.2335': attribute type 4 has an invalid length.
[  220.164805][T11947] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2330'.
[  220.195102][T11964] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2336'.
[  220.212925][T11964] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2336'.
[  220.458297][T11979] netlink: 'syz.3.2341': attribute type 1 has an invalid length.
[  220.474863][T11979] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2341'.
[  220.486549][T11979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2341'.
[  220.502328][T11979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2341'.
[  220.691690][T11993] pim6reg1: entered promiscuous mode
[  220.705461][T11993] pim6reg1: entered allmulticast mode
[  220.978030][T12000] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2349'.
[  221.001627][T12000] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2349'.
[  221.088448][T12008] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2354'.
[  223.247740][T12029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2362'.
[  223.313709][T12037] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  223.416395][T12042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  223.417330][T12041] netlink: 'syz.3.2367': attribute type 1 has an invalid length.
[  223.544740][T12048] team0: Port device team_slave_0 removed
[  223.694608][T12059] openvswitch: netlink: Unknown nsh attribute 0
[  223.999403][T12073] netlink: 'syz.3.2380': attribute type 4 has an invalid length.
[  224.017403][T12073] netlink: 'syz.3.2380': attribute type 4 has an invalid length.
[  224.706677][T12103] netlink: 'syz.1.2392': attribute type 1 has an invalid length.
[  224.761009][T12105] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.928405][T12108] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  224.985378][T12110] netlink: 'syz.4.2395': attribute type 1 has an invalid length.
[  225.199334][T12122] __nla_validate_parse: 12 callbacks suppressed
[  225.199438][T12122] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.2401'.
[  225.662670][ T5097] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  225.675345][ T5097] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  225.682699][ T5091] syz_tun (unregistering): left promiscuous mode
[  225.691773][ T5097] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  225.708918][ T5097] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  225.721101][ T5097] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  225.728852][ T5097] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  225.833251][ T6568] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.979946][ T6568] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.073283][T12161] netlink: 'syz.4.2410': attribute type 1 has an invalid length.
[  226.094060][T12161] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2410'.
[  226.129919][ T6568] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.147920][T12161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2410'.
[  226.197475][T12164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2410'.
[  226.303050][ T6568] team0: Port device netdevsim0 removed
[  226.323995][ T6568] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.497188][ T6568] batadv0: left allmulticast mode
[  226.512699][ T6568] batadv0: left promiscuous mode
[  226.518309][ T6568] bridge0: port 3(batadv0) entered disabled state
[  226.537958][ T6568] bridge_slave_1: left allmulticast mode
[  226.543683][ T6568] bridge_slave_1: left promiscuous mode
[  226.550006][ T6568] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.561529][ T6568] bridge_slave_0: left allmulticast mode
[  226.568963][ T6568] bridge_slave_0: left promiscuous mode
[  226.575738][ T6568] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.591936][ T6568] gretap1: left allmulticast mode
[  226.598753][ T6568] gretap1: left promiscuous mode
[  226.603891][ T6568] bridge2: port 1(gretap1) entered disabled state
[  226.685812][T12185] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2418'.
[  226.856076][ T6568] batman_adv: batadv0: Removing interface: vlan2
[  227.224359][ T6568] bond0 (unregistering): (slave 
50ª): Releasing backup interface
[  227.234066][ T6568] 0ª: left promiscuous mode
[  227.245567][ T6568] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.255591][ T6568] bond_slave_1: left promiscuous mode
[  227.265123][ T6568] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  227.274680][ T6568] macvlan2: left promiscuous mode
[  227.281121][ T6568] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  227.292769][ T6568] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  227.302284][ T6568] bond0 (unregistering): Released all slaves
[  227.336418][T12179] tun0: tun_chr_ioctl cmd 2147767517
[  227.371605][T12188] netlink: 'syz.4.2414': attribute type 30 has an invalid length.
[  227.383013][T12188] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6)
[  227.482499][ T6568] tipc: Left network mode
[  227.497024][ T5103] Bluetooth: hci5: command 0x0405 tx timeout
[  227.585836][T12147] chnl_net:caif_netlink_parms(): no params data found
[  227.608620][ T6568] IPVS: stopping backup sync thread 6983 ...
[  227.788686][T12205] netlink: 'syz.4.2423': attribute type 1 has an invalid length.
[  227.808307][T12205] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2423'.
[  227.817634][   T53] Bluetooth: hci2: command tx timeout
[  227.830644][T12205] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2423'.
[  227.850260][T12205] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2423'.
[  228.339437][T12147] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.346614][T12147] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.367324][T12147] bridge_slave_0: entered allmulticast mode
[  228.375026][T12147] bridge_slave_0: entered promiscuous mode
[  228.384474][T12220] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2428'.
[  228.394977][T12219] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2428'.
[  228.439092][ T6568] batadv_slave_0: left promiscuous mode
[  228.483815][ T6568] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.505222][ T6568] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.539410][ T6568] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.554213][ T6568] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.613424][ T6568] veth1_macvtap: left allmulticast mode
[  228.629250][ T6568] veth1_macvtap: left promiscuous mode
[  228.650676][ T6568] veth0_macvtap: left promiscuous mode
[  228.667630][ T6568] veth1_vlan: left promiscuous mode
[  228.683662][ T6568] veth0_vlan: left promiscuous mode
[  228.847185][T12241] netlink: 'syz.2.2434': attribute type 5 has an invalid length.
[  229.022561][ T6568] pim6reg (unregistering): left allmulticast mode
[  229.168422][T12248] netlink: 'syz.4.2436': attribute type 1 has an invalid length.
[  229.182890][ T6568] team0 (unregistering): Port device vlan0 removed
[  229.460676][ T6568] team0 (unregistering): Port device team_slave_1 removed
[  229.503193][ T6568] team0 (unregistering): Port device team_slave_0 removed
[  229.898323][   T53] Bluetooth: hci2: command tx timeout
[  229.964282][T12147] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.971679][T12147] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.980647][T12147] bridge_slave_1: entered allmulticast mode
[  229.988092][T12147] bridge_slave_1: entered promiscuous mode
[  230.036610][T12147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.050426][T12147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.216704][T12147] team0: Port device team_slave_0 added
[  230.245150][T12147] team0: Port device team_slave_1 added
[  230.328296][T12147] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.335296][T12147] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.362659][T12147] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.395253][T12147] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.405948][T12147] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.494936][T12147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.696691][T12147] hsr_slave_0: entered promiscuous mode
[  230.723243][T12147] hsr_slave_1: entered promiscuous mode
[  230.742305][T12147] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.764791][T12147] Cannot create hsr debugfs directory
[  230.792019][T12280] vlan2: entered promiscuous mode
[  230.841155][ T6568] IPVS: stop unused estimator thread 0...
[  230.887668][T12284] netlink: 'syz.3.2449': attribute type 1 has an invalid length.
[  230.911847][T12284] __nla_validate_parse: 3 callbacks suppressed
[  230.911868][T12284] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2449'.
[  230.954333][T12284] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2449'.
[  230.982436][T12289] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2449'.
[  231.013061][T12291] vxcan1: left allmulticast mode
[  231.022083][T12291] pim6reg: left allmulticast mode
[  231.335665][T12305] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2457'.
[  231.434070][T12307] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2458'.
[  231.454756][T12309] vlan2: entered promiscuous mode
[  231.469450][T12309] vlan2: entered allmulticast mode
[  231.701259][T12317] netlink: 'syz.3.2462': attribute type 1 has an invalid length.
[  231.720194][T12317] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2462'.
[  231.741396][T12317] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2462'.
[  231.765741][T12317] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2462'.
[  231.783825][T12147] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  231.828133][T12147] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  231.890339][T12147] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  231.894167][T12326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  231.938861][T12147] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  231.953012][T12326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  231.987358][   T53] Bluetooth: hci2: command tx timeout
[  232.213935][T12147] 8021q: adding VLAN 0 to HW filter on device bond0
[  232.285651][T12147] 8021q: adding VLAN 0 to HW filter on device team0
[  232.314356][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.321582][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state
[  232.349273][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.356602][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state
[  232.470987][T12147] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  232.829341][T12349] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  232.951898][T12147] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.023194][T12369] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2480'.
[  233.078072][T12147] veth0_vlan: entered promiscuous mode
[  233.107859][T12147] veth1_vlan: entered promiscuous mode
[  233.235911][T12147] veth0_macvtap: entered promiscuous mode
[  233.255324][T12147] veth1_macvtap: entered promiscuous mode
[  233.269884][T12376] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2483'.
[  233.296549][T12375] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  233.305542][T12378] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.331248][T12378] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.355603][T12147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.376721][T12147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.397998][T12147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.431168][T12147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.451339][T12147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.466886][T12147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.478973][T12147] batman_adv: batadv0: Interface activated: batadv_slave_0
[  233.501414][T12375] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  233.572039][T12147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.595775][T12147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.607082][T12147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.625933][T12147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.636093][T12147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  233.650237][T12147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.662785][T12147] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.676950][T12375] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  233.699303][T12386] netlink: 'syz.3.2488': attribute type 1 has an invalid length.
[  233.709566][T12147] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.719380][T12147] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.730079][T12390] netlink: 'syz.4.2489': attribute type 1 has an invalid length.
[  233.738923][T12147] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.750526][T12147] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  233.781102][T12375] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  233.884071][T12375] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  233.974210][T12375] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  234.067932][   T53] Bluetooth: hci2: command tx timeout
[  234.770704][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.803786][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.903356][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.932965][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.956213][T12409] bridge0: entered promiscuous mode
[  234.966745][T12409] bridge0: entered allmulticast mode
[  235.622651][T12447] syzkaller1: entered promiscuous mode
[  235.629069][T12447] syzkaller1: entered allmulticast mode
[  235.728069][T12451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.758615][T12451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.182245][T12473] FAULT_INJECTION: forcing a failure.
[  236.182245][T12473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.196431][T12473] CPU: 1 PID: 12473 Comm: syz.4.2519 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  236.206625][T12473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  236.216713][T12473] Call Trace:
[  236.220010][T12473]  <TASK>
[  236.222958][T12473]  dump_stack_lvl+0x241/0x360
[  236.227674][T12473]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.232901][T12473]  ? __pfx__printk+0x10/0x10
[  236.237521][T12473]  ? __pfx_lock_release+0x10/0x10
[  236.242576][T12473]  should_fail_ex+0x3b0/0x4e0
[  236.247377][T12473]  _copy_from_user+0x2f/0xe0
[  236.251993][T12473]  copy_msghdr_from_user+0xae/0x680
[  236.257212][T12473]  ? __pfx___might_resched+0x10/0x10
[  236.262496][T12473]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  236.268394][T12473]  ? __might_fault+0xaa/0x120
[  236.273073][T12473]  __sys_sendmmsg+0x374/0x740
[  236.277758][T12473]  ? __pfx___sys_sendmmsg+0x10/0x10
[  236.282980][T12473]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  236.288867][T12473]  ? ksys_write+0x23e/0x2c0
[  236.293360][T12473]  ? __pfx_lock_release+0x10/0x10
[  236.298382][T12473]  ? vfs_write+0x7c4/0xc90
[  236.302795][T12473]  ? __mutex_unlock_slowpath+0x21d/0x750
[  236.308421][T12473]  ? __pfx_vfs_write+0x10/0x10
[  236.313211][T12473]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  236.319207][T12473]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  236.325541][T12473]  ? do_syscall_64+0x100/0x230
[  236.330314][T12473]  __x64_sys_sendmmsg+0xa0/0xb0
[  236.335164][T12473]  do_syscall_64+0xf3/0x230
[  236.339662][T12473]  ? clear_bhb_loop+0x35/0x90
[  236.344341][T12473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.350240][T12473] RIP: 0033:0x7f6b56d75bd9
[  236.354663][T12473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.374273][T12473] RSP: 002b:00007f6b57bda048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  236.382706][T12473] RAX: ffffffffffffffda RBX: 00007f6b56f03f60 RCX: 00007f6b56d75bd9
[  236.390684][T12473] RDX: 000000007fffefff RSI: 0000000020000cc0 RDI: 0000000000000008
[  236.398827][T12473] RBP: 00007f6b57bda0a0 R08: 0000000000000000 R09: 0000000000000000
[  236.406796][T12473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  236.414760][T12473] R13: 000000000000000b R14: 00007f6b56f03f60 R15: 00007fff7fd0e938
[  236.422735][T12473]  </TASK>
[  236.879139][T12511] __nla_validate_parse: 71 callbacks suppressed
[  236.879160][T12511] netlink: 9392 bytes leftover after parsing attributes in process `syz.1.2531'.
[  236.896541][T12511] netlink: 'syz.1.2531': attribute type 1 has an invalid length.
[  237.009163][T12514] vlan2: entered promiscuous mode
[  237.163472][T12516] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.179989][T12516] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.513671][T12526] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  237.804288][T12543] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2542'.
[  237.827036][T12543] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2542'.
[  237.949672][T12556] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2545'.
[  237.973951][T12554] tc_dump_action: action bad kind
[  238.091603][T12567] xt_time: unknown flags 0x4
[  238.205058][T12576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.239614][T12576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.515142][T12599] tap0: tun_chr_ioctl cmd 1074025677
[  238.521165][T12599] tap0: linktype set to 147
[  238.663619][T12609] netlink: 'syz.0.2566': attribute type 29 has an invalid length.
[  238.673239][T12609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2566'.
[  238.683465][T12609] netlink: 'syz.0.2566': attribute type 29 has an invalid length.
[  238.691439][T12609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2566'.
[  238.814810][T12613] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2568'.
[  238.872306][T12615] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2569'.
[  239.195608][T12630] netlink: 'syz.0.2574': attribute type 10 has an invalid length.
[  239.218719][T12629] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2576'.
[  239.232909][T12630] team0: Device ipvlan1 failed to register rx_handler
[  239.331819][T12634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.354547][T12634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.564732][T12646] bond0: option mode: unable to set because the bond device has slaves
[  239.896988][ T5103] Bluetooth: hci0: command 0x0c1a tx timeout
[  239.903786][   T53] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  239.943498][T12664] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2588'.
[  239.955281][T12664] xt_CT: You must specify a L4 protocol and not use inversions on it
[  240.217612][T12681] vlan2: entered promiscuous mode
[  240.229368][T12681] dummy0: entered promiscuous mode
[  240.239725][T12681] vlan2: entered allmulticast mode
[  240.245569][T12681] dummy0: entered allmulticast mode
[  240.253379][T12681] dummy0: left allmulticast mode
[  240.260450][T12681] dummy0: left promiscuous mode
[  240.473549][T12694] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.476080][T12693] xt_CT: You must specify a L4 protocol and not use inversions on it
[  240.489118][T12694] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.535910][ T8816] IPVS: starting estimator thread 0...
[  240.596998][T12699] netlink: 'syz.1.2600': attribute type 2 has an invalid length.
[  240.637427][T12695] IPVS: using max 22 ests per chain, 52800 per kthread
[  240.716490][T12706] FAULT_INJECTION: forcing a failure.
[  240.716490][T12706] name failslab, interval 1, probability 0, space 0, times 0
[  240.743754][T12706] CPU: 1 PID: 12706 Comm: syz.2.2602 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  240.753974][T12706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  240.764056][T12706] Call Trace:
[  240.767359][T12706]  <TASK>
[  240.770320][T12706]  dump_stack_lvl+0x241/0x360
[  240.775037][T12706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.780360][T12706]  ? __pfx__printk+0x10/0x10
[  240.785007][T12706]  should_fail_ex+0x3b0/0x4e0
[  240.789722][T12706]  ? sctp_add_bind_addr+0x89/0x3a0
[  240.794872][T12706]  should_failslab+0x9/0x20
[  240.799416][T12706]  kmalloc_trace_noprof+0x6c/0x2c0
[  240.804584][T12706]  sctp_add_bind_addr+0x89/0x3a0
[  240.809661][T12706]  sctp_copy_local_addr_list+0x311/0x500
[  240.815336][T12706]  ? sctp_copy_local_addr_list+0xab/0x500
[  240.821092][T12706]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  240.827285][T12706]  ? sctp_v6_is_any+0x60/0x70
[  240.832017][T12706]  sctp_bind_addr_copy+0xad/0x3b0
[  240.837085][T12706]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  240.843453][T12706]  sctp_connect_new_asoc+0x2f3/0x6c0
[  240.846124][T12710] ebt_limit: overflow, try lower: 0/0
[  240.848754][T12706]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  240.848843][T12706]  ? sctp_inet6_send_verify+0xbe/0x310
[  240.848867][T12706]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  240.848892][T12706]  __sctp_connect+0x66d/0xe30
[  240.848922][T12706]  ? __local_bh_enable_ip+0x168/0x200
[  240.848943][T12706]  ? __pfx___sctp_connect+0x10/0x10
[  240.848960][T12706]  ? sctp_setsockopt+0x203/0x11c0
[  240.848987][T12706]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  240.849004][T12706]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  240.849022][T12706]  ? security_sctp_bind_connect+0x90/0xb0
[  240.849054][T12706]  sctp_setsockopt+0x465/0x11c0
[  240.849083][T12706]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  240.849108][T12706]  do_sock_setsockopt+0x3af/0x720
[  240.849138][T12706]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  240.849156][T12706]  ? __fget_files+0x29/0x470
[  240.849179][T12706]  ? __fget_files+0x3f6/0x470
[  240.939198][T12706]  __sys_setsockopt+0x1ae/0x250
[  240.944058][T12706]  __x64_sys_setsockopt+0xb5/0xd0
[  240.949084][T12706]  do_syscall_64+0xf3/0x230
[  240.953587][T12706]  ? clear_bhb_loop+0x35/0x90
[  240.958274][T12706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.964176][T12706] RIP: 0033:0x7fc2a3d75bd9
[  240.968586][T12706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.988189][T12706] RSP: 002b:00007fc2a4b12048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  240.996596][T12706] RAX: ffffffffffffffda RBX: 00007fc2a3f03f60 RCX: 00007fc2a3d75bd9
[  241.004560][T12706] RDX: 000000000000006b RSI: 0000000000000084 RDI: 0000000000000004
[  241.012526][T12706] RBP: 00007fc2a4b120a0 R08: 000000000000001c R09: 0000000000000000
[  241.020497][T12706] R10: 0000000020000380 R11: 0000000000000246 R12: 0000000000000002
[  241.028465][T12706] R13: 000000000000004d R14: 00007fc2a3f03f60 R15: 00007ffc16f91748
[  241.036441][T12706]  </TASK>
[  241.122586][T12716] atomic_op ffff88807b227998 conn xmit_atomic 0000000000000000
[  241.237980][T12724] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  241.509237][T12745] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  241.863057][T12770] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.891324][T12770] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.912212][T12772] __nla_validate_parse: 5 callbacks suppressed
[  241.912232][T12772] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2625'.
[  241.936655][T12772] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2625'.
[  241.946472][T12772] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2625'.
[  241.955512][T12772] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2625'.
[  241.967184][T12772] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2625'.
[  242.103024][T12776] syzkaller0: entered promiscuous mode
[  242.108868][T12776] syzkaller0: entered allmulticast mode
[  242.602131][T12791] sctp: [Deprecated]: syz.0.2632 (pid 12791) Use of struct sctp_assoc_value in delayed_ack socket option.
[  242.602131][T12791] Use struct sctp_sack_info instead
[  244.161391][T12809] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2636'.
[  244.187950][T12809] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2636'.
[  244.214267][T12809] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2636'.
[  244.236058][T12809] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2636'.
[  244.268740][T12819] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2636'.
[  244.467139][T12815] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  244.478905][T12835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.520453][T12835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  244.542821][T12841] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  244.554001][T12838] IPVS: stopping master sync thread 12841 ...
[  244.901214][T12863] 
@ÿ: renamed from veth0_vlan (while UP)
[  244.967881][T12863] netlink: 'syz.0.2650': attribute type 9 has an invalid length.
[  245.210608][T12879] netlink: 'syz.3.2655': attribute type 4 has an invalid length.
[  245.241633][T12879] tap0: tun_chr_ioctl cmd 1074025677
[  245.248867][T12879] tap0: linktype set to 773
[  245.344411][T12879] can: request_module (can-proto-4) failed.
[  245.372216][T12879] netlink: 'syz.3.2655': attribute type 4 has an invalid length.
[  246.082897][T12905] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  246.092471][T12915] syzkaller1: entered promiscuous mode
[  246.098460][T12915] syzkaller1: entered allmulticast mode
[  246.498088][T12927] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  246.602495][T12942] syzkaller1: entered promiscuous mode
[  246.608470][T12942] syzkaller1: entered allmulticast mode
[  247.040874][T12966] __nla_validate_parse: 15 callbacks suppressed
[  247.040895][T12966] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2688'.
[  247.071587][T12962] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2688'.
[  248.039823][T12997] netlink: 'syz.1.2701': attribute type 10 has an invalid length.
[  248.060614][T12991] netlink: 'syz.0.2698': attribute type 9 has an invalid length.
[  248.091001][T12997] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  248.099399][T12991] netlink: 304 bytes leftover after parsing attributes in process `syz.0.2698'.
[  248.157889][T12983] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  248.175718][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.189063][T12999] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  248.263869][T13005] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.2702'.
[  248.301962][T13005] netlink: 'syz.0.2702': attribute type 4 has an invalid length.
[  248.432125][T13016] netlink: 'syz.2.2707': attribute type 1 has an invalid length.
[  248.466991][T13016] netlink: 'syz.2.2707': attribute type 2 has an invalid length.
[  248.481322][T13015] netlink: 'syz.2.2707': attribute type 1 has an invalid length.
[  248.489354][T13015] netlink: 'syz.2.2707': attribute type 2 has an invalid length.
[  248.519109][T13023] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2710'.
[  248.630385][T13030] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2713'.
[  248.657744][T13030] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2713'.
[  248.891859][T13041] syzkaller1: entered promiscuous mode
[  248.913251][T13041] syzkaller1: entered allmulticast mode
[  249.607895][T13071] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  253.518198][T13092] wg2: entered promiscuous mode
[  253.523125][T13092] wg2: entered allmulticast mode
[  253.562408][T13097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2733'.
[  253.608806][T13097] dummy0: entered promiscuous mode
[  253.614710][T13097] macvtap1: entered promiscuous mode
[  253.654729][T13097] macvtap1: entered allmulticast mode
[  253.661729][T13097] dummy0: entered allmulticast mode
[  253.671970][T13098] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2733'.
[  253.707723][T13098] dummy0: left allmulticast mode
[  253.720146][T13098] dummy0: left promiscuous mode
[  253.731344][T13098] macvtap1: left promiscuous mode
[  253.743373][T13098] macvtap1: left allmulticast mode
[  253.926082][T13119] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2739'.
[  253.972286][T13119] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.037502][T13119] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.221676][T13130] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32)
[  254.454831][T13143] validate_nla: 3 callbacks suppressed
[  254.454852][T13143] netlink: 'syz.4.2749': attribute type 1 has an invalid length.
[  254.499810][T13143] 8021q: adding VLAN 0 to HW filter on device batadv1
[  254.513625][T13143] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[  254.531446][   T11] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  254.565930][T13143] 8021q: adding VLAN 0 to HW filter on device bond1
[  254.638358][T13146] syzkaller0: entered promiscuous mode
[  254.643894][T13146] syzkaller0: entered allmulticast mode
[  254.668428][ T2820] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  254.690242][T13146] syz.2.2750[13146] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  254.690390][T13146] syz.2.2750[13146] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  254.772043][T13150] netlink: 'syz.4.2752': attribute type 2 has an invalid length.
[  254.797435][T13150] netlink: 244 bytes leftover after parsing attributes in process `syz.4.2752'.
[  255.361948][    C1] vxcan1: j1939_tp_rxtimer: 0xffff88807b874c00: rx timeout, send abort
[  255.370702][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff88807b874c00: 0x0ff00: (3) A timeout occurred and this is the connection abort to close the session.
[  255.386417][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff88807b876c00: 0x0ff00: (3) A timeout occurred and this is the connection abort to close the session.
[  256.140106][ T1241] ieee802154 phy0 wpan0: encryption failed: -22
[  256.146571][ T1241] ieee802154 phy1 wpan1: encryption failed: -22
[  257.456249][T13180] netlink: 'syz.1.2762': attribute type 1 has an invalid length.
[  257.541832][T13181] 8021q: adding VLAN 0 to HW filter on device batadv2
[  257.564512][T13181] bond2: (slave batadv2): Enslaving as a backup interface with an up link
[  257.574837][T13182] 8021q: adding VLAN 0 to HW filter on device bond2
[  257.586699][   T12] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  257.679447][T13188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2764'.
[  257.709933][ T2820] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  257.714218][T13188] dummy0: entered promiscuous mode
[  257.733645][T13188] macvtap1: entered promiscuous mode
[  257.741694][T13188] macvtap1: entered allmulticast mode
[  257.753439][T13188] dummy0: entered allmulticast mode
[  257.769213][T13193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2764'.
[  257.798939][T13193] dummy0: left allmulticast mode
[  257.804173][T13193] dummy0: left promiscuous mode
[  257.826703][T13193] macvtap1: left promiscuous mode
[  257.834796][T13193] macvtap1: left allmulticast mode
[  257.902242][T13202] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  257.945886][T13202] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  258.168390][T13215] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2772'.
[  258.194572][T13215] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes.
[  258.198227][T13219] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2773'.
[  258.231183][T13215] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2772'.
[  258.245719][T13221] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  258.262398][T13219] team0: entered promiscuous mode
[  258.274954][T13219] team_slave_1: entered promiscuous mode
[  258.285435][T13219] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  258.322719][T13219] team_slave_0: entered promiscuous mode
[  258.335598][T13219] team_slave_0: entered allmulticast mode
[  258.343806][T13218] team0: left promiscuous mode
[  258.349748][T13218] team_slave_1: left promiscuous mode
[  258.355427][T13218] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  258.418654][T13224] netlink: 'syz.0.2778': attribute type 1 has an invalid length.
[  258.533079][T13234] skb len=8071 headroom=168 headlen=136 tailroom=0
[  258.533079][T13234] mac=(168,0) mac_len=0 net=(168,20) trans=188
[  258.533079][T13234] shinfo(txflags=0 nr_frags=1 gso(size=0 type=0 segs=0))
[  258.533079][T13234] csum(0x5700eb start=235 offset=87 ip_summed=3 complete_sw=0 valid=0 level=0)
[  258.533079][T13234] hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0
[  258.533079][T13234] priority=0x0 mark=0x0 alloc_cpu=1 vlan_all=0x0
[  258.533079][T13234] encapsulation=1 inner(proto=0x0008, mac=192, net=192, trans=244)
[  258.582121][T13234] dev name=veth0_to_team feat=0x000061164fdd19e9
[  258.588549][T13234] skb linear:   00000000: 45 02 1f 87 d1 9b 00 00 0f 2f 35 74 ac 14 14 1f
[  258.597112][T13234] skb linear:   00000010: e0 00 e5 02 00 00 08 00 bd 0f 1f 6f 10 83 0c 52
[  258.605723][T13234] skb linear:   00000020: 0f 06 3d 78 1f e4 fd fe 4b 44 94 30 eb b5 29 97
[  258.614307][T13234] skb linear:   00000030: e3 6e 03 9b 1c 59 88 25 f8 01 00 a3 c0 63 76 c3
[  258.622888][T13234] skb linear:   00000040: 30 41 76 a1 67 d5 02 61 a6 7a 34 a0 9e 5f e2 bb
[  258.631487][T13234] skb linear:   00000050: 07 b7 10 45 07 a8 d8 4b f8 00 00 00 42 7e 00 00
[  258.640061][T13234] skb linear:   00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.648630][T13234] skb linear:   00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.657193][T13234] skb linear:   00000080: 00 00 00 00 00 00 00 00
[  258.663622][T13234] skb frag:     00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.672173][T13234] skb frag:     00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.680745][T13234] skb frag:     00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.689313][T13234] skb frag:     00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.697891][T13234] skb frag:     00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.706412][T13234] skb frag:     00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.711491][T13231] 8021q: adding VLAN 0 to HW filter on device bond1
[  258.714955][T13234] skb frag:     00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.730222][T13234] skb frag:     00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.738778][T13234] skb frag:     00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.747355][T13234] skb frag:     00000090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  258.755875][T13234] skb frag:     000000a0: 00 00 00 00 00 00 00 00
[  258.762348][T13234] ------------[ cut here ]------------
[  258.767953][T13234] offset+2 (156) > skb_headlen() (136)
[  258.773928][T13234] WARNING: CPU: 1 PID: 13234 at net/core/dev.c:3334 skb_checksum_help+0x68f/0x730
[  258.783250][T13234] Modules linked in:
[  258.787217][T13234] CPU: 1 PID: 13234 Comm: syz.4.2780 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  258.797451][T13234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  258.807594][T13234] RIP: 0010:skb_checksum_help+0x68f/0x730
[  258.813363][T13234] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 89 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 c0 63 c5 8c 4c 89 f6 89 da e8 52 3f 01 f8 90 <0f> 0b 90 90 bb ea ff ff ff e9 cf fc ff ff 48 8b 0c 24 80 e1 07 80
[  258.833049][T13234] RSP: 0018:ffffc900031feda8 EFLAGS: 00010246
[  258.839203][T13234] RAX: 8a5b5be165f13900 RBX: 0000000000000088 RCX: 0000000000040000
[  258.847252][T13234] RDX: ffffc90017003000 RSI: 000000000003ffff RDI: 0000000000040000
[  258.855258][T13234] RBP: dffffc0000000000 R08: ffffffff81585822 R09: fffffbfff1c39994
[  258.863339][T13234] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: 1ffff11003daa54e
[  258.871399][T13234] R13: 000000000000009a R14: 000000000000009c R15: ffff88801ed52a00
[  258.879446][T13234] FS:  00007f6b57bda6c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  258.888453][T13234] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  258.895311][T13234] CR2: 000000002000d000 CR3: 000000007b84e000 CR4: 00000000003506f0
[  258.903332][T13234] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  258.911362][T13234] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  258.919407][T13234] Call Trace:
[  258.922710][T13234]  <TASK>
[  258.925654][T13234]  ? __warn+0x163/0x4e0
[  258.929890][T13234]  ? skb_checksum_help+0x68f/0x730
[  258.935044][T13234]  ? report_bug+0x2b3/0x500
[  258.939628][T13234]  ? skb_checksum_help+0x68f/0x730
[  258.944788][T13234]  ? handle_bug+0x3e/0x70
[  258.949532][T13234]  ? exc_invalid_op+0x1a/0x50
[  258.954252][T13234]  ? asm_exc_invalid_op+0x1a/0x20
[  258.959371][T13234]  ? __warn_printk+0x292/0x360
[  258.964177][T13234]  ? skb_checksum_help+0x68f/0x730
[  258.969378][T13234]  ? skb_checksum_help+0x68e/0x730
[  258.974533][T13234]  ip_do_fragment+0x21b/0x1b60
[  258.979389][T13234]  ? __pfx_ip_finish_output2+0x10/0x10
[  258.984886][T13234]  ? __pfx_ip_do_fragment+0x10/0x10
[  258.990173][T13234]  ? kasan_quarantine_put+0xdc/0x230
[  258.995490][T13234]  ? lockdep_hardirqs_on+0x99/0x150
[  259.000781][T13234]  ? __ip_finish_output+0x247/0x400
[  259.006015][T13234]  ? kmem_cache_free+0x145/0x350
[  259.011042][T13234]  ? ip_fragment+0x9a/0x220
[  259.015583][T13234]  __ip_finish_output+0x290/0x400
[  259.020701][T13234]  iptunnel_xmit+0x540/0x9b0
[  259.025345][T13234]  ip_tunnel_xmit+0x2113/0x2940
[  259.030317][T13234]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  259.035547][T13234]  ? gre_build_header+0x341/0xb30
[  259.040665][T13234]  ? __pfx_gre_build_header+0x10/0x10
[  259.046076][T13234]  ? iptunnel_handle_offloads+0x25f/0x650
[  259.051892][T13234]  ipgre_xmit+0x956/0xd40
[  259.056270][T13234]  ? __pfx_ipgre_xmit+0x10/0x10
[  259.061210][T13234]  ? validate_xmit_skb+0xa04/0x1120
[  259.066440][T13234]  dev_hard_start_xmit+0x27a/0x7e0
[  259.071993][T13234]  __dev_queue_xmit+0x1b0e/0x3d30
[  259.077108][T13234]  ? __might_fault+0xc6/0x120
[  259.081859][T13234]  ? __dev_queue_xmit+0x2d2/0x3d30
[  259.087061][T13234]  ? skb_partial_csum_set+0x105/0x350
[  259.092468][T13234]  ? __pfx___dev_queue_xmit+0x10/0x10
[  259.097935][T13234]  ? virtio_net_hdr_to_skb+0xa6a/0x1330
[  259.103527][T13234]  ? packet_parse_headers+0x7bd/0xad0
[  259.109261][T13234]  ? __pfx_virtio_net_hdr_to_skb+0x10/0x10
[  259.115103][T13234]  ? packet_xmit+0x68/0x330
[  259.119689][T13234]  packet_sendmsg+0x46c2/0x6150
[  259.124593][T13234]  ? finish_task_switch+0x1e5/0x870
[  259.129904][T13234]  ? __pfx___might_resched+0x10/0x10
[  259.135279][T13234]  ? aa_sk_perm+0x967/0xab0
[  259.139901][T13234]  ? __pfx_packet_sendmsg+0x10/0x10
[  259.145156][T13234]  ? __pfx_lock_release+0x10/0x10
[  259.150251][T13234]  ? __import_iovec+0x536/0x820
[  259.155142][T13234]  ? aa_sock_msg_perm+0x91/0x160
[  259.160171][T13234]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  259.165485][T13234]  ? security_socket_sendmsg+0x87/0xb0
[  259.171039][T13234]  ? __pfx_packet_sendmsg+0x10/0x10
[  259.176276][T13234]  __sock_sendmsg+0x221/0x270
[  259.177503][T13241] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2783'.
[  259.181045][T13234]  ____sys_sendmsg+0x525/0x7d0
[  259.181090][T13234]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.200199][T13234]  __sys_sendmsg+0x2b0/0x3a0
[  259.204837][T13234]  ? __pfx___sys_sendmsg+0x10/0x10
[  259.210068][T13234]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.216433][T13234]  ? do_syscall_64+0x100/0x230
[  259.221391][T13234]  ? do_syscall_64+0xb6/0x230
[  259.226120][T13234]  do_syscall_64+0xf3/0x230
[  259.230701][T13234]  ? clear_bhb_loop+0x35/0x90
[  259.235418][T13234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.241409][T13234] RIP: 0033:0x7f6b56d75bd9
[  259.245857][T13234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.265544][T13234] RSP: 002b:00007f6b57bda048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.274048][T13234] RAX: ffffffffffffffda RBX: 00007f6b56f03f60 RCX: 00007f6b56d75bd9
[  259.282103][T13234] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003
[  259.290255][T13234] RBP: 00007f6b56de4e60 R08: 0000000000000000 R09: 0000000000000000
[  259.298302][T13234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  259.306302][T13234] R13: 000000000000000b R14: 00007f6b56f03f60 R15: 00007fff7fd0e938
[  259.314376][T13234]  </TASK>
[  259.317470][T13234] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  259.324771][T13234] CPU: 1 PID: 13234 Comm: syz.4.2780 Not tainted 6.10.0-rc6-syzkaller-00177-ge1533b6319ab #0
[  259.334948][T13234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  259.345034][T13234] Call Trace:
[  259.348336][T13234]  <TASK>
[  259.351285][T13234]  dump_stack_lvl+0x241/0x360
[  259.356004][T13234]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.361235][T13234]  ? __pfx__printk+0x10/0x10
[  259.365866][T13234]  ? vscnprintf+0x5d/0x90
[  259.370222][T13234]  panic+0x349/0x860
[  259.374153][T13234]  ? __warn+0x172/0x4e0
[  259.378337][T13234]  ? __pfx_panic+0x10/0x10
[  259.382801][T13234]  __warn+0x346/0x4e0
[  259.386804][T13234]  ? skb_checksum_help+0x68f/0x730
[  259.391932][T13234]  report_bug+0x2b3/0x500
[  259.396261][T13234]  ? skb_checksum_help+0x68f/0x730
[  259.401369][T13234]  handle_bug+0x3e/0x70
[  259.405522][T13234]  exc_invalid_op+0x1a/0x50
[  259.410024][T13234]  asm_exc_invalid_op+0x1a/0x20
[  259.414869][T13234] RIP: 0010:skb_checksum_help+0x68f/0x730
[  259.420582][T13234] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 89 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 c0 63 c5 8c 4c 89 f6 89 da e8 52 3f 01 f8 90 <0f> 0b 90 90 bb ea ff ff ff e9 cf fc ff ff 48 8b 0c 24 80 e1 07 80
[  259.440189][T13234] RSP: 0018:ffffc900031feda8 EFLAGS: 00010246
[  259.446251][T13234] RAX: 8a5b5be165f13900 RBX: 0000000000000088 RCX: 0000000000040000
[  259.454213][T13234] RDX: ffffc90017003000 RSI: 000000000003ffff RDI: 0000000000040000
[  259.462174][T13234] RBP: dffffc0000000000 R08: ffffffff81585822 R09: fffffbfff1c39994
[  259.470135][T13234] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: 1ffff11003daa54e
[  259.478098][T13234] R13: 000000000000009a R14: 000000000000009c R15: ffff88801ed52a00
[  259.486175][T13234]  ? __warn_printk+0x292/0x360
[  259.490969][T13234]  ? skb_checksum_help+0x68e/0x730
[  259.496093][T13234]  ip_do_fragment+0x21b/0x1b60
[  259.500865][T13234]  ? __pfx_ip_finish_output2+0x10/0x10
[  259.506318][T13234]  ? __pfx_ip_do_fragment+0x10/0x10
[  259.511508][T13234]  ? kasan_quarantine_put+0xdc/0x230
[  259.516790][T13234]  ? lockdep_hardirqs_on+0x99/0x150
[  259.521988][T13234]  ? __ip_finish_output+0x247/0x400
[  259.527178][T13234]  ? kmem_cache_free+0x145/0x350
[  259.532124][T13234]  ? ip_fragment+0x9a/0x220
[  259.536622][T13234]  __ip_finish_output+0x290/0x400
[  259.541644][T13234]  iptunnel_xmit+0x540/0x9b0
[  259.546257][T13234]  ip_tunnel_xmit+0x2113/0x2940
[  259.551127][T13234]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  259.556319][T13234]  ? gre_build_header+0x341/0xb30
[  259.561344][T13234]  ? __pfx_gre_build_header+0x10/0x10
[  259.566742][T13234]  ? iptunnel_handle_offloads+0x25f/0x650
[  259.572460][T13234]  ipgre_xmit+0x956/0xd40
[  259.576799][T13234]  ? __pfx_ipgre_xmit+0x10/0x10
[  259.581657][T13234]  ? validate_xmit_skb+0xa04/0x1120
[  259.586853][T13234]  dev_hard_start_xmit+0x27a/0x7e0
[  259.591969][T13234]  __dev_queue_xmit+0x1b0e/0x3d30
[  259.597019][T13234]  ? __might_fault+0xc6/0x120
[  259.601721][T13234]  ? __dev_queue_xmit+0x2d2/0x3d30
[  259.606931][T13234]  ? skb_partial_csum_set+0x105/0x350
[  259.612296][T13234]  ? __pfx___dev_queue_xmit+0x10/0x10
[  259.617663][T13234]  ? virtio_net_hdr_to_skb+0xa6a/0x1330
[  259.623198][T13234]  ? packet_parse_headers+0x7bd/0xad0
[  259.628571][T13234]  ? __pfx_virtio_net_hdr_to_skb+0x10/0x10
[  259.634370][T13234]  ? packet_xmit+0x68/0x330
[  259.638871][T13234]  packet_sendmsg+0x46c2/0x6150
[  259.643726][T13234]  ? finish_task_switch+0x1e5/0x870
[  259.649025][T13234]  ? __pfx___might_resched+0x10/0x10
[  259.654313][T13234]  ? aa_sk_perm+0x967/0xab0
[  259.658814][T13234]  ? __pfx_packet_sendmsg+0x10/0x10
[  259.664014][T13234]  ? __pfx_lock_release+0x10/0x10
[  259.669114][T13234]  ? __import_iovec+0x536/0x820
[  259.673954][T13234]  ? aa_sock_msg_perm+0x91/0x160
[  259.678889][T13234]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  259.684171][T13234]  ? security_socket_sendmsg+0x87/0xb0
[  259.689626][T13234]  ? __pfx_packet_sendmsg+0x10/0x10
[  259.694835][T13234]  __sock_sendmsg+0x221/0x270
[  259.699515][T13234]  ____sys_sendmsg+0x525/0x7d0
[  259.704282][T13234]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.709575][T13234]  __sys_sendmsg+0x2b0/0x3a0
[  259.714161][T13234]  ? __pfx___sys_sendmsg+0x10/0x10
[  259.719298][T13234]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.725617][T13234]  ? do_syscall_64+0x100/0x230
[  259.730380][T13234]  ? do_syscall_64+0xb6/0x230
[  259.735052][T13234]  do_syscall_64+0xf3/0x230
[  259.739552][T13234]  ? clear_bhb_loop+0x35/0x90
[  259.744225][T13234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.750112][T13234] RIP: 0033:0x7f6b56d75bd9
[  259.754542][T13234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.774139][T13234] RSP: 002b:00007f6b57bda048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.782548][T13234] RAX: ffffffffffffffda RBX: 00007f6b56f03f60 RCX: 00007f6b56d75bd9
[  259.790512][T13234] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003
[  259.798561][T13234] RBP: 00007f6b56de4e60 R08: 0000000000000000 R09: 0000000000000000
[  259.806525][T13234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  259.814489][T13234] R13: 000000000000000b R14: 00007f6b56f03f60 R15: 00007fff7fd0e938
[  259.822488][T13234]  </TASK>
[  259.825740][T13234] Kernel Offset: disabled
[  259.830097][T13234] Rebooting in 86400 seconds..