last executing test programs:

32.225427326s ago: executing program 3 (id=533):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000880)={0x20, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x4}]}]}, 0x20}}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002a80)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000480)=[{&(0x7f00000000c0)='W', 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet6(r0, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c)
listen(r0, 0x100101)
accept4(r0, 0x0, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r4 = socket$packet(0x11, 0x0, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10)
syz_emit_ethernet(0x14, &(0x7f000000b280)={@local, @link_local, @val={@void}, {@generic={0x0, ']%'}}}, 0x0)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f00000001c0)={@val={0xa}, @void, @eth={@broadcast, @remote, @val={@val={0x88a8, 0x3, 0x0, 0x1}, {0x8100, 0x3, 0x1, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @local, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffa888}}}}}}}, 0x46)

31.246942375s ago: executing program 3 (id=548):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000280), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket(0x840000000002, 0x3, 0x100)
r5 = socket(0x25, 0x6, 0x0)
accept4$tipc(r5, 0x0, 0x0, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000040), 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair(0x0, 0x0, 0x400, &(0x7f0000000200))
gettid()
syz_open_procfs$namespace(0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
socket$inet6(0xa, 0x4, 0x6)
getgid()
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)

30.761711493s ago: executing program 3 (id=556):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000008000850000006100000085000000d000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0xe, 0x0, &(0x7f00000004c0)="243c42e8680d85ffff03768588a8", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={0xffffffffffffffff}, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x1, 0x9, 0x801}, 0x14}}, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x2d, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2ca}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @alu={0x4, 0x0, 0x2, 0x0, 0xb, 0x10, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0x8b}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x400, 0x68, &(0x7f0000000240)=""/104, 0x40f00, 0x16, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000140)=[0x1, 0x1, 0x1], &(0x7f00000002c0)=[{0x1, 0x1, 0x10, 0x1}, {0x1, 0x5, 0x10, 0x3}, {0x8, 0x4, 0x8, 0x1}], 0x10, 0x8}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000014c0)={0x4, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000001180)='GPL\x00', 0x5, 0xbf, &(0x7f0000001380)=""/191}, 0x80)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r4, 0x77, &(0x7f0000000100)}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1b, 0x3, &(0x7f0000001500)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000012fbacd87a9a5bfe74316da9c3d65bf6c7fa8d30396376603ca6a9852397bbbeced20646ca39cfb4aad30168de80d9209eefdacfb1e79e4864bc56e2a07bd3b09916b319206721d385707b7d8437cee1d2d16c7e0fb5c0775c232fded7938cab850aff11cc0a4e0b2e4fa0dcf116e0b618682c38344c52ffeac1af36c576e8171b33b8510e9951d6219058d08374790e1c10464776e440afff87ef6086bba2afafa9b6632780f15b624e03957ab0e391e828cc822a74c47d1303b2bf0952788631bf8e059560720bb364d160584af5b7eaf221d69e7a171cd9f3f163e2bd690f52b45a9922053481414d2e9c60efaa2ffdd5385bf70dfd5db0e79f30a77cffd510696dc56c21b182ca9faff0ba3d7a6290009bed0f63d30c8975ebc900"/323], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x8248}, 0x80)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@map=0x1, 0x10, 0x0, 0x10001, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], <r6=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@map, r5, 0x8, 0x8, r5, @prog_id, r6}, 0x20)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000480)={@map=r1, r3, 0x35, 0x0, r0, @prog_fd=r4, r6}, 0x20)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r7, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

30.233869577s ago: executing program 3 (id=563):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381", 0xb}, {&(0x7f00000005c0)="c2c180", 0x3}], 0x2)

16.570404354s ago: executing program 3 (id=563):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381", 0xb}, {&(0x7f00000005c0)="c2c180", 0x3}], 0x2)

4.856547936s ago: executing program 0 (id=782):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xb5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
listen(r1, 0x100101)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000380), 0x8)
accept4(r1, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x8}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x25}]}, &(0x7f0000000040)='GPL\x00'}, 0x80)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', <r3=>0x0, 0x2, 0x76, 0x6, 0x7, 0x10, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x80, 0x0, 0x9}})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x1, 0x8, 0x8, 0x86, r2, 0xa3b6, '\x00', r3, 0xffffffffffffffff, 0x4, 0x5, 0x1, 0x9}, 0x48)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x9, 0x4, 0xd1, 0x704, r4, 0x7, '\x00', 0x0, r4, 0x2, 0x0, 0x0, 0x7}, 0x48)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x4788, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="5800000010000104f0ffffff000500000000fdff", @ANYRES32=r5, @ANYBLOB="00000000da44000024001a8020000a8014000700fe"], 0x58}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000002680), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000002700)={0x24, r7, 0x1, 0x70bd2c, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x581, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc9a9}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_FLAGS={0x6}]}}}]}, 0x3c}}, 0x0)

3.807089412s ago: executing program 0 (id=790):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000300)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x0, 0x0, 0xfffffffffffffd25)

2.601764252s ago: executing program 0 (id=798):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xbc53e1e78fccedc0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000cd0000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0x11, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a5000000950000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001500), 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000004000000000000000201801000020786c3500000000002020207b1af8ff00000000bfa10000000000000701000094ffffffb702000008000000b703000000000020850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r10, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000340), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r11, 0x0)

2.480697824s ago: executing program 1 (id=799):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@delchain={0x10c, 0x65, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_bpf={{0x8}, {0x24, 0x2, [@TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_FLAGS={0x8}]}}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0xa8, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x64, 0x5, [@TCA_POLICE_RATE64={0xc}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_AVRATE={0x8}]}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x30, 0x6, [@m_bpf={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x10c}}, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000140)="2a6964b6e862bbb7ace52f4024afa4a037aa7a2c42a917c9800a8355448b1022eb5829e387283555dbf20602b0befa124cf12670989c94", 0x37}], 0x1, 0x0, 0x0)
r0 = socket(0x10, 0x0, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000000), 0xc, 0x0}, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x57}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x52}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0x350}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2.357844452s ago: executing program 2 (id=800):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x7e, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd602e5cea00483c0020010000000000000000000000000002ff0200000000000000000000000000010004000000000000c910ff"], 0x0)
sendmsg$unix(r0, &(0x7f0000000240)={&(0x7f0000000040)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000000200)=[{&(0x7f00000000c0)}, {&(0x7f0000000840)="7f", 0x1}], 0x2}, 0x42080)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="020300020c0000002abd70000000000002000800080000006d0000000000000003000600000000000200000000000000000000000000000002000100000000000000080000"], 0x60}, 0x1, 0x7}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600064000000000060005"], 0xe4}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYRESOCT=r0], 0x78}, 0x1, 0x0, 0x0, 0x4880}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="f20000000008091c0000000a1d000064333d17da44ec580000000000", @ANYRES32, @ANYBLOB], 0x30}}, 0x0)
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000001840)={<r6=>0x0, @in6={{0xa, 0x4e20, 0x0, @loopback, 0x4}}, 0xfffffbc0, 0x2, 0x81, 0x7, 0x44, 0x4, 0x14}, &(0x7f0000000540)=0x9c)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000001900)={r6, 0xeb, "ba64f5fcfb37577f533d7866d0565bad2e5c1afc236e5e01ad58d3025453c292baf5c18697cf075baf78f9444e8e239659f0388a007a7449304ebbeb80550d45be391eec27b357c8a9dd56a8c202377519028c6c5f58024793442305b950b397b076a015f10802e0a86e48c12cefd32777a6daf33b4b9ea2034c9e0593aec3eb2aa752afba9f541c0187fb7575fbb447f5b0d896b8584597daff2b66a256f44f514d1f1fde1e44d3ebe1a2433e71550704d7407bd0d3248aeae7c6378f20773cbcde4f232cdd78491a3a9e69f7113d6cafa98c956f73e4ea6d0e231af2942b3a95a00c6fd7bf996c41e92b"}, &(0x7f0000000700)=0xf3)
sendto$unix(r1, &(0x7f0000001740)="fddc4996c3061a733f9a2ca7b0acff4c97d1c5350f03fc18141885210bb7f896c7671a615b7c160237f3181c8dac910fd81706fd6c060d0cd216486042cea717034e7b17dff5842a878604a0586018144d4032238f12d8a2a83f67d2594390029d4e27f11e26cbb4faf699b9cc8bca866b004e56c5c06f13acd288ce9f3190133c3970a5a629a875213d964acbc36ea31df29ed9a1ae279c0e9e65fd11189e3a37f8fc31b2bd6cd5044a8443915eb70d55b73c75d84bc83241bcd5e3ff91cb0c6e65e59218712a0aa6", 0xc9, 0x40804, &(0x7f0000000680)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
r7 = socket(0x10, 0x0, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$EBT_SO_GET_ENTRIES(r8, 0x0, 0x81, &(0x7f0000000180)={'filter\x00', 0x0, 0x3, 0xc7, [0x10001, 0x7, 0x800, 0x4, 0x3, 0x4], 0x4, &(0x7f0000000140)=[{}, {}, {}, {}], &(0x7f0000000340)=""/199}, &(0x7f0000000440)=0x78)
write(r7, 0x0, 0x0)
bind$bt_l2cap(r7, &(0x7f00000000c0)={0x1f, 0x257d, @none, 0x2}, 0xe)
r9 = socket$igmp6(0xa, 0x3, 0x2)
recvmmsg(r9, &(0x7f0000009780)=[{{&(0x7f00000008c0)=@alg, 0x80, &(0x7f0000000c80)=[{&(0x7f0000001a00)=""/4096, 0x1000}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000000940)=""/233, 0xe9}, {&(0x7f0000000a40)=""/159, 0x9f}, {&(0x7f0000000b00)=""/172, 0xac}, {&(0x7f0000000100)=""/45, 0x2d}, {&(0x7f0000000bc0)=""/167, 0xa7}], 0x7, &(0x7f0000000d00)=""/237, 0xed}, 0xe}, {{&(0x7f0000000e00)=@sco={0x1f, @none}, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000e80)=""/69, 0x45}, {&(0x7f0000000f00)=""/8, 0x8}, {&(0x7f0000000f40)=""/181, 0xb5}, {&(0x7f0000003a00)=""/4096, 0x1000}, {&(0x7f0000001000)=""/187, 0xbb}], 0x5, &(0x7f0000001140)=""/153, 0x99}, 0x7}, {{&(0x7f0000001200)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000001540)=[{&(0x7f0000001280)=""/109, 0x6d}, {&(0x7f0000001300)=""/231, 0xe7}, {&(0x7f0000001400)=""/232, 0xe8}, {&(0x7f0000001500)=""/29, 0x1d}], 0x4, &(0x7f0000001640)=""/149, 0x95}, 0xd5}, {{&(0x7f0000004a00)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000006cc0)=[{&(0x7f0000004a80)=""/105, 0x69}, {&(0x7f0000004b00)=""/4096, 0x1000}, {&(0x7f0000005b00)=""/4096, 0x1000}, {&(0x7f0000006b00)=""/77, 0x4d}, {&(0x7f0000006b80)=""/173, 0xad}, {&(0x7f0000006c40)=""/116, 0x74}, {&(0x7f0000001580)}], 0x7, &(0x7f0000006d40)=""/4096, 0x1000}, 0xffff8001}, {{&(0x7f0000007d40)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f0000007f40)=[{&(0x7f0000001700)=""/35, 0x23}, {&(0x7f0000007dc0)=""/146, 0x92}, {&(0x7f0000007e80)=""/106, 0x6a}, {&(0x7f0000007f00)=""/37, 0x25}], 0x4, &(0x7f0000007f80)=""/105, 0x69}, 0x7}, {{&(0x7f0000008000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @broadcast}}}}, 0x80, &(0x7f0000008180)=[{&(0x7f0000008080)=""/148, 0x94}, {&(0x7f0000008140)}], 0x2, &(0x7f00000081c0)=""/112, 0x70}, 0x694}, {{&(0x7f0000008240)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000009640)=[{&(0x7f00000082c0)=""/4096, 0x1000}, {&(0x7f00000092c0)=""/67, 0x43}, {&(0x7f0000009340)=""/86, 0x56}, {&(0x7f00000093c0)=""/109, 0x6d}, {&(0x7f0000009440)=""/107, 0x6b}, {&(0x7f00000094c0)}, {&(0x7f0000009500)=""/116, 0x74}, {&(0x7f0000009580)=""/186, 0xba}], 0x8, &(0x7f00000096c0)=""/138, 0x8a}, 0x8}], 0x7, 0x10000, &(0x7f0000009940)={0x0, 0x989680})
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000300)='scalable\x00', 0x9)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000500)=""/50, 0x32}, {&(0x7f0000000740)=""/168, 0xb4}], 0x1}, 0x40002741)

2.343021834s ago: executing program 0 (id=801):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xb5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
listen(r1, 0x100101)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000380), 0x8)
accept4(r1, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x8}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x25}]}, &(0x7f0000000040)='GPL\x00'}, 0x80)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', <r3=>0x0, 0x2, 0x76, 0x6, 0x7, 0x10, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x80, 0x0, 0x9}})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x1, 0x8, 0x8, 0x86, r2, 0xa3b6, '\x00', r3, 0xffffffffffffffff, 0x4, 0x5, 0x1, 0x9}, 0x48)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x9, 0x4, 0xd1, 0x704, r4, 0x7, '\x00', 0x0, r4, 0x2, 0x0, 0x0, 0x7}, 0x48)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x4788, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="5800000010000104f0ffffff000500000000fdff", @ANYRES32=r5, @ANYBLOB="00000000da44000024001a8020000a8014000700fe"], 0x58}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000002680), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000002700)={0x24, r7, 0x1, 0x70bd2c, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x581, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc9a9}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_FLAGS={0x6}]}}}]}, 0x3c}}, 0x0)

2.297692834s ago: executing program 1 (id=802):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xbc53e1e78fccedc0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000cd0000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0x11, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a5000000950000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001500), 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000004000000000000000201801000020786c3500000000002020207b1af8ff00000000bfa10000000000000701000094ffffffb702000008000000b703000000000020850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r10, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000340), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r11, 0x0)

1.828014942s ago: executing program 1 (id=806):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x6, &(0x7f00000000c0)=@raw=[@map_val={0x18, 0x5, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000180)={0x5, 0x9, 0xffff, 0x9}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f00000001c0)=[{0x2, 0x3, 0x7, 0x1}, {0x2, 0x3, 0x2, 0x6}, {0x1, 0x5, 0x10, 0x1}, {0x1, 0x4, 0x0, 0x1}], 0x10, 0x9}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010065727370616e000014000280050016000000000006000e0011"], 0x44}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000002c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6, &(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x32, &(0x7f0000000380)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xf3, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=0x1, r1, 0x26}, 0x20)

1.629822652s ago: executing program 1 (id=808):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=r0, 0xffffffffffffffff, 0x26}, 0x10)

1.579272958s ago: executing program 1 (id=810):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000880)={0x20, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x4}]}]}, 0x20}}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002a80)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000480)=[{&(0x7f00000000c0)='W', 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet6(r0, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c)
listen(r0, 0x100101)
accept4(r0, 0x0, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {}]}, 0x10)
syz_emit_ethernet(0x14, &(0x7f000000b280)={@local, @link_local, @val={@void}, {@generic={0x0, ']%'}}}, 0x0)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f00000001c0)={@val={0xa}, @void, @eth={@broadcast, @remote, @val={@val={0x88a8, 0x3, 0x0, 0x1}, {0x8100, 0x3, 0x1, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @local, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffa888}}}}}}}, 0x46)

1.401732841s ago: executing program 0 (id=811):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f0000000300), 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x0, 0x0, 0xfffffffffffffd25)

1.392129639s ago: executing program 2 (id=812):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@delchain={0x10c, 0x65, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_bpf={{0x8}, {0x24, 0x2, [@TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_FLAGS={0x8}]}}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0xa8, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x64, 0x5, [@TCA_POLICE_RATE64={0xc}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_AVRATE={0x8}]}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x30, 0x6, [@m_bpf={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x10c}}, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000140)="2a6964b6e862bbb7ace52f4024afa4a037aa7a2c42a917c9800a8355448b1022eb5829e387283555dbf20602b0befa124cf12670989c94", 0x37}], 0x1, 0x0, 0x0)
r0 = socket(0x10, 0x0, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000540)={&(0x7f0000000000), 0xc, 0x0}, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x57}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x52}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0x350}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1.197682514s ago: executing program 2 (id=813):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xbc53e1e78fccedc0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000cd0000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0x11, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a5000000950000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001500), 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000004000000000000000201801000020786c3500000000002020207b1af8ff00000000bfa10000000000000701000094ffffffb702000008000000b703000000000020850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r10, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000340), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r11, 0x0)

1.064874347s ago: executing program 2 (id=814):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, &(0x7f00000001c0))
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4f", 0x84}, {&(0x7f0000000640)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b6aeb7aaea4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1a1256740f17767071dff06f2bc5afc07f7cce47d5e8ce5b2806ff7171c64a689a0ba35e934506a46a10b9a579dc43630831e2c5400853b58e020c9cb65e44d4957b00ed35a858d44b25d5b8dad1be420467333d9ce17dddc425dad69c4c9395a5c170170a4fa63091786e2a563e3d5982a73c15edf854046e1a33b2728e74c856a58ba74c80f4f4166ac51d720f507c2c205ef5a04370c77928dfde47e15d533060084d4fc271eab837367369218b1bfc59752696396f", 0x18d}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef304ed0ffedd061941d9d022b25a4b9632856295fe", 0xf2}], 0x3}}], 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

848.464464ms ago: executing program 4 (id=815):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xbc53e1e78fccedc0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000cd0000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0x11, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a5000000950000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001500), 0xffffffffffffffff)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffff"], 0x398}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000004000000000000000201801000020786c3500000000002020207b1af8ff00000000bfa10000000000000701000094ffffffb702000008000000b703000000000020850000002d000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r10, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000340), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r11, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)

756.679042ms ago: executing program 4 (id=816):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000003c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0x7}]}}}}}}}, 0x0)

756.180834ms ago: executing program 0 (id=817):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cda", 0x6}, {&(0x7f00000005c0)="c2c18035", 0x4}], 0x2)

700.458537ms ago: executing program 4 (id=818):
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'syz_tun\x00', <r1=>0x0})
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd1, &(0x7f0000000080)=0x9, 0x4)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00', @ANYRES32], 0x54}}, 0x0)

647.259457ms ago: executing program 3 (id=563):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47381", 0xb}, {&(0x7f00000005c0)="c2c180", 0x3}], 0x2)

441.161416ms ago: executing program 1 (id=819):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000027c0)={0x2, 0x3, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x8}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x78}, 0x1, 0x7}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x67}, [@ldst={0x6}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x48)
socket$inet(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x80002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES8=r2], 0x20}, 0x1, 0xc00000000000000}, 0x0)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x2, 0x1, 0x0, 0x3, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, @sadb_x_sa2={0x2}]}, 0x70}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r6, @ANYBLOB="800202000a000200577f0000aabb000020000e80"], 0x48}}, 0x0)
write$tun(0xffffffffffffffff, &(0x7f00000015c0)=ANY=[@ANYBLOB="1c000000010500000200000006006027"], 0xfaa)

440.367702ms ago: executing program 4 (id=820):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000006dc0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x80, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4c, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x45, 0x1, "7eeec7317872b37ab37f4ac2fdc18baa54c61330189a9da592671ee0dd42f7a5fbc80b22cda7136ac117a5fe4b3d6d0abf60a0ca8ea3b33778516935a06e6b98cc"}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x104}}, 0x0)

329.494792ms ago: executing program 4 (id=821):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
unshare(0x400)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r1, &(0x7f0000000040)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xfffffffc, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x1c)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x13}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

185.652481ms ago: executing program 4 (id=822):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xb5}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
listen(r1, 0x100101)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000380), 0x8)
accept4(r1, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x8}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x25}]}, &(0x7f0000000040)='GPL\x00'}, 0x80)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', <r3=>0x0, 0x2, 0x76, 0x6, 0x7, 0x10, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x80, 0x0, 0x9}})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x1, 0x8, 0x8, 0x86, r2, 0xa3b6, '\x00', r3, 0xffffffffffffffff, 0x4, 0x5, 0x1, 0x9}, 0x48)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x9, 0x4, 0xd1, 0x704, r4, 0x7, '\x00', 0x0, r4, 0x2, 0x0, 0x0, 0x7}, 0x48)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x4788, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="5800000010000104f0ffffff000500000000fdff", @ANYRES32=r5, @ANYBLOB="00000000da44000024001a8020000a8014000700fe"], 0x58}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000002680), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000002700)={0x24, r7, 0x1, 0x70bd2c, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x581, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc9a9}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_FLAGS={0x6}]}}}]}, 0x3c}}, 0x0)

93.8346ms ago: executing program 2 (id=823):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000003c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0x7}]}}}}}}}, 0x0)

0s ago: executing program 2 (id=824):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newtaction={0x8c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x8c}}, 0x0)
close(r0)
r2 = socket$alg(0x26, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000002c0)=[@in6={0xa, 0x4e23, 0x6, @private1, 0x81}, @in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x7}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e20, @local}], 0x68)
bind$alg(r2, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x7, &(0x7f00000000c0)="f8ffffff", 0x4)
ioctl$SIOCSIFHWADDR(r0, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"})
ioctl$SIOCSIFHWADDR(r0, 0x8b06, &(0x7f0000000040)={'wlan1\x00', @random="02000000000a"})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r5, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
connect$pppl2tp(r3, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x1, 0x3}}, 0x26)
getsockopt$bt_BT_SECURITY(r3, 0x111, 0x2, 0x0, 0x20000000)

kernel console output (not intermixed with test programs):

x230
[   76.699641][ T5600]  do_syscall_64+0xf3/0x230
[   76.704140][ T5600]  ? clear_bhb_loop+0x35/0x90
[   76.708811][ T5600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.714701][ T5600] RIP: 0033:0x7fa37e775bd9
[   76.719105][ T5600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.738701][ T5600] RSP: 002b:00007fa37f601048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.747107][ T5600] RAX: ffffffffffffffda RBX: 00007fa37e903f60 RCX: 00007fa37e775bd9
[   76.755166][ T5600] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[   76.763213][ T5600] RBP: 00007fa37f6010a0 R08: 0000000000000000 R09: 0000000000000000
[   76.771180][ T5600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.779159][ T5600] R13: 000000000000000b R14: 00007fa37e903f60 R15: 00007ffc29669fe8
[   76.787132][ T5600]  </TASK>
[   76.838720][ T1155] cfg80211: failed to load regulatory.db
[   77.114694][ T5615] netlink: 'syz.4.159': attribute type 6 has an invalid length.
[   77.134048][ T5615] netlink: 'syz.4.159': attribute type 5 has an invalid length.
[   77.261871][ T5626] FAULT_INJECTION: forcing a failure.
[   77.261871][ T5626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.295085][ T5626] CPU: 1 PID: 5626 Comm: syz.2.163 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   77.305115][ T5626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   77.315194][ T5626] Call Trace:
[   77.318496][ T5626]  <TASK>
[   77.321438][ T5626]  dump_stack_lvl+0x241/0x360
[   77.326838][ T5626]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.332073][ T5626]  ? __pfx__printk+0x10/0x10
[   77.336773][ T5626]  ? __pfx_lock_release+0x10/0x10
[   77.341828][ T5626]  should_fail_ex+0x3b0/0x4e0
[   77.346535][ T5626]  _copy_from_user+0x2f/0xe0
[   77.351147][ T5626]  copy_msghdr_from_user+0xae/0x680
[   77.356382][ T5626]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   77.362236][ T5626]  __sys_sendmsg+0x23d/0x3a0
[   77.366853][ T5626]  ? __pfx___sys_sendmsg+0x10/0x10
[   77.371995][ T5626]  ? vfs_write+0x7c4/0xc90
[   77.376479][ T5626]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   77.382828][ T5626]  ? do_syscall_64+0x100/0x230
[   77.387606][ T5626]  ? do_syscall_64+0xb6/0x230
[   77.392290][ T5626]  do_syscall_64+0xf3/0x230
[   77.396812][ T5626]  ? clear_bhb_loop+0x35/0x90
[   77.401513][ T5626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.407427][ T5626] RIP: 0033:0x7f7402575bd9
[   77.411866][ T5626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.431589][ T5626] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.440030][ T5626] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[   77.448031][ T5626] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[   77.456021][ T5626] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[   77.464014][ T5626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.472006][ T5626] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[   77.480017][ T5626]  </TASK>
[   77.675314][ T5636] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   77.685074][ T5636] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   77.694777][ T5636] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   77.703501][ T5636] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   77.961659][ T5641] Bluetooth: hci3: invalid length 0, exp 2 for type 17
[   78.529364][ T5664] __nla_validate_parse: 32 callbacks suppressed
[   78.529382][ T5664] netlink: 4 bytes leftover after parsing attributes in process `syz.4.178'.
[   78.696459][ T5671] FAULT_INJECTION: forcing a failure.
[   78.696459][ T5671] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.722961][ T5671] CPU: 1 PID: 5671 Comm: syz.3.181 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   78.733072][ T5671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   78.743145][ T5671] Call Trace:
[   78.746443][ T5671]  <TASK>
[   78.749388][ T5671]  dump_stack_lvl+0x241/0x360
[   78.754095][ T5671]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.759409][ T5671]  ? __pfx__printk+0x10/0x10
[   78.764021][ T5671]  ? __pfx_lock_release+0x10/0x10
[   78.769073][ T5671]  should_fail_ex+0x3b0/0x4e0
[   78.773781][ T5671]  _copy_from_user+0x2f/0xe0
[   78.778393][ T5671]  copy_msghdr_from_user+0xae/0x680
[   78.783620][ T5671]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   78.789462][ T5671]  __sys_sendmsg+0x23d/0x3a0
[   78.794167][ T5671]  ? __pfx___sys_sendmsg+0x10/0x10
[   78.799299][ T5671]  ? vfs_write+0x7c4/0xc90
[   78.803778][ T5671]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   78.810130][ T5671]  ? do_syscall_64+0x100/0x230
[   78.814916][ T5671]  ? do_syscall_64+0xb6/0x230
[   78.819616][ T5671]  do_syscall_64+0xf3/0x230
[   78.824141][ T5671]  ? clear_bhb_loop+0x35/0x90
[   78.828891][ T5671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.834797][ T5671] RIP: 0033:0x7f6289975bd9
[   78.839215][ T5671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.859074][ T5671] RSP: 002b:00007f628a79b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.867480][ T5671] RAX: ffffffffffffffda RBX: 00007f6289b03f60 RCX: 00007f6289975bd9
[   78.875482][ T5671] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005
[   78.883473][ T5671] RBP: 00007f628a79b0a0 R08: 0000000000000000 R09: 0000000000000000
[   78.891536][ T5671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.899523][ T5671] R13: 000000000000000b R14: 00007f6289b03f60 R15: 00007ffddde42c98
[   78.907506][ T5671]  </TASK>
[   78.986139][ T5680] Bluetooth: hci3: invalid length 0, exp 2 for type 17
[   79.000770][ T5674] netlink: 4 bytes leftover after parsing attributes in process `syz.4.183'.
[   79.020916][ T5677] netlink: 28 bytes leftover after parsing attributes in process `syz.0.184'.
[   79.168847][ T5683] netlink: 4 bytes leftover after parsing attributes in process `syz.4.187'.
[   79.867977][ T5711] netlink: 4 bytes leftover after parsing attributes in process `syz.4.197'.
[   80.116175][ T5723] FAULT_INJECTION: forcing a failure.
[   80.116175][ T5723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.234244][ T5723] CPU: 0 PID: 5723 Comm: syz.4.199 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   80.244291][ T5723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   80.255671][ T5723] Call Trace:
[   80.259326][ T5723]  <TASK>
[   80.262891][ T5723]  dump_stack_lvl+0x241/0x360
[   80.267688][ T5723]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.272913][ T5723]  ? __pfx__printk+0x10/0x10
[   80.277525][ T5723]  ? __pfx_lock_release+0x10/0x10
[   80.282587][ T5723]  should_fail_ex+0x3b0/0x4e0
[   80.287291][ T5723]  _copy_from_user+0x2f/0xe0
[   80.291908][ T5723]  copy_msghdr_from_user+0xae/0x680
[   80.297133][ T5723]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   80.302974][ T5723]  __sys_sendmsg+0x23d/0x3a0
[   80.307590][ T5723]  ? __pfx___sys_sendmsg+0x10/0x10
[   80.312721][ T5723]  ? vfs_write+0x7c4/0xc90
[   80.317196][ T5723]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   80.323542][ T5723]  ? do_syscall_64+0x100/0x230
[   80.328369][ T5723]  ? do_syscall_64+0xb6/0x230
[   80.333066][ T5723]  do_syscall_64+0xf3/0x230
[   80.337597][ T5723]  ? clear_bhb_loop+0x35/0x90
[   80.342301][ T5723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.348218][ T5723] RIP: 0033:0x7f5aaff75bd9
[   80.352649][ T5723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.372275][ T5723] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.380716][ T5723] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[   80.388710][ T5723] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[   80.396703][ T5723] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[   80.404694][ T5723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.412683][ T5723] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[   80.420690][ T5723]  </TASK>
[   80.598373][ T5771] FAULT_INJECTION: forcing a failure.
[   80.598373][ T5771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.688818][ T5763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.202'.
[   80.725449][ T5771] CPU: 0 PID: 5771 Comm: syz.2.203 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   80.735493][ T5771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   80.745563][ T5771] Call Trace:
[   80.748858][ T5771]  <TASK>
[   80.751798][ T5771]  dump_stack_lvl+0x241/0x360
[   80.756498][ T5771]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.761711][ T5771]  ? __pfx__printk+0x10/0x10
[   80.766302][ T5771]  ? vfs_write+0x7c4/0xc90
[   80.770721][ T5771]  should_fail_ex+0x3b0/0x4e0
[   80.775484][ T5771]  _copy_from_user+0x2f/0xe0
[   80.780068][ T5771]  move_addr_to_kernel+0x82/0x150
[   80.785087][ T5771]  __sys_connect+0xc1/0x310
[   80.789589][ T5771]  ? __pfx___sys_connect+0x10/0x10
[   80.794710][ T5771]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   80.801027][ T5771]  ? do_syscall_64+0x100/0x230
[   80.805789][ T5771]  __x64_sys_connect+0x7a/0x90
[   80.810548][ T5771]  do_syscall_64+0xf3/0x230
[   80.815044][ T5771]  ? clear_bhb_loop+0x35/0x90
[   80.819721][ T5771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.825604][ T5771] RIP: 0033:0x7f7402575bd9
[   80.830010][ T5771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.849604][ T5771] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   80.858027][ T5771] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[   80.866055][ T5771] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000005
[   80.874114][ T5771] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[   80.882084][ T5771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.890045][ T5771] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[   80.898040][ T5771]  </TASK>
[   81.185393][ T5787] netlink: 4 bytes leftover after parsing attributes in process `syz.4.209'.
[   81.374785][ T5103] Bluetooth: hci0: command 0x0c20 tx timeout
[   81.707594][ T5807] netlink: 4 bytes leftover after parsing attributes in process `syz.1.217'.
[   81.852316][ T5815] FAULT_INJECTION: forcing a failure.
[   81.852316][ T5815] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   81.867628][ T5815] CPU: 0 PID: 5815 Comm: syz.1.220 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   81.877659][ T5815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   81.887735][ T5815] Call Trace:
[   81.891032][ T5815]  <TASK>
[   81.893984][ T5815]  dump_stack_lvl+0x241/0x360
[   81.898687][ T5815]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.903902][ T5815]  ? __pfx__printk+0x10/0x10
[   81.908524][ T5815]  should_fail_ex+0x3b0/0x4e0
[   81.913227][ T5815]  prepare_alloc_pages+0x1da/0x5d0
[   81.918373][ T5815]  __alloc_pages_noprof+0x166/0x6c0
[   81.923604][ T5815]  ? __pfx___alloc_pages_noprof+0x10/0x10
[   81.929363][ T5815]  ? validate_chain+0x11e/0x5900
[   81.934334][ T5815]  ? __pfx_validate_chain+0x10/0x10
[   81.939560][ T5815]  alloc_pages_mpol_noprof+0x3e8/0x680
[   81.945049][ T5815]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[   81.951081][ T5815]  vma_alloc_folio_noprof+0xf3/0x1f0
[   81.956409][ T5815]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[   81.962313][ T5815]  folio_prealloc+0x31/0x170
[   81.966903][ T5815]  handle_pte_fault+0x257b/0x7090
[   81.971935][ T5815]  ? __pfx_handle_pte_fault+0x10/0x10
[   81.977299][ T5815]  ? __lock_acquire+0x1346/0x1fd0
[   81.982326][ T5815]  ? reacquire_held_locks+0x3eb/0x690
[   81.987692][ T5815]  ? lock_vma_under_rcu+0x2f9/0x6e0
[   81.992897][ T5815]  ? __pfx_reacquire_held_locks+0x10/0x10
[   81.998618][ T5815]  handle_mm_fault+0x10df/0x1ba0
[   82.003582][ T5815]  ? __pfx_handle_mm_fault+0x10/0x10
[   82.008934][ T5815]  ? lock_vma_under_rcu+0x592/0x6e0
[   82.014149][ T5815]  ? exc_page_fault+0x113/0x8c0
[   82.019010][ T5815]  exc_page_fault+0x459/0x8c0
[   82.023696][ T5815]  asm_exc_page_fault+0x26/0x30
[   82.028543][ T5815] RIP: 0033:0x7fa37e6422cb
[   82.032952][ T5815] Code: 00 00 00 48 8d 3d 6d 18 19 00 48 89 c1 31 c0 e8 cb 67 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d a1 18 19 00 48 89 34 24 48 8b 14 24 48 8b
[   82.052557][ T5815] RSP: 002b:00007fa37f5fffc0 EFLAGS: 00010206
[   82.058622][ T5815] RAX: 0000000000000000 RBX: 00007fa37e903f60 RCX: 0000000000000000
[   82.066590][ T5815] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000020000c80
[   82.074574][ T5815] RBP: 00007fa37f6010a0 R08: 0000000000000000 R09: 0000000000000000
[   82.082564][ T5815] R10: 0000000020000c80 R11: 0000000000000000 R12: 0000000000000001
[   82.090543][ T5815] R13: 000000000000000b R14: 00007fa37e903f60 R15: 00007ffc29669fe8
[   82.098543][ T5815]  </TASK>
[   82.111929][ T5815] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   82.314662][ T5827] netlink: 4 bytes leftover after parsing attributes in process `syz.4.223'.
[   82.326951][ T5829] FAULT_INJECTION: forcing a failure.
[   82.326951][ T5829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.345348][ T5829] CPU: 0 PID: 5829 Comm: syz.2.226 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   82.355372][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   82.365445][ T5829] Call Trace:
[   82.368723][ T5829]  <TASK>
[   82.371645][ T5829]  dump_stack_lvl+0x241/0x360
[   82.376340][ T5829]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.381595][ T5829]  ? __pfx__printk+0x10/0x10
[   82.386275][ T5829]  ? __pfx_lock_release+0x10/0x10
[   82.391319][ T5829]  should_fail_ex+0x3b0/0x4e0
[   82.396019][ T5829]  _copy_from_user+0x2f/0xe0
[   82.400615][ T5829]  copy_msghdr_from_user+0xae/0x680
[   82.405820][ T5829]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   82.411637][ T5829]  __sys_sendmsg+0x23d/0x3a0
[   82.416229][ T5829]  ? __pfx___sys_sendmsg+0x10/0x10
[   82.421352][ T5829]  ? vfs_write+0x7c4/0xc90
[   82.425807][ T5829]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   82.432159][ T5829]  ? do_syscall_64+0x100/0x230
[   82.436928][ T5829]  ? do_syscall_64+0xb6/0x230
[   82.441610][ T5829]  do_syscall_64+0xf3/0x230
[   82.446116][ T5829]  ? clear_bhb_loop+0x35/0x90
[   82.450879][ T5829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.456778][ T5829] RIP: 0033:0x7f7402575bd9
[   82.461200][ T5829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.481003][ T5829] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.489441][ T5829] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[   82.497409][ T5829] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004
[   82.505375][ T5829] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[   82.513336][ T5829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.521326][ T5829] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[   82.529341][ T5829]  </TASK>
[   82.863390][ T5843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.230'.
[   83.081362][ T5856] netlink: 'syz.0.235': attribute type 6 has an invalid length.
[   83.161432][ T5861] FAULT_INJECTION: forcing a failure.
[   83.161432][ T5861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.204951][ T5861] CPU: 1 PID: 5861 Comm: syz.4.236 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   83.214982][ T5861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   83.225052][ T5861] Call Trace:
[   83.228347][ T5861]  <TASK>
[   83.231299][ T5861]  dump_stack_lvl+0x241/0x360
[   83.235999][ T5861]  ? __pfx_dump_stack_lvl+0x10/0x10
[   83.241224][ T5861]  ? __pfx__printk+0x10/0x10
[   83.245839][ T5861]  ? __pfx_lock_release+0x10/0x10
[   83.250888][ T5861]  should_fail_ex+0x3b0/0x4e0
[   83.255596][ T5861]  _copy_from_user+0x2f/0xe0
[   83.260209][ T5861]  copy_msghdr_from_user+0xae/0x680
[   83.265438][ T5861]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   83.271349][ T5861]  __sys_sendmsg+0x23d/0x3a0
[   83.275950][ T5861]  ? __pfx___sys_sendmsg+0x10/0x10
[   83.281059][ T5861]  ? vfs_write+0x7c4/0xc90
[   83.285505][ T5861]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   83.291833][ T5861]  ? do_syscall_64+0x100/0x230
[   83.296612][ T5861]  ? do_syscall_64+0xb6/0x230
[   83.301286][ T5861]  do_syscall_64+0xf3/0x230
[   83.305779][ T5861]  ? clear_bhb_loop+0x35/0x90
[   83.310449][ T5861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.316337][ T5861] RIP: 0033:0x7f5aaff75bd9
[   83.320747][ T5861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.340448][ T5861] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.348857][ T5861] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[   83.356829][ T5861] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005
[   83.364790][ T5861] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[   83.372756][ T5861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.380713][ T5861] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[   83.388694][ T5861]  </TASK>
[   83.530522][ T5872] nbd: must specify at least one socket
[   83.549339][ T5873] __nla_validate_parse: 1 callbacks suppressed
[   83.549357][ T5873] netlink: 24 bytes leftover after parsing attributes in process `syz.2.240'.
[   83.639395][ T5877] geneve2: entered promiscuous mode
[   83.656288][ T5877] geneve2: entered allmulticast mode
[   83.829339][ T5888] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   83.838268][ T5888] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   83.847363][ T5888] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   83.857002][ T5888] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   84.161819][ T5902] FAULT_INJECTION: forcing a failure.
[   84.161819][ T5902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.183929][ T5902] CPU: 1 PID: 5902 Comm: syz.0.249 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   84.193962][ T5902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   84.204040][ T5902] Call Trace:
[   84.207340][ T5902]  <TASK>
[   84.210281][ T5902]  dump_stack_lvl+0x241/0x360
[   84.214980][ T5902]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.220197][ T5902]  ? __pfx__printk+0x10/0x10
[   84.224813][ T5902]  ? __pfx_lock_release+0x10/0x10
[   84.229879][ T5902]  should_fail_ex+0x3b0/0x4e0
[   84.234589][ T5902]  _copy_from_user+0x2f/0xe0
[   84.239202][ T5902]  copy_msghdr_from_user+0xae/0x680
[   84.244429][ T5902]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   84.247758][ T5904] FAULT_INJECTION: forcing a failure.
[   84.247758][ T5904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.250249][ T5902]  __sys_sendmsg+0x23d/0x3a0
[   84.268275][ T5902]  ? __pfx___sys_sendmsg+0x10/0x10
[   84.273409][ T5902]  ? vfs_write+0x7c4/0xc90
[   84.277888][ T5902]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   84.284230][ T5902]  ? do_syscall_64+0x100/0x230
[   84.288996][ T5902]  ? do_syscall_64+0xb6/0x230
[   84.293671][ T5902]  do_syscall_64+0xf3/0x230
[   84.298183][ T5902]  ? clear_bhb_loop+0x35/0x90
[   84.302888][ T5902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.308803][ T5902] RIP: 0033:0x7fc312175bd9
[   84.313267][ T5902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.333763][ T5902] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.342202][ T5902] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[   84.350285][ T5902] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004
[   84.358457][ T5902] RBP: 00007fc312eb70a0 R08: 0000000000000000 R09: 0000000000000000
[   84.366456][ T5902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.374464][ T5902] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[   84.382468][ T5902]  </TASK>
[   84.385489][ T5904] CPU: 0 PID: 5904 Comm: syz.4.250 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   84.396270][ T5904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   84.406350][ T5904] Call Trace:
[   84.409643][ T5904]  <TASK>
[   84.412584][ T5904]  dump_stack_lvl+0x241/0x360
[   84.417287][ T5904]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.422944][ T5904]  ? __pfx__printk+0x10/0x10
[   84.427554][ T5904]  ? __pfx_lock_release+0x10/0x10
[   84.432601][ T5904]  ? vfs_write+0x7c4/0xc90
[   84.437041][ T5904]  should_fail_ex+0x3b0/0x4e0
[   84.441839][ T5904]  _copy_from_user+0x2f/0xe0
[   84.446454][ T5904]  __sys_bpf+0x1a4/0x810
[   84.450742][ T5904]  ? __pfx___sys_bpf+0x10/0x10
[   84.455545][ T5904]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   84.461542][ T5904]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   84.467955][ T5904]  ? do_syscall_64+0x100/0x230
[   84.472716][ T5904]  __x64_sys_bpf+0x7c/0x90
[   84.477133][ T5904]  do_syscall_64+0xf3/0x230
[   84.481628][ T5904]  ? clear_bhb_loop+0x35/0x90
[   84.486385][ T5904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.492468][ T5904] RIP: 0033:0x7f5aaff75bd9
[   84.496877][ T5904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.516668][ T5904] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   84.525087][ T5904] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[   84.533050][ T5904] RDX: 000000000000000c RSI: 0000000020000500 RDI: 000000000000000a
[   84.541187][ T5904] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[   84.549157][ T5904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.557138][ T5904] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[   84.565209][ T5904]  </TASK>
[   84.682385][ T5912] netlink: 224 bytes leftover after parsing attributes in process `syz.1.253'.
[   84.950989][ T5927] netlink: 'syz.3.257': attribute type 6 has an invalid length.
[   85.014616][ T5935] FAULT_INJECTION: forcing a failure.
[   85.014616][ T5935] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.051069][ T5937] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[   85.081562][ T5935] CPU: 1 PID: 5935 Comm: syz.2.259 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   85.084972][ T5937] netlink: 28 bytes leftover after parsing attributes in process `syz.0.256'.
[   85.091571][ T5935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   85.091590][ T5935] Call Trace:
[   85.091600][ T5935]  <TASK>
[   85.091608][ T5935]  dump_stack_lvl+0x241/0x360
[   85.091637][ T5935]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.126594][ T5935]  ? __pfx__printk+0x10/0x10
[   85.131200][ T5935]  ? __pfx_lock_release+0x10/0x10
[   85.136251][ T5935]  should_fail_ex+0x3b0/0x4e0
[   85.140956][ T5935]  _copy_from_user+0x2f/0xe0
[   85.145571][ T5935]  xsk_setsockopt+0x251/0x950
[   85.150274][ T5935]  ? __pfx_xsk_setsockopt+0x10/0x10
[   85.155491][ T5935]  ? vfs_write+0x7c4/0xc90
[   85.159928][ T5935]  ? aa_sock_opt_perm+0x79/0x120
[   85.164890][ T5935]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[   85.170447][ T5935]  ? security_socket_setsockopt+0x87/0xb0
[   85.176182][ T5935]  ? __pfx_xsk_setsockopt+0x10/0x10
[   85.181401][ T5935]  do_sock_setsockopt+0x3af/0x720
[   85.186461][ T5935]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   85.192047][ T5935]  __sys_setsockopt+0x1ae/0x250
[   85.196926][ T5935]  __x64_sys_setsockopt+0xb5/0xd0
[   85.201957][ T5935]  do_syscall_64+0xf3/0x230
[   85.206454][ T5935]  ? clear_bhb_loop+0x35/0x90
[   85.211123][ T5935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.217003][ T5935] RIP: 0033:0x7f7402575bd9
[   85.221406][ T5935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.241001][ T5935] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   85.249935][ T5935] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[   85.257980][ T5935] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000003
[   85.265951][ T5935] RBP: 00007f74033510a0 R08: 0000000000000004 R09: 0000000000000000
[   85.273914][ T5935] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   85.281873][ T5935] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[   85.290045][ T5935]  </TASK>
[   85.353976][ T5943] (unnamed net_device) (uninitialized): option mode: invalid value (254)
[   85.556754][ T5953] netlink: 76 bytes leftover after parsing attributes in process `syz.1.261'.
[   85.705054][ T5959] FAULT_INJECTION: forcing a failure.
[   85.705054][ T5959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.734669][ T5959] CPU: 0 PID: 5959 Comm: syz.0.266 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   85.744720][ T5959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   85.755054][ T5959] Call Trace:
[   85.758346][ T5959]  <TASK>
[   85.761293][ T5959]  dump_stack_lvl+0x241/0x360
[   85.765997][ T5959]  ? __pfx_dump_stack_lvl+0x10/0x10
[   85.771220][ T5959]  ? __pfx__printk+0x10/0x10
[   85.775833][ T5959]  ? __pfx_lock_release+0x10/0x10
[   85.780878][ T5959]  should_fail_ex+0x3b0/0x4e0
[   85.785582][ T5959]  _copy_from_user+0x2f/0xe0
[   85.790191][ T5959]  __sys_bpf+0x1a4/0x810
[   85.794464][ T5959]  ? __pfx___sys_bpf+0x10/0x10
[   85.799247][ T5959]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   85.805221][ T5959]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   85.811558][ T5959]  __x64_sys_bpf+0x7c/0x90
[   85.815994][ T5959]  do_syscall_64+0xf3/0x230
[   85.820503][ T5959]  ? clear_bhb_loop+0x35/0x90
[   85.825270][ T5959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.831163][ T5959] RIP: 0033:0x7fc312175bd9
[   85.835575][ T5959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.855175][ T5959] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   85.863585][ T5959] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[   85.871546][ T5959] RDX: 000000000000000c RSI: 0000000020000500 RDI: 000000000000000a
[   85.879512][ T5959] RBP: 00007fc312eb70a0 R08: 0000000000000000 R09: 0000000000000000
[   85.887490][ T5959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.895483][ T5959] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[   85.904862][ T5959]  </TASK>
[   86.369545][ T5984] netlink: 'syz.4.276': attribute type 6 has an invalid length.
[   86.427271][ T5989] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[   86.476584][ T5981] netlink: 28 bytes leftover after parsing attributes in process `syz.0.273'.
[   86.692288][ T6002] netlink: 'syz.1.280': attribute type 6 has an invalid length.
[   86.966847][ T6016] FAULT_INJECTION: forcing a failure.
[   86.966847][ T6016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.013122][ T6016] CPU: 1 PID: 6016 Comm: syz.2.285 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   87.023153][ T6016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   87.033239][ T6016] Call Trace:
[   87.036546][ T6016]  <TASK>
[   87.039500][ T6016]  dump_stack_lvl+0x241/0x360
[   87.044206][ T6016]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.049515][ T6016]  ? __pfx__printk+0x10/0x10
[   87.050443][ T6019] netlink: 44 bytes leftover after parsing attributes in process `syz.0.286'.
[   87.054209][ T6016]  ? __pfx_lock_release+0x10/0x10
[   87.054238][ T6016]  ? vfs_write+0x7c4/0xc90
[   87.054263][ T6016]  should_fail_ex+0x3b0/0x4e0
[   87.054292][ T6016]  _copy_from_user+0x2f/0xe0
[   87.054313][ T6016]  __sys_bpf+0x1a4/0x810
[   87.054339][ T6016]  ? __pfx___sys_bpf+0x10/0x10
[   87.063443][ T6019] netlink: 43 bytes leftover after parsing attributes in process `syz.0.286'.
[   87.068272][ T6016]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   87.068303][ T6016]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   87.068323][ T6016]  ? do_syscall_64+0x100/0x230
[   87.068346][ T6016]  __x64_sys_bpf+0x7c/0x90
[   87.068372][ T6016]  do_syscall_64+0xf3/0x230
[   87.068390][ T6016]  ? clear_bhb_loop+0x35/0x90
[   87.068411][ T6016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.068429][ T6016] RIP: 0033:0x7f7402575bd9
[   87.068448][ T6016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.068463][ T6016] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   87.068485][ T6016] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[   87.068498][ T6016] RDX: 000000000000002d RSI: 00000000202a0fb8 RDI: 0000000000000005
[   87.068510][ T6016] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[   87.068522][ T6016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.068533][ T6016] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[   87.068562][ T6016]  </TASK>
[   87.178298][ T6021] netlink: 16 bytes leftover after parsing attributes in process `syz.0.286'.
[   87.214251][ T6019] netlink: 'syz.0.286': attribute type 6 has an invalid length.
[   87.261660][ T6019] netlink: 'syz.0.286': attribute type 5 has an invalid length.
[   87.273674][ T6019] netlink: 43 bytes leftover after parsing attributes in process `syz.0.286'.
[   87.539417][ T6030] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[   87.564413][ T6030] netlink: 28 bytes leftover after parsing attributes in process `syz.4.289'.
[   87.589883][ T6039] xt_time: invalid argument - start or stop time greater than 23:59:59
[   87.818611][ T6051] FAULT_INJECTION: forcing a failure.
[   87.818611][ T6051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.838444][ T6051] CPU: 1 PID: 6051 Comm: syz.1.296 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   87.848468][ T6051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   87.858539][ T6051] Call Trace:
[   87.861454][ T6055] netlink: 'syz.4.298': attribute type 6 has an invalid length.
[   87.861813][ T6051]  <TASK>
[   87.861825][ T6051]  dump_stack_lvl+0x241/0x360
[   87.877075][ T6051]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.882303][ T6051]  ? __pfx__printk+0x10/0x10
[   87.886921][ T6051]  ? __pfx_lock_release+0x10/0x10
[   87.891973][ T6051]  should_fail_ex+0x3b0/0x4e0
[   87.896690][ T6051]  _copy_from_user+0x2f/0xe0
[   87.901311][ T6051]  copy_msghdr_from_user+0xae/0x680
[   87.906621][ T6051]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   87.912469][ T6051]  __sys_sendmsg+0x23d/0x3a0
[   87.917090][ T6051]  ? __pfx___sys_sendmsg+0x10/0x10
[   87.922227][ T6051]  ? vfs_write+0x7c4/0xc90
[   87.926705][ T6051]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   87.933094][ T6051]  ? do_syscall_64+0x100/0x230
[   87.937878][ T6051]  ? do_syscall_64+0xb6/0x230
[   87.942573][ T6051]  do_syscall_64+0xf3/0x230
[   87.947102][ T6051]  ? clear_bhb_loop+0x35/0x90
[   87.951794][ T6051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.957717][ T6051] RIP: 0033:0x7fa37e775bd9
[   87.962126][ T6051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.981731][ T6051] RSP: 002b:00007fa37f601048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.990153][ T6051] RAX: ffffffffffffffda RBX: 00007fa37e903f60 RCX: 00007fa37e775bd9
[   87.998117][ T6051] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[   88.006077][ T6051] RBP: 00007fa37f6010a0 R08: 0000000000000000 R09: 0000000000000000
[   88.014041][ T6051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.022014][ T6051] R13: 000000000000000b R14: 00007fa37e903f60 R15: 00007ffc29669fe8
[   88.030010][ T6051]  </TASK>
[   88.072154][ T6060] FAULT_INJECTION: forcing a failure.
[   88.072154][ T6060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.103121][ T6060] CPU: 1 PID: 6060 Comm: syz.0.299 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   88.113146][ T6060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   88.123221][ T6060] Call Trace:
[   88.126521][ T6060]  <TASK>
[   88.129469][ T6060]  dump_stack_lvl+0x241/0x360
[   88.134173][ T6060]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.139394][ T6060]  ? __pfx__printk+0x10/0x10
[   88.144007][ T6060]  ? __pfx_lock_release+0x10/0x10
[   88.149047][ T6060]  ? vfs_write+0x7c4/0xc90
[   88.153467][ T6060]  should_fail_ex+0x3b0/0x4e0
[   88.158147][ T6060]  _copy_from_user+0x2f/0xe0
[   88.162732][ T6060]  __sys_bpf+0x1a4/0x810
[   88.166976][ T6060]  ? __pfx___sys_bpf+0x10/0x10
[   88.171743][ T6060]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   88.177724][ T6060]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   88.184043][ T6060]  ? do_syscall_64+0x100/0x230
[   88.188800][ T6060]  __x64_sys_bpf+0x7c/0x90
[   88.193211][ T6060]  do_syscall_64+0xf3/0x230
[   88.197708][ T6060]  ? clear_bhb_loop+0x35/0x90
[   88.202379][ T6060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.208269][ T6060] RIP: 0033:0x7fc312175bd9
[   88.212761][ T6060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.232354][ T6060] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   88.240762][ T6060] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[   88.248729][ T6060] RDX: 0000000000000020 RSI: 0000000020000080 RDI: 0000000000000004
[   88.256688][ T6060] RBP: 00007fc312eb70a0 R08: 0000000000000000 R09: 0000000000000000
[   88.264659][ T6060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.272626][ T6060] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[   88.280599][ T6060]  </TASK>
[   88.349354][ T6066] netlink: 'syz.3.302': attribute type 6 has an invalid length.
[   88.474232][ T6072] Zero length message leads to an empty skb
[   88.474273][ T6074] netlink: 'syz.0.303': attribute type 4 has an invalid length.
[   88.899893][ T6082] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[   88.909853][ T6082] netlink: 28 bytes leftover after parsing attributes in process `syz.0.305'.
[   89.387068][ T6103] netlink: 144 bytes leftover after parsing attributes in process `syz.0.311'.
[   89.400826][ T6105] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[   89.755282][ T6122] FAULT_INJECTION: forcing a failure.
[   89.755282][ T6122] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.812195][ T6122] CPU: 0 PID: 6122 Comm: syz.4.318 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   89.822227][ T6122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   89.832307][ T6122] Call Trace:
[   89.835618][ T6122]  <TASK>
[   89.838568][ T6122]  dump_stack_lvl+0x241/0x360
[   89.843272][ T6122]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.848496][ T6122]  ? __pfx__printk+0x10/0x10
[   89.853113][ T6122]  ? __pfx_lock_release+0x10/0x10
[   89.858167][ T6122]  should_fail_ex+0x3b0/0x4e0
[   89.862878][ T6122]  _copy_from_user+0x2f/0xe0
[   89.867493][ T6122]  copy_msghdr_from_user+0xae/0x680
[   89.868216][ T6125] netlink: 'syz.2.320': attribute type 6 has an invalid length.
[   89.872700][ T6122]  ? _parse_integer_limit+0x1b5/0x200
[   89.872734][ T6122]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   89.872769][ T6122]  __sys_sendmmsg+0x374/0x740
[   89.872803][ T6122]  ? __pfx___sys_sendmmsg+0x10/0x10
[   89.872860][ T6122]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   89.872883][ T6122]  ? ksys_write+0x23e/0x2c0
[   89.872905][ T6122]  ? __pfx_lock_release+0x10/0x10
[   89.872932][ T6122]  ? vfs_write+0x7c4/0xc90
[   89.872958][ T6122]  ? __mutex_unlock_slowpath+0x21d/0x750
[   89.872983][ T6122]  ? __pfx_vfs_write+0x10/0x10
[   89.873029][ T6122]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   89.873052][ T6122]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   89.873074][ T6122]  ? do_syscall_64+0x100/0x230
[   89.873095][ T6122]  __x64_sys_sendmmsg+0xa0/0xb0
[   89.873121][ T6122]  do_syscall_64+0xf3/0x230
[   89.873141][ T6122]  ? clear_bhb_loop+0x35/0x90
[   89.873164][ T6122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.873185][ T6122] RIP: 0033:0x7f5aaff75bd9
[   89.873203][ T6122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.873218][ T6122] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   89.873239][ T6122] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[   90.009541][ T6122] RDX: 0000000000000001 RSI: 0000000020003b80 RDI: 0000000000000003
[   90.017525][ T6122] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[   90.025500][ T6122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.033564][ T6122] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[   90.041540][ T6122]  </TASK>
[   90.166969][ T6139] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[   90.338925][ T6147] ref_tracker: memory allocation failure, unreliable refcount tracker.
[   90.490456][ T6153] netlink: 16 bytes leftover after parsing attributes in process `syz.4.327'.
[   90.520937][ T6153] xt_cgroup: invalid path, errno=-2
[   90.528391][ T6157] FAULT_INJECTION: forcing a failure.
[   90.528391][ T6157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.545666][ T6157] CPU: 0 PID: 6157 Comm: syz.3.328 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   90.555680][ T6157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   90.565757][ T6157] Call Trace:
[   90.569058][ T6157]  <TASK>
[   90.572008][ T6157]  dump_stack_lvl+0x241/0x360
[   90.576721][ T6157]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.581951][ T6157]  ? __pfx__printk+0x10/0x10
[   90.586564][ T6157]  ? __pfx_lock_release+0x10/0x10
[   90.591620][ T6157]  ? vfs_write+0x7c4/0xc90
[   90.596156][ T6157]  should_fail_ex+0x3b0/0x4e0
[   90.600867][ T6157]  _copy_from_user+0x2f/0xe0
[   90.602092][ T6159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.329'.
[   90.605469][ T6157]  __sys_bpf+0x1a4/0x810
[   90.605511][ T6157]  ? __pfx___sys_bpf+0x10/0x10
[   90.605545][ T6157]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   90.605568][ T6157]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   90.605587][ T6157]  ? do_syscall_64+0x100/0x230
[   90.605612][ T6157]  __x64_sys_bpf+0x7c/0x90
[   90.605637][ T6157]  do_syscall_64+0xf3/0x230
[   90.605656][ T6157]  ? clear_bhb_loop+0x35/0x90
[   90.605679][ T6157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.605699][ T6157] RIP: 0033:0x7f6289975bd9
[   90.605716][ T6157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.605731][ T6157] RSP: 002b:00007f628a79b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.692371][ T6157] RAX: ffffffffffffffda RBX: 00007f6289b03f60 RCX: 00007f6289975bd9
[   90.700345][ T6157] RDX: 0000000000000048 RSI: 000000002000e000 RDI: 0000000000000005
[   90.708317][ T6157] RBP: 00007f628a79b0a0 R08: 0000000000000000 R09: 0000000000000000
[   90.716283][ T6157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.724253][ T6157] R13: 000000000000000b R14: 00007f6289b03f60 R15: 00007ffddde42c98
[   90.732234][ T6157]  </TASK>
[   91.072999][ T6170] netlink: 144 bytes leftover after parsing attributes in process `syz.4.335'.
[   91.222822][ T6175] FAULT_INJECTION: forcing a failure.
[   91.222822][ T6175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.254168][ T6175] CPU: 0 PID: 6175 Comm: syz.2.338 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   91.264279][ T6175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   91.274357][ T6175] Call Trace:
[   91.277628][ T6175]  <TASK>
[   91.280549][ T6175]  dump_stack_lvl+0x241/0x360
[   91.285749][ T6175]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.290968][ T6175]  ? __pfx__printk+0x10/0x10
[   91.295566][ T6175]  ? __pfx_lock_release+0x10/0x10
[   91.300612][ T6175]  should_fail_ex+0x3b0/0x4e0
[   91.305309][ T6175]  _copy_from_user+0x2f/0xe0
[   91.309938][ T6175]  copy_msghdr_from_user+0xae/0x680
[   91.315149][ T6175]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   91.320972][ T6175]  __sys_sendmsg+0x23d/0x3a0
[   91.325570][ T6175]  ? __pfx___sys_sendmsg+0x10/0x10
[   91.330679][ T6175]  ? vfs_write+0x7c4/0xc90
[   91.335123][ T6175]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   91.341447][ T6175]  ? do_syscall_64+0x100/0x230
[   91.346206][ T6175]  ? do_syscall_64+0xb6/0x230
[   91.350878][ T6175]  do_syscall_64+0xf3/0x230
[   91.355374][ T6175]  ? clear_bhb_loop+0x35/0x90
[   91.360044][ T6175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.365926][ T6175] RIP: 0033:0x7f7402575bd9
[   91.370331][ T6175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.390209][ T6175] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.398633][ T6175] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[   91.406613][ T6175] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[   91.414580][ T6175] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[   91.422546][ T6175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.430512][ T6175] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[   91.438486][ T6175]  </TASK>
[   91.509297][ T6182] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[   91.556539][ T6182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.337'.
[   91.940492][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.2.343'.
[   92.254940][ T6218] netlink: 144 bytes leftover after parsing attributes in process `syz.0.352'.
[   92.280299][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   93.580608][ T6263] netlink: 52 bytes leftover after parsing attributes in process `syz.1.367'.
[   94.140017][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   94.158751][ T6299] FAULT_INJECTION: forcing a failure.
[   94.158751][ T6299] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.200464][ T6299] CPU: 1 PID: 6299 Comm: syz.0.376 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   94.210497][ T6299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   94.220572][ T6299] Call Trace:
[   94.223864][ T6299]  <TASK>
[   94.226807][ T6299]  dump_stack_lvl+0x241/0x360
[   94.231505][ T6299]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.236722][ T6299]  ? __pfx__printk+0x10/0x10
[   94.241336][ T6299]  ? __pfx_lock_release+0x10/0x10
[   94.246394][ T6299]  should_fail_ex+0x3b0/0x4e0
[   94.251124][ T6299]  _copy_from_user+0x2f/0xe0
[   94.255745][ T6299]  copy_msghdr_from_user+0xae/0x680
[   94.261234][ T6299]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   94.267081][ T6299]  __sys_sendmsg+0x23d/0x3a0
[   94.271707][ T6299]  ? __pfx___sys_sendmsg+0x10/0x10
[   94.276927][ T6299]  ? vfs_write+0x7c4/0xc90
[   94.281401][ T6299]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   94.287748][ T6299]  ? do_syscall_64+0x100/0x230
[   94.292549][ T6299]  ? do_syscall_64+0xb6/0x230
[   94.297242][ T6299]  do_syscall_64+0xf3/0x230
[   94.301762][ T6299]  ? clear_bhb_loop+0x35/0x90
[   94.306459][ T6299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.312367][ T6299] RIP: 0033:0x7fc312175bd9
[   94.316802][ T6299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.337468][ T6299] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.345926][ T6299] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[   94.353911][ T6299] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[   94.361892][ T6299] RBP: 00007fc312eb70a0 R08: 0000000000000000 R09: 0000000000000000
[   94.369869][ T6299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.377836][ T6299] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[   94.385829][ T6299]  </TASK>
[   94.485186][ T6301] netlink: 'syz.2.375': attribute type 2 has an invalid length.
[   94.493053][ T6301] netlink: 'syz.2.375': attribute type 1 has an invalid length.
[   94.567665][ T6307] FAULT_INJECTION: forcing a failure.
[   94.567665][ T6307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.591445][ T6301] netlink: 181400 bytes leftover after parsing attributes in process `syz.2.375'.
[   94.630275][ T6307] CPU: 1 PID: 6307 Comm: syz.0.378 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   94.640318][ T6307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   94.650394][ T6307] Call Trace:
[   94.653702][ T6307]  <TASK>
[   94.656651][ T6307]  dump_stack_lvl+0x241/0x360
[   94.661367][ T6307]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.666604][ T6307]  ? __pfx__printk+0x10/0x10
[   94.671310][ T6307]  ? __pfx_lock_release+0x10/0x10
[   94.676363][ T6307]  ? vfs_write+0x7c4/0xc90
[   94.680826][ T6307]  should_fail_ex+0x3b0/0x4e0
[   94.685534][ T6307]  _copy_from_user+0x2f/0xe0
[   94.690126][ T6307]  __sys_bpf+0x1a4/0x810
[   94.694369][ T6307]  ? __pfx___sys_bpf+0x10/0x10
[   94.699141][ T6307]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   94.705118][ T6307]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   94.711437][ T6307]  ? do_syscall_64+0x100/0x230
[   94.716198][ T6307]  __x64_sys_bpf+0x7c/0x90
[   94.720616][ T6307]  do_syscall_64+0xf3/0x230
[   94.725116][ T6307]  ? clear_bhb_loop+0x35/0x90
[   94.729797][ T6307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.735700][ T6307] RIP: 0033:0x7fc312175bd9
[   94.740128][ T6307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.759744][ T6307] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.768156][ T6307] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[   94.776120][ T6307] RDX: 0000000000000020 RSI: 0000000020007b80 RDI: 0000000000000009
[   94.784085][ T6307] RBP: 00007fc312eb70a0 R08: 0000000000000000 R09: 0000000000000000
[   94.792056][ T6307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.800020][ T6307] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[   94.808036][ T6307]  </TASK>
[   95.082598][ T6319] warning: `syz.4.383' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   95.344788][ T6333] netlink: 4 bytes leftover after parsing attributes in process `syz.1.388'.
[   95.400629][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   95.533156][ T6341] netlink: 4 bytes leftover after parsing attributes in process `syz.4.389'.
[   95.816718][ T6349] FAULT_INJECTION: forcing a failure.
[   95.816718][ T6349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.837158][ T6349] CPU: 1 PID: 6349 Comm: syz.4.392 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   95.847189][ T6349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   95.857259][ T6349] Call Trace:
[   95.860540][ T6349]  <TASK>
[   95.863488][ T6349]  dump_stack_lvl+0x241/0x360
[   95.868197][ T6349]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.873426][ T6349]  ? __pfx__printk+0x10/0x10
[   95.878130][ T6349]  ? __pfx_lock_release+0x10/0x10
[   95.883183][ T6349]  ? __lock_acquire+0x1346/0x1fd0
[   95.888241][ T6349]  should_fail_ex+0x3b0/0x4e0
[   95.892957][ T6349]  _copy_from_user+0x2f/0xe0
[   95.897584][ T6349]  xsk_setsockopt+0x251/0x950
[   95.902294][ T6349]  ? __pfx_xsk_setsockopt+0x10/0x10
[   95.907609][ T6349]  ? __pfx_lock_acquire+0x10/0x10
[   95.912655][ T6349]  ? aa_sock_opt_perm+0x79/0x120
[   95.917618][ T6349]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[   95.923183][ T6349]  ? security_socket_setsockopt+0x87/0xb0
[   95.928919][ T6349]  ? __pfx_xsk_setsockopt+0x10/0x10
[   95.934144][ T6349]  do_sock_setsockopt+0x3af/0x720
[   95.939627][ T6349]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   95.945190][ T6349]  ? __fget_files+0x29/0x470
[   95.949807][ T6349]  ? __fget_files+0x3f6/0x470
[   95.954522][ T6349]  __sys_setsockopt+0x1ae/0x250
[   95.959582][ T6349]  __x64_sys_setsockopt+0xb5/0xd0
[   95.964641][ T6349]  do_syscall_64+0xf3/0x230
[   95.969169][ T6349]  ? clear_bhb_loop+0x35/0x90
[   95.973881][ T6349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.979888][ T6349] RIP: 0033:0x7f5aaff75bd9
[   95.984328][ T6349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.004047][ T6349] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   96.012495][ T6349] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[   96.017437][ T6355] netlink: 140 bytes leftover after parsing attributes in process `syz.2.395'.
[   96.020488][ T6349] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000003
[   96.020511][ T6349] RBP: 00007f5ab0e300a0 R08: 0000000000000004 R09: 0000000000000000
[   96.020524][ T6349] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   96.020536][ T6349] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[   96.020564][ T6349]  </TASK>
[   96.119603][ T6355] caif0 speed is unknown, defaulting to 1000
[   96.137164][ T6355] caif0 speed is unknown, defaulting to 1000
[   96.146078][ T6355] caif0 speed is unknown, defaulting to 1000
[   96.333938][ T6364] netlink: 32 bytes leftover after parsing attributes in process `syz.1.397'.
[   96.351324][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   96.501302][ T6355] infiniband syz1: set down
[   96.510046][ T6355] infiniband syz1: added caif0
[   96.516005][ T6370] FAULT_INJECTION: forcing a failure.
[   96.516005][ T6370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.538332][ T6370] CPU: 1 PID: 6370 Comm: syz.0.400 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   96.548457][ T6370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   96.558771][ T6370] Call Trace:
[   96.562082][ T6370]  <TASK>
[   96.565032][ T6370]  dump_stack_lvl+0x241/0x360
[   96.569845][ T6370]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.575078][ T6370]  ? __pfx__printk+0x10/0x10
[   96.579705][ T6370]  ? __pfx_lock_release+0x10/0x10
[   96.584772][ T6370]  ? vfs_write+0x7c4/0xc90
[   96.589249][ T6370]  should_fail_ex+0x3b0/0x4e0
[   96.593979][ T6370]  _copy_from_user+0x2f/0xe0
[   96.598620][ T6370]  __sys_bpf+0x1a4/0x810
[   96.602885][ T6370]  ? __pfx___sys_bpf+0x10/0x10
[   96.607691][ T6370]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   96.613682][ T6370]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   96.620035][ T6370]  ? do_syscall_64+0x100/0x230
[   96.624807][ T6370]  __x64_sys_bpf+0x7c/0x90
[   96.629266][ T6370]  do_syscall_64+0xf3/0x230
[   96.633790][ T6370]  ? clear_bhb_loop+0x35/0x90
[   96.638496][ T6370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.644416][ T6370] RIP: 0033:0x7fc312175bd9
[   96.648832][ T6370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.668548][ T6370] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   96.677051][ T6370] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[   96.685116][ T6370] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[   96.693172][ T6370] RBP: 00007fc312eb70a0 R08: 0000000000000000 R09: 0000000000000000
[   96.701143][ T6370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.709112][ T6370] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[   96.717122][ T6370]  </TASK>
[   96.800071][ T6355] RDS/IB: syz1: added
[   96.805228][ T6355] smc: adding ib device syz1 with port count 1
[   96.811923][ T6355] smc:    ib device syz1 port 1 has pnetid 
[   96.980451][ T6379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.403'.
[   97.046171][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   97.894671][ T5144] caif0 speed is unknown, defaulting to 1000
[   97.978306][ T5141] caif0 speed is unknown, defaulting to 1000
[   98.001689][ T6355] caif0 speed is unknown, defaulting to 1000
[   98.412245][ T6397] netlink: 16 bytes leftover after parsing attributes in process `syz.4.409'.
[   98.475208][ T6401] netlink: 32 bytes leftover after parsing attributes in process `syz.0.410'.
[   98.535102][ T6355] caif0 speed is unknown, defaulting to 1000
[   98.628302][ T6404] FAULT_INJECTION: forcing a failure.
[   98.628302][ T6404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.673930][ T6404] CPU: 0 PID: 6404 Comm: syz.3.412 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[   98.684045][ T6404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   98.694095][ T6404] Call Trace:
[   98.697366][ T6404]  <TASK>
[   98.700287][ T6404]  dump_stack_lvl+0x241/0x360
[   98.704977][ T6404]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.710169][ T6404]  ? __pfx__printk+0x10/0x10
[   98.714845][ T6404]  ? __pfx_lock_release+0x10/0x10
[   98.719869][ T6404]  should_fail_ex+0x3b0/0x4e0
[   98.724551][ T6404]  _copy_from_user+0x2f/0xe0
[   98.729133][ T6404]  copy_msghdr_from_user+0xae/0x680
[   98.734326][ T6404]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   98.740223][ T6404]  __sys_sendmsg+0x23d/0x3a0
[   98.744828][ T6404]  ? __pfx___sys_sendmsg+0x10/0x10
[   98.749932][ T6404]  ? vfs_write+0x7c4/0xc90
[   98.754371][ T6404]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.760786][ T6404]  ? do_syscall_64+0x100/0x230
[   98.765570][ T6404]  ? do_syscall_64+0xb6/0x230
[   98.770237][ T6404]  do_syscall_64+0xf3/0x230
[   98.774733][ T6404]  ? clear_bhb_loop+0x35/0x90
[   98.779421][ T6404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.785311][ T6404] RIP: 0033:0x7f6289975bd9
[   98.789714][ T6404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.809309][ T6404] RSP: 002b:00007f628a79b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.817716][ T6404] RAX: ffffffffffffffda RBX: 00007f6289b03f60 RCX: 00007f6289975bd9
[   98.825677][ T6404] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[   98.833660][ T6404] RBP: 00007f628a79b0a0 R08: 0000000000000000 R09: 0000000000000000
[   98.841661][ T6404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.849639][ T6404] R13: 000000000000000b R14: 00007f6289b03f60 R15: 00007ffddde42c98
[   98.857625][ T6404]  </TASK>
[   99.028013][ T6355] caif0 speed is unknown, defaulting to 1000
[   99.680779][ T6425] netlink: 4 bytes leftover after parsing attributes in process `syz.4.420'.
[  100.422115][ T6355] caif0 speed is unknown, defaulting to 1000
[  100.497337][ T6428] FAULT_INJECTION: forcing a failure.
[  100.497337][ T6428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.543958][ T6428] CPU: 1 PID: 6428 Comm: syz.4.422 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  100.553985][ T6428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  100.564083][ T6428] Call Trace:
[  100.567397][ T6428]  <TASK>
[  100.570348][ T6428]  dump_stack_lvl+0x241/0x360
[  100.575055][ T6428]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.580373][ T6428]  ? __pfx__printk+0x10/0x10
[  100.584992][ T6428]  ? __pfx_lock_release+0x10/0x10
[  100.590068][ T6428]  should_fail_ex+0x3b0/0x4e0
[  100.594789][ T6428]  _copy_from_user+0x2f/0xe0
[  100.599414][ T6428]  copy_msghdr_from_user+0xae/0x680
[  100.604647][ T6428]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  100.610486][ T6428]  __sys_sendmsg+0x23d/0x3a0
[  100.615115][ T6428]  ? __pfx___sys_sendmsg+0x10/0x10
[  100.620264][ T6428]  ? vfs_write+0x7c4/0xc90
[  100.624753][ T6428]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  100.631289][ T6428]  ? do_syscall_64+0x100/0x230
[  100.636086][ T6428]  ? do_syscall_64+0xb6/0x230
[  100.640893][ T6428]  do_syscall_64+0xf3/0x230
[  100.645428][ T6428]  ? clear_bhb_loop+0x35/0x90
[  100.650150][ T6428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.656071][ T6428] RIP: 0033:0x7f5aaff75bd9
[  100.660598][ T6428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.680900][ T6428] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.689315][ T6428] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[  100.697366][ T6428] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  100.705349][ T6428] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[  100.713324][ T6428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.721286][ T6428] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[  100.729287][ T6428]  </TASK>
[  100.923178][ T6434] netlink: 'syz.3.424': attribute type 29 has an invalid length.
[  100.931913][ T6434] netlink: 'syz.3.424': attribute type 29 has an invalid length.
[  100.945769][ T6355] caif0 speed is unknown, defaulting to 1000
[  100.955134][ T6434] netlink: 'syz.3.424': attribute type 29 has an invalid length.
[  101.113388][ T6442] FAULT_INJECTION: forcing a failure.
[  101.113388][ T6442] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.134347][ T6442] CPU: 0 PID: 6442 Comm: syz.4.428 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  101.144556][ T6442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  101.154624][ T6442] Call Trace:
[  101.158001][ T6442]  <TASK>
[  101.160936][ T6442]  dump_stack_lvl+0x241/0x360
[  101.165632][ T6442]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.170844][ T6442]  ? __pfx__printk+0x10/0x10
[  101.175448][ T6442]  ? __pfx_lock_release+0x10/0x10
[  101.180672][ T6442]  ? vfs_write+0x7c4/0xc90
[  101.185128][ T6442]  should_fail_ex+0x3b0/0x4e0
[  101.189849][ T6442]  _copy_from_user+0x2f/0xe0
[  101.194638][ T6442]  get_timespec64+0x97/0x280
[  101.199256][ T6442]  ? __pfx_get_timespec64+0x10/0x10
[  101.204580][ T6442]  __x64_sys_recvmmsg+0x140/0x250
[  101.209636][ T6442]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  101.215478][ T6442]  ? do_syscall_64+0x100/0x230
[  101.220542][ T6442]  ? do_syscall_64+0xb6/0x230
[  101.225248][ T6442]  do_syscall_64+0xf3/0x230
[  101.229780][ T6442]  ? clear_bhb_loop+0x35/0x90
[  101.234485][ T6442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.240413][ T6442] RIP: 0033:0x7f5aaff75bd9
[  101.244851][ T6442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.264475][ T6442] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  101.272922][ T6442] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[  101.281002][ T6442] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[  101.288997][ T6442] RBP: 00007f5ab0e300a0 R08: 0000000020003700 R09: 0000000000000000
[  101.296998][ T6442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.304995][ T6442] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[  101.313006][ T6442]  </TASK>
[  101.527704][ T6462] netlink: 4 bytes leftover after parsing attributes in process `syz.2.433'.
[  101.799069][ T6476] FAULT_INJECTION: forcing a failure.
[  101.799069][ T6476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.823351][ T6479] netlink: 140 bytes leftover after parsing attributes in process `syz.3.440'.
[  101.838763][ T6476] CPU: 1 PID: 6476 Comm: syz.0.437 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  101.848785][ T6476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  101.848863][ T6479] rdma_rxe: rxe_newlink: failed to add caif0
[  101.858834][ T6476] Call Trace:
[  101.858852][ T6476]  <TASK>
[  101.858861][ T6476]  dump_stack_lvl+0x241/0x360
[  101.858887][ T6476]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.858905][ T6476]  ? __pfx__printk+0x10/0x10
[  101.858924][ T6476]  ? __pfx_lock_release+0x10/0x10
[  101.858942][ T6476]  ? vfs_write+0x7c4/0xc90
[  101.858966][ T6476]  should_fail_ex+0x3b0/0x4e0
[  101.858993][ T6476]  _copy_from_user+0x2f/0xe0
[  101.859014][ T6476]  get_timespec64+0x97/0x280
[  101.859038][ T6476]  ? __pfx_get_timespec64+0x10/0x10
[  101.859070][ T6476]  __x64_sys_recvmmsg+0x140/0x250
[  101.859097][ T6476]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  101.859123][ T6476]  ? do_syscall_64+0x100/0x230
[  101.859144][ T6476]  ? do_syscall_64+0xb6/0x230
[  101.859172][ T6476]  do_syscall_64+0xf3/0x230
[  101.859191][ T6476]  ? clear_bhb_loop+0x35/0x90
[  101.859215][ T6476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.859236][ T6476] RIP: 0033:0x7fc312175bd9
[  101.859254][ T6476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.859270][ T6476] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  101.859292][ T6476] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[  101.859306][ T6476] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[  101.859319][ T6476] RBP: 00007fc312eb70a0 R08: 0000000020003700 R09: 0000000000000000
[  101.859332][ T6476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.859344][ T6476] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[  101.859373][ T6476]  </TASK>
[  102.090211][ T6487] FAULT_INJECTION: forcing a failure.
[  102.090211][ T6487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.158201][ T6487] CPU: 0 PID: 6487 Comm: syz.4.443 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  102.169370][ T6487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  102.179587][ T6487] Call Trace:
[  102.183681][ T6487]  <TASK>
[  102.187798][ T6487]  dump_stack_lvl+0x241/0x360
[  102.194004][ T6487]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.199504][ T6487]  ? __pfx__printk+0x10/0x10
[  102.204220][ T6487]  ? __pfx_lock_release+0x10/0x10
[  102.209283][ T6487]  should_fail_ex+0x3b0/0x4e0
[  102.214262][ T6487]  _copy_from_user+0x2f/0xe0
[  102.219495][ T6487]  copy_msghdr_from_user+0xae/0x680
[  102.224732][ T6487]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  102.231021][ T6487]  __sys_sendmsg+0x23d/0x3a0
[  102.236519][ T6487]  ? __pfx___sys_sendmsg+0x10/0x10
[  102.242364][ T6487]  ? vfs_write+0x7c4/0xc90
[  102.247234][ T6487]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.253599][ T6487]  ? do_syscall_64+0x100/0x230
[  102.258408][ T6487]  ? do_syscall_64+0xb6/0x230
[  102.263162][ T6487]  do_syscall_64+0xf3/0x230
[  102.267696][ T6487]  ? clear_bhb_loop+0x35/0x90
[  102.272412][ T6487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.278336][ T6487] RIP: 0033:0x7f5aaff75bd9
[  102.282774][ T6487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.302491][ T6487] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.310931][ T6487] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[  102.319007][ T6487] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000007
[  102.326984][ T6487] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[  102.334951][ T6487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.342920][ T6487] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[  102.351159][ T6487]  </TASK>
[  102.357004][ T6486] netlink: 4 bytes leftover after parsing attributes in process `syz.2.442'.
[  102.718056][ T6502] FAULT_INJECTION: forcing a failure.
[  102.718056][ T6502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.735396][ T6502] CPU: 1 PID: 6502 Comm: syz.2.449 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  102.745431][ T6502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  102.755522][ T6502] Call Trace:
[  102.758814][ T6502]  <TASK>
[  102.761758][ T6502]  dump_stack_lvl+0x241/0x360
[  102.766550][ T6502]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.771781][ T6502]  ? __pfx__printk+0x10/0x10
[  102.776415][ T6502]  ? __pfx_lock_release+0x10/0x10
[  102.781472][ T6502]  should_fail_ex+0x3b0/0x4e0
[  102.786183][ T6502]  _copy_from_user+0x2f/0xe0
[  102.790802][ T6502]  copy_msghdr_from_user+0xae/0x680
[  102.796025][ T6502]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  102.801873][ T6502]  __sys_sendmsg+0x23d/0x3a0
[  102.806508][ T6502]  ? __pfx___sys_sendmsg+0x10/0x10
[  102.811648][ T6502]  ? vfs_write+0x7c4/0xc90
[  102.816136][ T6502]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.822491][ T6502]  ? do_syscall_64+0x100/0x230
[  102.827303][ T6502]  ? do_syscall_64+0xb6/0x230
[  102.832011][ T6502]  do_syscall_64+0xf3/0x230
[  102.836649][ T6502]  ? clear_bhb_loop+0x35/0x90
[  102.841461][ T6502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.847379][ T6502] RIP: 0033:0x7f7402575bd9
[  102.851815][ T6502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.871626][ T6502] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.880421][ T6502] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[  102.888420][ T6502] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  102.896415][ T6502] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[  102.904497][ T6502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.912582][ T6502] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[  102.920686][ T6502]  </TASK>
[  103.005022][ T6509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.451'.
[  103.976987][ T6493] netlink: 28 bytes leftover after parsing attributes in process `syz.3.445'.
[  104.069000][ T6515] vlan2: entered allmulticast mode
[  104.114557][ T6515] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  104.173522][ T6515] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  104.266267][ T6517] netlink: 32 bytes leftover after parsing attributes in process `syz.4.454'.
[  104.292667][ T6531] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'.
[  104.511966][ T6537] netlink: 20 bytes leftover after parsing attributes in process `syz.4.465'.
[  104.839845][ T6557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.472'.
[  104.939486][ T6561] FAULT_INJECTION: forcing a failure.
[  104.939486][ T6561] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.960737][ T6561] CPU: 0 PID: 6561 Comm: syz.2.473 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  104.970860][ T6561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  104.981056][ T6561] Call Trace:
[  104.984363][ T6561]  <TASK>
[  104.987313][ T6561]  dump_stack_lvl+0x241/0x360
[  104.992541][ T6561]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.997781][ T6561]  ? __pfx__printk+0x10/0x10
[  105.002497][ T6561]  ? __pfx_lock_release+0x10/0x10
[  105.007566][ T6561]  should_fail_ex+0x3b0/0x4e0
[  105.012294][ T6561]  _copy_from_user+0x2f/0xe0
[  105.016911][ T6561]  copy_msghdr_from_user+0xae/0x680
[  105.022111][ T6561]  ? _parse_integer_limit+0x1b5/0x200
[  105.027504][ T6561]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  105.035252][ T6561]  __sys_sendmmsg+0x374/0x740
[  105.041234][ T6561]  ? __pfx___sys_sendmmsg+0x10/0x10
[  105.046746][ T6561]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  105.053086][ T6561]  ? ksys_write+0x23e/0x2c0
[  105.057590][ T6561]  ? __pfx_lock_release+0x10/0x10
[  105.062818][ T6561]  ? vfs_write+0x7c4/0xc90
[  105.067262][ T6561]  ? __mutex_unlock_slowpath+0x21d/0x750
[  105.072918][ T6561]  ? __pfx_vfs_write+0x10/0x10
[  105.077714][ T6561]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  105.084795][ T6561]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  105.091246][ T6561]  ? do_syscall_64+0x100/0x230
[  105.097786][ T6561]  __x64_sys_sendmmsg+0xa0/0xb0
[  105.102898][ T6561]  do_syscall_64+0xf3/0x230
[  105.108741][ T6561]  ? clear_bhb_loop+0x35/0x90
[  105.113702][ T6561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.120119][ T6561] RIP: 0033:0x7f7402575bd9
[  105.125054][ T6561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.145620][ T6561] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  105.154032][ T6561] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[  105.162467][ T6561] RDX: 0000000000000002 RSI: 0000000020000fc0 RDI: 0000000000000003
[  105.170522][ T6561] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[  105.178495][ T6561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.186461][ T6561] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[  105.194435][ T6561]  </TASK>
[  107.352356][ T6569] netlink: 20 bytes leftover after parsing attributes in process `syz.0.477'.
[  107.364405][ T6570] netlink: 32 bytes leftover after parsing attributes in process `syz.2.476'.
[  107.690147][ T6594] netlink: 4 bytes leftover after parsing attributes in process `syz.2.485'.
[  108.057704][ T6614] FAULT_INJECTION: forcing a failure.
[  108.057704][ T6614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.114937][ T6614] CPU: 0 PID: 6614 Comm: syz.2.492 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  108.125492][ T6614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  108.135649][ T6614] Call Trace:
[  108.139644][ T6614]  <TASK>
[  108.142571][ T6614]  dump_stack_lvl+0x241/0x360
[  108.147265][ T6614]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.152478][ T6614]  ? __pfx__printk+0x10/0x10
[  108.157081][ T6614]  ? __pfx_lock_release+0x10/0x10
[  108.162113][ T6614]  should_fail_ex+0x3b0/0x4e0
[  108.166797][ T6614]  _copy_from_user+0x2f/0xe0
[  108.171388][ T6614]  copy_msghdr_from_user+0xae/0x680
[  108.176768][ T6614]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  108.182605][ T6614]  __sys_sendmsg+0x23d/0x3a0
[  108.187214][ T6614]  ? __pfx___sys_sendmsg+0x10/0x10
[  108.192438][ T6614]  ? vfs_write+0x7c4/0xc90
[  108.196962][ T6614]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  108.203300][ T6614]  ? do_syscall_64+0x100/0x230
[  108.208070][ T6614]  ? do_syscall_64+0xb6/0x230
[  108.212831][ T6614]  do_syscall_64+0xf3/0x230
[  108.217437][ T6614]  ? clear_bhb_loop+0x35/0x90
[  108.222125][ T6614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.228038][ T6614] RIP: 0033:0x7f7402575bd9
[  108.232545][ T6614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.252691][ T6614] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.261111][ T6614] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[  108.269256][ T6614] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000003
[  108.277514][ T6614] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[  108.285492][ T6614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.293457][ T6614] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[  108.301439][ T6614]  </TASK>
[  109.029877][ T6641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.501'.
[  110.219983][ T6660] netlink: 20 bytes leftover after parsing attributes in process `syz.2.507'.
[  110.229502][ T6660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.507'.
[  110.242259][ T6660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.507'.
[  110.369635][ T6663] netlink: 'syz.3.508': attribute type 6 has an invalid length.
[  111.548044][ T6710] vlan2: entered allmulticast mode
[  111.555377][ T6710] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  111.574660][ T6710] mac80211_hwsim hwsim11 wlan1: left allmulticast mode
[  111.627374][ T6719] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  111.639939][ T6717] netlink: 8 bytes leftover after parsing attributes in process `syz.1.524'.
[  111.704292][ T6715] netlink: 'syz.4.527': attribute type 16 has an invalid length.
[  112.003528][ T6736] netlink: 'syz.3.533': attribute type 6 has an invalid length.
[  112.103574][ T6738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.535'.
[  112.369660][ T6753] netlink: 'syz.4.540': attribute type 16 has an invalid length.
[  112.671116][ T6763] vlan2: entered allmulticast mode
[  112.700297][ T6763] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  112.729515][ T6763] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[  112.792852][ T6766] netlink: 8 bytes leftover after parsing attributes in process `syz.4.543'.
[  113.176617][ T6788] netlink: 'syz.0.553': attribute type 16 has an invalid length.
[  113.323109][ T6794] FAULT_INJECTION: forcing a failure.
[  113.323109][ T6794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.364594][ T6794] CPU: 0 PID: 6794 Comm: syz.4.555 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  113.374713][ T6794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  113.384789][ T6794] Call Trace:
[  113.388088][ T6794]  <TASK>
[  113.391042][ T6794]  dump_stack_lvl+0x241/0x360
[  113.395749][ T6794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.400980][ T6794]  ? __pfx__printk+0x10/0x10
[  113.405599][ T6794]  ? __pfx_lock_release+0x10/0x10
[  113.410660][ T6794]  should_fail_ex+0x3b0/0x4e0
[  113.415378][ T6794]  _copy_from_user+0x2f/0xe0
[  113.419998][ T6794]  copy_msghdr_from_user+0xae/0x680
[  113.425238][ T6794]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  113.431128][ T6794]  __sys_sendmsg+0x23d/0x3a0
[  113.435755][ T6794]  ? __pfx___sys_sendmsg+0x10/0x10
[  113.440900][ T6794]  ? vfs_write+0x7c4/0xc90
[  113.446352][ T6794]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  113.452714][ T6794]  ? do_syscall_64+0x100/0x230
[  113.457518][ T6794]  ? do_syscall_64+0xb6/0x230
[  113.462229][ T6794]  do_syscall_64+0xf3/0x230
[  113.466766][ T6794]  ? clear_bhb_loop+0x35/0x90
[  113.471653][ T6794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.477602][ T6794] RIP: 0033:0x7f5aaff75bd9
[  113.482261][ T6794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.502072][ T6794] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.511055][ T6794] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[  113.519068][ T6794] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  113.527070][ T6794] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[  113.535069][ T6794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.543068][ T6794] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[  113.551177][ T6794]  </TASK>
[  113.693580][ T6798] netlink: 'syz.0.558': attribute type 6 has an invalid length.
[  113.707392][ T6801] netlink: 4 bytes leftover after parsing attributes in process `syz.2.560'.
[  113.980268][ T2812] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.017186][ T2812] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.169050][ T2812] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.199397][ T2812] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.241774][ T6816] netlink: 'syz.4.564': attribute type 16 has an invalid length.
[  114.340418][ T2812] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.382258][ T2812] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.615724][ T2812] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  114.646636][ T2812] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.703490][ T5098] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  114.717974][ T5098] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  114.727527][ T5098] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  114.748863][ T5098] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  114.763584][ T5098] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  114.771212][ T5098] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  114.783308][ T6835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.571'.
[  114.912893][ T6830] caif0 speed is unknown, defaulting to 1000
[  115.220504][ T2812] bridge_slave_1: left allmulticast mode
[  115.248905][ T2812] bridge_slave_1: left promiscuous mode
[  115.268981][ T2812] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.319084][ T2812] bridge_slave_0: left allmulticast mode
[  115.347076][ T2812] bridge_slave_0: left promiscuous mode
[  115.363712][ T2812] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.939235][ T2812] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.954129][ T2812] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  115.966088][ T2812] bond0 (unregistering): Released all slaves
[  115.976815][ T6851] netlink: 'syz.1.578': attribute type 6 has an invalid length.
[  115.987565][ T6856] netlink: 3084 bytes leftover after parsing attributes in process `syz.0.580'.
[  115.997357][ T6856] netlink: 'syz.0.580': attribute type 1 has an invalid length.
[  116.006725][ T6856] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.580'.
[  116.200669][ T6882] netlink: 4 bytes leftover after parsing attributes in process `syz.4.582'.
[  116.365456][ T6894] netlink: 4 bytes leftover after parsing attributes in process `syz.2.586'.
[  116.820226][ T5098] Bluetooth: hci0: command tx timeout
[  116.853402][ T6919] netlink: 'syz.0.594': attribute type 6 has an invalid length.
[  116.871240][ T6924] FAULT_INJECTION: forcing a failure.
[  116.871240][ T6924] name failslab, interval 1, probability 0, space 0, times 0
[  116.940683][ T6924] CPU: 1 PID: 6924 Comm: syz.4.595 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  116.950720][ T6924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  116.960966][ T6924] Call Trace:
[  116.964269][ T6924]  <TASK>
[  116.967219][ T6924]  dump_stack_lvl+0x241/0x360
[  116.971930][ T6924]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.977154][ T6924]  ? __pfx__printk+0x10/0x10
[  116.981771][ T6924]  ? tcp_established_options+0x3c1/0x800
[  116.987444][ T6924]  should_fail_ex+0x3b0/0x4e0
[  116.992159][ T6924]  ? __alloc_skb+0x1c3/0x440
[  116.996777][ T6924]  should_failslab+0x9/0x20
[  117.001304][ T6924]  kmem_cache_alloc_node_noprof+0x71/0x320
[  117.007231][ T6924]  ? tcp_current_mss+0x29b/0x4d0
[  117.012202][ T6924]  __alloc_skb+0x1c3/0x440
[  117.016666][ T6924]  ? __pfx___alloc_skb+0x10/0x10
[  117.021640][ T6924]  ? _parse_integer_limit+0x160/0x200
[  117.027145][ T6924]  ? mark_lock+0x9a/0x350
[  117.031499][ T6924]  tcp_stream_alloc_skb+0x3d/0x310
[  117.036646][ T6924]  tcp_sendmsg_locked+0xd6a/0x4e10
[  117.041791][ T6924]  ? __lock_acquire+0x1346/0x1fd0
[  117.046847][ T6924]  ? mark_lock+0x9a/0x350
[  117.051195][ T6924]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  117.056739][ T6924]  ? __local_bh_enable_ip+0x168/0x200
[  117.062138][ T6924]  ? do_raw_spin_unlock+0x13c/0x8b0
[  117.067355][ T6924]  tcp_sendmsg+0x30/0x50
[  117.071650][ T6924]  __sock_sendmsg+0x1a6/0x270
[  117.076335][ T6924]  __sys_sendto+0x3a4/0x4f0
[  117.080936][ T6924]  ? __pfx___sys_sendto+0x10/0x10
[  117.086085][ T6924]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  117.092426][ T6924]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  117.098795][ T6924]  __x64_sys_sendto+0xde/0x100
[  117.103581][ T6924]  do_syscall_64+0xf3/0x230
[  117.108114][ T6924]  ? clear_bhb_loop+0x35/0x90
[  117.112817][ T6924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.118745][ T6924] RIP: 0033:0x7f5aaff75bd9
[  117.123158][ T6924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.143471][ T6924] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  117.151989][ T6924] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[  117.160052][ T6924] RDX: 00000000000109e8 RSI: 00000000200004c0 RDI: 0000000000000003
[  117.168020][ T6924] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000006
[  117.175982][ T6924] R10: 0000000000000805 R11: 0000000000000246 R12: 0000000000000001
[  117.184034][ T6924] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[  117.192200][ T6924]  </TASK>
[  117.263987][ T6830] chnl_net:caif_netlink_parms(): no params data found
[  117.852068][ T2812] hsr_slave_0: left promiscuous mode
[  117.895529][ T2812] hsr_slave_1: left promiscuous mode
[  117.910697][ T6946] netlink: 4 bytes leftover after parsing attributes in process `syz.4.598'.
[  117.911621][ T2812] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.930946][ T2812] batman_adv: batadv0: Removing interface: batadv_slave_0
[  117.943478][ T2812] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.944760][ T6952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.601'.
[  117.953654][ T2812] batman_adv: batadv0: Removing interface: batadv_slave_1
[  117.985721][ T2812] veth1_macvtap: left promiscuous mode
[  117.992064][ T2812] veth0_macvtap: left promiscuous mode
[  117.997815][ T2812] veth1_vlan: left promiscuous mode
[  118.003368][ T2812] veth0_vlan: left promiscuous mode
[  118.443027][ T2812] team0 (unregistering): Port device team_slave_1 removed
[  118.480434][ T2812] team0 (unregistering): Port device team_slave_0 removed
[  118.893942][ T5098] Bluetooth: hci0: command tx timeout
[  118.933559][ T6830] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.982305][ T6830] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.013343][ T6830] bridge_slave_0: entered allmulticast mode
[  119.032470][ T6830] bridge_slave_0: entered promiscuous mode
[  119.058514][ T6830] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.069716][ T6830] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.097501][ T6830] bridge_slave_1: entered allmulticast mode
[  119.116693][ T6830] bridge_slave_1: entered promiscuous mode
[  119.281853][ T6830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  119.322050][ T6973] vlan2: entered allmulticast mode
[  119.332859][ T6981] FAULT_INJECTION: forcing a failure.
[  119.332859][ T6981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.353866][ T6973] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  119.390201][ T6981] CPU: 0 PID: 6981 Comm: syz.1.610 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  119.400237][ T6981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  119.410315][ T6981] Call Trace:
[  119.413611][ T6981]  <TASK>
[  119.416554][ T6981]  dump_stack_lvl+0x241/0x360
[  119.421264][ T6981]  ? __pfx_dump_stack_lvl+0x10/0x10
[  119.426486][ T6981]  ? __pfx__printk+0x10/0x10
[  119.431188][ T6981]  ? __pfx_lock_release+0x10/0x10
[  119.436231][ T6981]  ? vfs_write+0x7c4/0xc90
[  119.440682][ T6981]  should_fail_ex+0x3b0/0x4e0
[  119.445394][ T6981]  _copy_from_user+0x2f/0xe0
[  119.450012][ T6981]  get_timespec64+0x97/0x280
[  119.454626][ T6981]  ? __pfx_get_timespec64+0x10/0x10
[  119.459855][ T6981]  __x64_sys_recvmmsg+0x140/0x250
[  119.464905][ T6981]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  119.470491][ T6981]  ? do_syscall_64+0x100/0x230
[  119.475272][ T6981]  ? do_syscall_64+0xb6/0x230
[  119.479967][ T6981]  do_syscall_64+0xf3/0x230
[  119.484489][ T6981]  ? clear_bhb_loop+0x35/0x90
[  119.489195][ T6981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.495107][ T6981] RIP: 0033:0x7fa37e775bd9
[  119.499540][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.519254][ T6981] RSP: 002b:00007fa37f5e0048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  119.527695][ T6981] RAX: ffffffffffffffda RBX: 00007fa37e904038 RCX: 00007fa37e775bd9
[  119.535774][ T6981] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[  119.543760][ T6981] RBP: 00007fa37f5e00a0 R08: 0000000020003700 R09: 0000000000000000
[  119.551839][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.559831][ T6981] R13: 000000000000006e R14: 00007fa37e904038 R15: 00007ffc29669fe8
[  119.567842][ T6981]  </TASK>
[  119.573839][ T6973] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  119.621715][ T6830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.780514][ T6985] netlink: 'syz.4.611': attribute type 6 has an invalid length.
[  119.922510][ T6830] team0: Port device team_slave_0 added
[  119.956073][ T6830] team0: Port device team_slave_1 added
[  120.104702][ T7005] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[  120.115024][ T6830] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.122092][ T6830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.149083][ T6830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.172958][ T6830] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.188672][ T6830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.244658][ T6830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.270421][ T7005] netlink: 28 bytes leftover after parsing attributes in process `syz.0.614'.
[  120.286623][ T7012] ebtables: ebtables: counters copy to user failed while replacing table
[  120.428794][ T6830] hsr_slave_0: entered promiscuous mode
[  120.441895][ T6830] hsr_slave_1: entered promiscuous mode
[  120.451858][ T6830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  120.460903][ T6830] Cannot create hsr debugfs directory
[  120.974340][ T5098] Bluetooth: hci0: command tx timeout
[  121.002120][ T7047] FAULT_INJECTION: forcing a failure.
[  121.002120][ T7047] name failslab, interval 1, probability 0, space 0, times 0
[  121.026293][ T7047] CPU: 0 PID: 7047 Comm: syz.0.625 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  121.036324][ T7047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  121.046402][ T7047] Call Trace:
[  121.049698][ T7047]  <TASK>
[  121.052650][ T7047]  dump_stack_lvl+0x241/0x360
[  121.057366][ T7047]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.062567][ T7047]  ? __pfx__printk+0x10/0x10
[  121.067155][ T7047]  ? __pfx___might_resched+0x10/0x10
[  121.072451][ T7047]  ? dynamic_dname+0x141/0x1b0
[  121.077218][ T7047]  should_fail_ex+0x3b0/0x4e0
[  121.081900][ T7047]  ? tomoyo_encode+0x26f/0x540
[  121.086656][ T7047]  should_failslab+0x9/0x20
[  121.091156][ T7047]  __kmalloc_noprof+0xd8/0x400
[  121.095922][ T7047]  tomoyo_encode+0x26f/0x540
[  121.100520][ T7047]  ? __pfx_sockfs_dname+0x10/0x10
[  121.105548][ T7047]  tomoyo_realpath_from_path+0x59e/0x5e0
[  121.111184][ T7047]  tomoyo_path_number_perm+0x23a/0x880
[  121.116643][ T7047]  ? tomoyo_path_number_perm+0x208/0x880
[  121.122272][ T7047]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  121.128281][ T7047]  ? __fget_files+0x29/0x470
[  121.132875][ T7047]  ? __fget_files+0x3f6/0x470
[  121.137543][ T7047]  ? __fget_files+0x29/0x470
[  121.142132][ T7047]  security_file_ioctl+0x75/0xb0
[  121.147158][ T7047]  __se_sys_ioctl+0x47/0x170
[  121.151743][ T7047]  do_syscall_64+0xf3/0x230
[  121.156240][ T7047]  ? clear_bhb_loop+0x35/0x90
[  121.160921][ T7047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.166805][ T7047] RIP: 0033:0x7fc312175bd9
[  121.171213][ T7047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.190825][ T7047] RSP: 002b:00007fc312eb7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  121.199244][ T7047] RAX: ffffffffffffffda RBX: 00007fc312303f60 RCX: 00007fc312175bd9
[  121.207208][ T7047] RDX: 0000000020000540 RSI: 000000000000890b RDI: 0000000000000004
[  121.215174][ T7047] RBP: 00007fc312eb70a0 R08: 0000000000000000 R09: 0000000000000000
[  121.223136][ T7047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.231186][ T7047] R13: 000000000000000b R14: 00007fc312303f60 R15: 00007ffcb9810088
[  121.239168][ T7047]  </TASK>
[  121.253933][ T7047] ERROR: Out of memory at tomoyo_realpath_from_path.
[  121.344879][ T7054] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  121.400496][ T7053] vlan2: entered allmulticast mode
[  121.424937][ T7053] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  121.489752][ T7053] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[  121.789880][ T7059] ebtables: ebtables: counters copy to user failed while replacing table
[  121.884136][ T7074] netlink: 'syz.2.629': attribute type 6 has an invalid length.
[  122.121256][ T6830] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  122.136651][ T6830] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  122.186047][ T6830] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  122.214313][ T6830] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  122.307730][ T7093] netlink: 15 bytes leftover after parsing attributes in process `syz.0.636'.
[  122.583611][ T6830] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.610312][ T7101] netlink: 4 bytes leftover after parsing attributes in process `syz.0.639'.
[  122.702190][ T6830] 8021q: adding VLAN 0 to HW filter on device team0
[  122.747401][ T5141] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.754634][ T5141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.811489][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.818707][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.939401][ T7116] vlan2: entered allmulticast mode
[  122.966361][ T7116] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  122.986303][ T7116] mac80211_hwsim hwsim11 wlan1: left allmulticast mode
[  123.054003][ T5098] Bluetooth: hci0: command tx timeout
[  123.334390][ T7143] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[  123.405842][ T7140] netlink: 28 bytes leftover after parsing attributes in process `syz.0.647'.
[  123.669614][ T7165] netlink: 'syz.0.653': attribute type 6 has an invalid length.
[  123.734197][ T6830] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.748823][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.1.654'.
[  123.939316][ T6830] veth0_vlan: entered promiscuous mode
[  124.008785][ T6830] veth1_vlan: entered promiscuous mode
[  124.192735][ T6830] veth0_macvtap: entered promiscuous mode
[  124.238474][ T6830] veth1_macvtap: entered promiscuous mode
[  124.320462][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.345113][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.356972][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.383840][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.410554][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.429175][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.439682][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.450626][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.469600][ T6830] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.535022][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.563847][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.617061][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.637118][ T7206] netlink: 44 bytes leftover after parsing attributes in process `syz.1.663'.
[  124.646845][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.659777][ T7206] netlink: 43 bytes leftover after parsing attributes in process `syz.1.663'.
[  124.668791][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.679823][ T7206] netlink: 'syz.1.663': attribute type 6 has an invalid length.
[  124.689304][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.701765][ T7206] netlink: 'syz.1.663': attribute type 5 has an invalid length.
[  124.711867][ T6830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.726600][ T7206] netlink: 43 bytes leftover after parsing attributes in process `syz.1.663'.
[  124.736181][ T6830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.748909][ T6830] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.768559][ T7210] netlink: 16 bytes leftover after parsing attributes in process `syz.1.663'.
[  124.838352][ T6830] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.865880][ T6830] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.883890][ T6830] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.912594][ T6830] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.963607][ T7218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.665'.
[  125.029867][ T7221] netlink: 4 bytes leftover after parsing attributes in process `syz.4.667'.
[  125.138128][ T5752] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.186155][ T5752] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.267064][ T2812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.282685][ T2812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.488848][ T7239] netlink: 'syz.2.672': attribute type 6 has an invalid length.
[  125.701397][ T7251] netlink: 'syz.4.675': attribute type 6 has an invalid length.
[  126.778872][ T7294] netlink: 'syz.1.682': attribute type 4 has an invalid length.
[  126.912211][ T7294] netlink: 'syz.1.682': attribute type 4 has an invalid length.
[  126.925182][ T7303] FAULT_INJECTION: forcing a failure.
[  126.925182][ T7303] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.969232][ T7303] CPU: 0 PID: 7303 Comm: syz.2.684 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  126.980063][ T7303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  126.990169][ T7303] Call Trace:
[  126.993470][ T7303]  <TASK>
[  126.996412][ T7303]  dump_stack_lvl+0x241/0x360
[  127.001091][ T7303]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.006292][ T7303]  ? __pfx__printk+0x10/0x10
[  127.010876][ T7303]  ? __pfx_lock_release+0x10/0x10
[  127.015904][ T7303]  ? __lock_acquire+0x1346/0x1fd0
[  127.020925][ T7303]  should_fail_ex+0x3b0/0x4e0
[  127.025608][ T7303]  _copy_from_user+0x2f/0xe0
[  127.030193][ T7303]  kstrtouint_from_user+0xc6/0x190
[  127.035305][ T7303]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  127.041029][ T7303]  ? __pfx_lock_acquire+0x10/0x10
[  127.046072][ T7303]  proc_fail_nth_write+0xaa/0x2d0
[  127.051094][ T7303]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  127.057001][ T7303]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  127.062644][ T7303]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  127.068294][ T7303]  vfs_write+0x2a2/0xc90
[  127.072555][ T7303]  ? __pfx_vfs_write+0x10/0x10
[  127.077325][ T7303]  ? __fget_files+0x29/0x470
[  127.081918][ T7303]  ? __fget_files+0x3f6/0x470
[  127.086619][ T7303]  ksys_write+0x1a0/0x2c0
[  127.090948][ T7303]  ? __pfx_ksys_write+0x10/0x10
[  127.095792][ T7303]  ? do_syscall_64+0x100/0x230
[  127.101395][ T7303]  ? do_syscall_64+0xb6/0x230
[  127.106192][ T7303]  do_syscall_64+0xf3/0x230
[  127.110704][ T7303]  ? clear_bhb_loop+0x35/0x90
[  127.115388][ T7303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.121398][ T7303] RIP: 0033:0x7f740257475f
[  127.125820][ T7303] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  127.145541][ T7303] RSP: 002b:00007f7403351040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  127.154216][ T7303] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f740257475f
[  127.162188][ T7303] RDX: 0000000000000001 RSI: 00007f74033510b0 RDI: 0000000000000003
[  127.170152][ T7303] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[  127.178119][ T7303] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  127.186082][ T7303] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[  127.194060][ T7303]  </TASK>
[  127.439127][ T7320] netlink: 'syz.0.687': attribute type 6 has an invalid length.
[  127.577893][ T7323] __nla_validate_parse: 1 callbacks suppressed
[  127.577912][ T7323] netlink: 892 bytes leftover after parsing attributes in process `syz.2.688'.
[  127.606188][ T7294] syz.1.682 (7294) used greatest stack depth: 18960 bytes left
[  127.718308][ T5755] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.482073][ T5103] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  128.493591][ T5103] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  128.519256][ T5103] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  128.534598][ T5103] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  128.545530][ T5103] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  128.553007][ T5103] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  128.642765][ T5755] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.704805][ T7371] netlink: 'syz.2.700': attribute type 4 has an invalid length.
[  128.791383][ T7382] lo speed is unknown, defaulting to 1000
[  128.801962][ T7382] lo speed is unknown, defaulting to 1000
[  128.809929][ T7382] lo speed is unknown, defaulting to 1000
[  128.879347][ T5755] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.935059][ T7371] netlink: 'syz.2.700': attribute type 4 has an invalid length.
[  128.977901][ T7383] netlink: 4 bytes leftover after parsing attributes in process `syz.1.702'.
[  129.005998][ T7387] netlink: 3084 bytes leftover after parsing attributes in process `syz.0.703'.
[  129.033878][ T7387] netlink: 'syz.0.703': attribute type 1 has an invalid length.
[  129.046737][ T5755] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.064290][ T7387] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.703'.
[  129.085672][ T7366] caif0 speed is unknown, defaulting to 1000
[  129.355286][ T5755] bridge_slave_1: left allmulticast mode
[  129.394383][ T5755] bridge_slave_1: left promiscuous mode
[  129.410978][ T5755] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.449493][ T5755] bridge_slave_0: left allmulticast mode
[  129.460332][ T5755] bridge_slave_0: left promiscuous mode
[  129.471559][ T5755] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.543949][ T7382] infiniband syz0: set active
[  129.548691][ T7382] infiniband syz0: added lo
[  129.597885][ T7382] RDS/IB: syz0: added
[  129.602932][ T7382] smc: adding ib device syz0 with port count 1
[  129.609552][ T7382] smc:    ib device syz0 port 1 has pnetid 
[  129.866690][ T5755] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  129.880535][ T5755] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  129.891646][ T5755] bond0 (unregistering): Released all slaves
[  129.905966][ T7398] netlink: 'syz.2.706': attribute type 6 has an invalid length.
[  129.914808][  T783] lo speed is unknown, defaulting to 1000
[  130.034123][ T5143] lo speed is unknown, defaulting to 1000
[  130.084607][ T7382] lo speed is unknown, defaulting to 1000
[  130.419809][ T7429] netlink: 4 bytes leftover after parsing attributes in process `syz.4.711'.
[  130.645552][ T7382] lo speed is unknown, defaulting to 1000
[  130.657830][ T5103] Bluetooth: hci0: command tx timeout
[  131.083588][ T7446] netlink: 3084 bytes leftover after parsing attributes in process `syz.0.715'.
[  131.093193][ T7446] netlink: 'syz.0.715': attribute type 1 has an invalid length.
[  131.101438][ T7446] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.715'.
[  131.932527][ T7440] vlan2: entered allmulticast mode
[  131.938104][ T7440] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  131.948175][ T7440] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[  131.994031][ T7382] lo speed is unknown, defaulting to 1000
[  132.097544][ T7449] FAULT_INJECTION: forcing a failure.
[  132.097544][ T7449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.113956][ T7449] CPU: 1 PID: 7449 Comm: syz.2.716 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  132.123972][ T7449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  132.134394][ T7449] Call Trace:
[  132.137691][ T7449]  <TASK>
[  132.140638][ T7449]  dump_stack_lvl+0x241/0x360
[  132.145336][ T7449]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.150565][ T7449]  ? __pfx__printk+0x10/0x10
[  132.155182][ T7449]  ? vfs_write+0x7c4/0xc90
[  132.159633][ T7449]  should_fail_ex+0x3b0/0x4e0
[  132.164370][ T7449]  _copy_from_user+0x2f/0xe0
[  132.168998][ T7449]  move_addr_to_kernel+0x82/0x150
[  132.174064][ T7449]  __sys_connect+0xc1/0x310
[  132.178598][ T7449]  ? __pfx___sys_connect+0x10/0x10
[  132.183731][ T7449]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  132.190063][ T7449]  ? do_syscall_64+0x100/0x230
[  132.194827][ T7449]  __x64_sys_connect+0x7a/0x90
[  132.199592][ T7449]  do_syscall_64+0xf3/0x230
[  132.204120][ T7449]  ? clear_bhb_loop+0x35/0x90
[  132.208795][ T7449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.214851][ T7449] RIP: 0033:0x7f7402575bd9
[  132.219259][ T7449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.238970][ T7449] RSP: 002b:00007f7403351048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  132.247767][ T7449] RAX: ffffffffffffffda RBX: 00007f7402703f60 RCX: 00007f7402575bd9
[  132.256260][ T7449] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000004
[  132.264313][ T7449] RBP: 00007f74033510a0 R08: 0000000000000000 R09: 0000000000000000
[  132.272720][ T7449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.280753][ T7449] R13: 000000000000000b R14: 00007f7402703f60 R15: 00007fff38708f88
[  132.288738][ T7449]  </TASK>
[  132.428387][ T7366] chnl_net:caif_netlink_parms(): no params data found
[  132.558219][ T7464] netlink: 'syz.2.722': attribute type 6 has an invalid length.
[  132.736111][ T5103] Bluetooth: hci0: command tx timeout
[  132.839361][ T7366] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.854173][ T7366] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.871728][ T7366] bridge_slave_0: entered allmulticast mode
[  132.887235][ T7366] bridge_slave_0: entered promiscuous mode
[  132.919528][ T7366] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.944091][ T7366] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.959479][ T7366] bridge_slave_1: entered allmulticast mode
[  132.973131][ T7366] bridge_slave_1: entered promiscuous mode
[  132.997025][ T7382] lo speed is unknown, defaulting to 1000
[  133.120149][ T7366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  133.140366][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  133.155565][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  133.182484][ T7366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  133.426183][ T7366] team0: Port device team_slave_0 added
[  133.475238][ T7366] team0: Port device team_slave_1 added
[  133.492152][ T7497] netlink: 3084 bytes leftover after parsing attributes in process `syz.4.727'.
[  133.536697][ T7497] netlink: 'syz.4.727': attribute type 1 has an invalid length.
[  133.554723][ T7497] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.727'.
[  133.612622][ T7500] vlan2: entered allmulticast mode
[  133.626821][ T7500] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  133.652555][ T7500] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  133.746340][ T7366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  133.781684][ T7366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  133.814884][ T7366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  133.827403][ T7382] lo speed is unknown, defaulting to 1000
[  133.849265][ T7366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  133.872833][ T7366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  133.947155][ T7366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  134.055232][ T7508] FAULT_INJECTION: forcing a failure.
[  134.055232][ T7508] name failslab, interval 1, probability 0, space 0, times 0
[  134.107493][ T7508] CPU: 1 PID: 7508 Comm: syz.4.732 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  134.117522][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  134.127599][ T7508] Call Trace:
[  134.130889][ T7508]  <TASK>
[  134.133828][ T7508]  dump_stack_lvl+0x241/0x360
[  134.138543][ T7508]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.143749][ T7508]  ? __pfx__printk+0x10/0x10
[  134.148352][ T7508]  ? netlink_insert+0x10b7/0x14b0
[  134.153392][ T7508]  should_fail_ex+0x3b0/0x4e0
[  134.158086][ T7508]  ? __alloc_skb+0x1c3/0x440
[  134.162689][ T7508]  should_failslab+0x9/0x20
[  134.167213][ T7508]  kmem_cache_alloc_node_noprof+0x71/0x320
[  134.173058][ T7508]  __alloc_skb+0x1c3/0x440
[  134.177507][ T7508]  ? __pfx___alloc_skb+0x10/0x10
[  134.182471][ T7508]  ? netlink_autobind+0xd6/0x2f0
[  134.187430][ T7508]  ? netlink_autobind+0x2b0/0x2f0
[  134.192479][ T7508]  netlink_sendmsg+0x638/0xcb0
[  134.197271][ T7508]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.202580][ T7508]  ? __import_iovec+0x536/0x820
[  134.207437][ T7508]  ? aa_sock_msg_perm+0x91/0x160
[  134.212394][ T7508]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  134.217699][ T7508]  ? security_socket_sendmsg+0x87/0xb0
[  134.223186][ T7508]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.228503][ T7508]  __sock_sendmsg+0x221/0x270
[  134.233190][ T7508]  ____sys_sendmsg+0x525/0x7d0
[  134.237958][ T7508]  ? __pfx_____sys_sendmsg+0x10/0x10
[  134.243248][ T7508]  __sys_sendmsg+0x2b0/0x3a0
[  134.247835][ T7508]  ? __pfx___sys_sendmsg+0x10/0x10
[  134.252937][ T7508]  ? vfs_write+0x7c4/0xc90
[  134.257462][ T7508]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  134.263785][ T7508]  ? do_syscall_64+0x100/0x230
[  134.268550][ T7508]  ? do_syscall_64+0xb6/0x230
[  134.273216][ T7508]  do_syscall_64+0xf3/0x230
[  134.277711][ T7508]  ? clear_bhb_loop+0x35/0x90
[  134.282382][ T7508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.288266][ T7508] RIP: 0033:0x7f5aaff75bd9
[  134.292672][ T7508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.312270][ T7508] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  134.320676][ T7508] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[  134.328727][ T7508] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  134.336711][ T7508] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[  134.344797][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.353483][ T7508] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[  134.361563][ T7508]  </TASK>
[  134.519490][ T7366] hsr_slave_0: entered promiscuous mode
[  134.530491][ T7366] hsr_slave_1: entered promiscuous mode
[  134.561601][ T7366] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  134.574036][ T7366] Cannot create hsr debugfs directory
[  134.629231][ T7382] lo speed is unknown, defaulting to 1000
[  134.738550][ T7522] netlink: 'syz.2.738': attribute type 6 has an invalid length.
[  134.804656][ T7524] netlink: 3084 bytes leftover after parsing attributes in process `syz.4.739'.
[  134.814209][ T5103] Bluetooth: hci0: command tx timeout
[  134.869720][ T7524] netlink: 'syz.4.739': attribute type 1 has an invalid length.
[  134.913879][ T7524] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.739'.
[  135.302917][ T7540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.741'.
[  135.811351][ T7551] vlan2: entered allmulticast mode
[  135.822474][ T7551] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  135.860637][ T7551] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  136.153693][ T7576] netlink: 3084 bytes leftover after parsing attributes in process `syz.2.750'.
[  136.181470][ T7576] netlink: 'syz.2.750': attribute type 1 has an invalid length.
[  136.191012][ T7576] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.750'.
[  136.277186][ T7575] netlink: 16 bytes leftover after parsing attributes in process `syz.1.752'.
[  136.331855][ T5755] hsr_slave_0: left promiscuous mode
[  136.406201][ T5755] hsr_slave_1: left promiscuous mode
[  136.439893][ T5755] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.448123][ T7582] netlink: 4 bytes leftover after parsing attributes in process `syz.2.755'.
[  136.485602][ T5755] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.543585][ T5755] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.571881][ T5755] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.649691][ T5755] veth1_macvtap: left promiscuous mode
[  136.662662][ T5755] veth0_macvtap: left promiscuous mode
[  136.679559][ T5755] veth1_vlan: left promiscuous mode
[  136.696428][ T5755] veth0_vlan: left promiscuous mode
[  136.893865][ T5103] Bluetooth: hci0: command tx timeout
[  137.258363][ T5755] team0 (unregistering): Port device team_slave_1 removed
[  137.298721][ T5755] team0 (unregistering): Port device team_slave_0 removed
[  137.638274][ T7588] : entered promiscuous mode
[  137.646906][ T7592] netlink: 'syz.1.759': attribute type 6 has an invalid length.
[  137.755844][ T7609] No such timeout policy "syz0"
[  137.828612][ T7612] netlink: 3084 bytes leftover after parsing attributes in process `syz.1.765'.
[  137.857456][ T7612] netlink: 'syz.1.765': attribute type 1 has an invalid length.
[  137.961341][ T7366] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  138.040704][ T7617] vlan2: entered allmulticast mode
[  138.065499][ T7617] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  138.099210][ T7617] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  138.180032][ T7366] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  138.207396][ T7366] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  138.260517][ T7366] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  138.564524][ T7643] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[  138.618629][ T7366] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.658099][ T7643] __nla_validate_parse: 3 callbacks suppressed
[  138.658120][ T7643] netlink: 28 bytes leftover after parsing attributes in process `syz.1.773'.
[  138.729154][ T7647] netlink: 'syz.2.775': attribute type 6 has an invalid length.
[  138.790029][ T7366] 8021q: adding VLAN 0 to HW filter on device team0
[  138.835438][  T783] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.842628][  T783] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.886307][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.893522][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.063318][ T7665] netlink: 20 bytes leftover after parsing attributes in process `syz.1.778'.
[  139.102407][ T7665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.778'.
[  139.126001][ T7665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.778'.
[  139.171417][ T7669] netlink: 3084 bytes leftover after parsing attributes in process `syz.4.779'.
[  139.187883][ T7366] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  139.207220][ T7669] netlink: 'syz.4.779': attribute type 1 has an invalid length.
[  139.228716][ T7669] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.779'.
[  139.400507][ T7683] vlan2: entered allmulticast mode
[  139.416883][ T7683] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  139.431709][ T7683] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[  139.468423][ T7684] netlink: 20 bytes leftover after parsing attributes in process `syz.0.782'.
[  139.480386][ T7684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.782'.
[  139.494649][ T7684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.782'.
[  139.692719][ T7695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.784'.
[  139.772240][ T7366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.956059][ T7366] veth0_vlan: entered promiscuous mode
[  139.969969][ T7710] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[  139.988645][ T7707] FAULT_INJECTION: forcing a failure.
[  139.988645][ T7707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.993657][ T7366] veth1_vlan: entered promiscuous mode
[  140.040828][ T7707] CPU: 1 PID: 7707 Comm: syz.1.788 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  140.050855][ T7707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  140.060937][ T7707] Call Trace:
[  140.064240][ T7707]  <TASK>
[  140.067192][ T7707]  dump_stack_lvl+0x241/0x360
[  140.071900][ T7707]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.077141][ T7707]  ? __pfx__printk+0x10/0x10
[  140.081770][ T7707]  ? snprintf+0xda/0x120
[  140.086059][ T7707]  should_fail_ex+0x3b0/0x4e0
[  140.090780][ T7707]  _copy_to_user+0x2f/0xb0
[  140.095229][ T7707]  simple_read_from_buffer+0xca/0x150
[  140.098012][ T7366] veth0_macvtap: entered promiscuous mode
[  140.100610][ T7707]  proc_fail_nth_read+0x1e9/0x250
[  140.111395][ T7707]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.116969][ T7707]  ? rw_verify_area+0x514/0x6b0
[  140.121849][ T7707]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.127416][ T7707]  vfs_read+0x204/0xbd0
[  140.129172][ T7366] veth1_macvtap: entered promiscuous mode
[  140.131572][ T7707]  ? __pfx_lock_release+0x10/0x10
[  140.131605][ T7707]  ? __pfx_vfs_read+0x10/0x10
[  140.147013][ T7707]  ? __fget_files+0x29/0x470
[  140.151631][ T7707]  ? __fget_files+0x3f6/0x470
[  140.156347][ T7707]  ksys_read+0x1a0/0x2c0
[  140.160618][ T7707]  ? __pfx_ksys_read+0x10/0x10
[  140.165405][ T7707]  ? do_syscall_64+0x100/0x230
[  140.170194][ T7707]  ? do_syscall_64+0xb6/0x230
[  140.174982][ T7707]  do_syscall_64+0xf3/0x230
[  140.179204][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.179503][ T7707]  ? clear_bhb_loop+0x35/0x90
[  140.189932][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.194546][ T7707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.194570][ T7707] RIP: 0033:0x7fa37e7746bc
[  140.194588][ T7707] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  140.194605][ T7707] RSP: 002b:00007fa37f601040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  140.194625][ T7707] RAX: ffffffffffffffda RBX: 00007fa37e903f60 RCX: 00007fa37e7746bc
[  140.194640][ T7707] RDX: 000000000000000f RSI: 00007fa37f6010b0 RDI: 0000000000000006
[  140.194652][ T7707] RBP: 00007fa37f6010a0 R08: 0000000000000000 R09: 0000000000000000
[  140.194663][ T7707] R10: 00000000000001a1 R11: 0000000000000246 R12: 0000000000000001
[  140.194676][ T7707] R13: 000000000000000b R14: 00007fa37e903f60 R15: 00007ffc29669fe8
[  140.194705][ T7707]  </TASK>
[  140.379138][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.392579][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.412135][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.444090][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.463872][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.486285][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.545648][ T7366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.602415][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.649339][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.683895][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.723805][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.762232][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.793109][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.813512][ T7366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.843822][ T7366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.867735][ T7366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.902087][ T7737] netlink: 'syz.2.794': attribute type 6 has an invalid length.
[  140.924711][ T7366] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.933891][ T7739] netlink: 'syz.4.793': attribute type 1 has an invalid length.
[  140.951754][ T7366] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.977294][ T7366] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.990857][ T7366] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.249738][ T2812] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.285691][ T2812] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.385133][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.407124][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.846058][ T7772] FAULT_INJECTION: forcing a failure.
[  141.846058][ T7772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.847810][ T7774] netlink: 'syz.2.800': attribute type 6 has an invalid length.
[  141.896678][ T7774] netlink: 'syz.2.800': attribute type 5 has an invalid length.
[  141.903799][ T7772] CPU: 0 PID: 7772 Comm: syz.4.803 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  141.914315][ T7772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  141.924373][ T7772] Call Trace:
[  141.927650][ T7772]  <TASK>
[  141.930570][ T7772]  dump_stack_lvl+0x241/0x360
[  141.935245][ T7772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.940433][ T7772]  ? __pfx__printk+0x10/0x10
[  141.945016][ T7772]  ? __pfx_lock_release+0x10/0x10
[  141.950045][ T7772]  should_fail_ex+0x3b0/0x4e0
[  141.954721][ T7772]  _copy_from_user+0x2f/0xe0
[  141.959311][ T7772]  copy_msghdr_from_user+0xae/0x680
[  141.964501][ T7772]  ? _parse_integer_limit+0x1b5/0x200
[  141.969906][ T7772]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  141.975735][ T7772]  __sys_sendmmsg+0x374/0x740
[  141.980426][ T7772]  ? __pfx___sys_sendmmsg+0x10/0x10
[  141.985654][ T7772]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  141.991551][ T7772]  ? ksys_write+0x23e/0x2c0
[  141.996052][ T7772]  ? __pfx_lock_release+0x10/0x10
[  142.001074][ T7772]  ? vfs_write+0x7c4/0xc90
[  142.005503][ T7772]  ? __mutex_unlock_slowpath+0x21d/0x750
[  142.011149][ T7772]  ? __pfx_vfs_write+0x10/0x10
[  142.015944][ T7772]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  142.021932][ T7772]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  142.028258][ T7772]  ? do_syscall_64+0x100/0x230
[  142.033048][ T7772]  __x64_sys_sendmmsg+0xa0/0xb0
[  142.037920][ T7772]  do_syscall_64+0xf3/0x230
[  142.042421][ T7772]  ? clear_bhb_loop+0x35/0x90
[  142.047098][ T7772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.052987][ T7772] RIP: 0033:0x7f5aaff75bd9
[  142.057413][ T7772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.077026][ T7772] RSP: 002b:00007f5ab0e30048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  142.085443][ T7772] RAX: ffffffffffffffda RBX: 00007f5ab0103f60 RCX: 00007f5aaff75bd9
[  142.093411][ T7772] RDX: 000000000800001d RSI: 0000000020007fc0 RDI: 0000000000000003
[  142.101377][ T7772] RBP: 00007f5ab0e300a0 R08: 0000000000000000 R09: 0000000000000000
[  142.109362][ T7772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.117322][ T7772] R13: 000000000000000b R14: 00007f5ab0103f60 R15: 00007ffdc9526e68
[  142.125296][ T7772]  </TASK>
[  142.362860][ T7789] netlink: 'syz.4.805': attribute type 1 has an invalid length.
[  142.594485][ T7803] netlink: 'syz.1.810': attribute type 6 has an invalid length.
[  143.564740][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.829435][ T7838] Bluetooth: hci3: invalid length 0, exp 2 for type 16
[  144.037725][ T5098] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  144.060811][ T5098] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  144.077259][ T5098] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  144.086558][ T5098] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  144.099418][ T5098] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  144.113929][ T5098] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  145.024884][ T2812] ==================================================================
[  145.033000][ T2812] BUG: KASAN: slab-use-after-free in l2tp_tunnel_del_work+0xe5/0x330
[  145.041061][ T2812] Read of size 8 at addr ffff8880654618b8 by task kworker/u8:7/2812
[  145.049025][ T2812] 
[  145.051335][ T2812] CPU: 0 PID: 2812 Comm: kworker/u8:7 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  145.061560][ T2812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  145.071628][ T2812] Workqueue: l2tp l2tp_tunnel_del_work
[  145.077091][ T2812] Call Trace:
[  145.080375][ T2812]  <TASK>
[  145.083312][ T2812]  dump_stack_lvl+0x241/0x360
[  145.088017][ T2812]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.093238][ T2812]  ? __pfx__printk+0x10/0x10
[  145.097844][ T2812]  ? _printk+0xd5/0x120
[  145.102008][ T2812]  ? __virt_addr_valid+0x183/0x520
[  145.107129][ T2812]  ? __virt_addr_valid+0x183/0x520
[  145.112257][ T2812]  print_report+0x169/0x550
[  145.116775][ T2812]  ? __virt_addr_valid+0x183/0x520
[  145.121902][ T2812]  ? __virt_addr_valid+0x183/0x520
[  145.127032][ T2812]  ? __virt_addr_valid+0x44e/0x520
[  145.132142][ T2812]  ? __phys_addr+0xba/0x170
[  145.136638][ T2812]  ? l2tp_tunnel_del_work+0xe5/0x330
[  145.141923][ T2812]  kasan_report+0x143/0x180
[  145.146420][ T2812]  ? l2tp_tunnel_del_work+0xe5/0x330
[  145.151706][ T2812]  l2tp_tunnel_del_work+0xe5/0x330
[  145.156818][ T2812]  ? process_scheduled_works+0x945/0x1830
[  145.162525][ T2812]  process_scheduled_works+0xa2c/0x1830
[  145.168162][ T2812]  ? __pfx_process_scheduled_works+0x10/0x10
[  145.174142][ T2812]  ? assign_work+0x364/0x3d0
[  145.178724][ T2812]  worker_thread+0x86d/0xd50
[  145.183321][ T2812]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  145.189215][ T2812]  ? __kthread_parkme+0x169/0x1d0
[  145.194239][ T2812]  ? __pfx_worker_thread+0x10/0x10
[  145.199341][ T2812]  kthread+0x2f0/0x390
[  145.203425][ T2812]  ? __pfx_worker_thread+0x10/0x10
[  145.208527][ T2812]  ? __pfx_kthread+0x10/0x10
[  145.213106][ T2812]  ret_from_fork+0x4b/0x80
[  145.217514][ T2812]  ? __pfx_kthread+0x10/0x10
[  145.222089][ T2812]  ret_from_fork_asm+0x1a/0x30
[  145.226848][ T2812]  </TASK>
[  145.229852][ T2812] 
[  145.232156][ T2812] Allocated by task 7853:
[  145.236469][ T2812]  kasan_save_track+0x3f/0x80
[  145.241133][ T2812]  __kasan_kmalloc+0x98/0xb0
[  145.245708][ T2812]  __kmalloc_noprof+0x1f9/0x400
[  145.250542][ T2812]  l2tp_session_create+0x3b/0xc20
[  145.255549][ T2812]  pppol2tp_connect+0xca3/0x17a0
[  145.260476][ T2812]  __sys_connect+0x2df/0x310
[  145.265052][ T2812]  __x64_sys_connect+0x7a/0x90
[  145.269803][ T2812]  do_syscall_64+0xf3/0x230
[  145.274291][ T2812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.280167][ T2812] 
[  145.282480][ T2812] Freed by task 7826:
[  145.286440][ T2812]  kasan_save_track+0x3f/0x80
[  145.291106][ T2812]  kasan_save_free_info+0x40/0x50
[  145.296113][ T2812]  poison_slab_object+0xe0/0x150
[  145.301039][ T2812]  __kasan_slab_free+0x37/0x60
[  145.305788][ T2812]  kfree+0x149/0x360
[  145.309669][ T2812]  __sk_destruct+0x58/0x5f0
[  145.314161][ T2812]  rcu_core+0xafd/0x1830
[  145.318385][ T2812]  handle_softirqs+0x2c4/0x970
[  145.323129][ T2812]  __irq_exit_rcu+0xf4/0x1c0
[  145.327703][ T2812]  irq_exit_rcu+0x9/0x30
[  145.331925][ T2812]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  145.337545][ T2812]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  145.343510][ T2812] 
[  145.345817][ T2812] Last potentially related work creation:
[  145.351508][ T2812]  kasan_save_stack+0x3f/0x60
[  145.356183][ T2812]  __kasan_record_aux_stack+0xac/0xc0
[  145.361564][ T2812]  call_rcu+0x167/0xa70
[  145.365708][ T2812]  pppol2tp_release+0x24b/0x350
[  145.370544][ T2812]  sock_close+0xbc/0x240
[  145.374773][ T2812]  __fput+0x406/0x8b0
[  145.378738][ T2812]  task_work_run+0x24f/0x310
[  145.383313][ T2812]  syscall_exit_to_user_mode+0x168/0x370
[  145.388931][ T2812]  do_syscall_64+0x100/0x230
[  145.393507][ T2812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.399384][ T2812] 
[  145.401698][ T2812] The buggy address belongs to the object at ffff888065461800
[  145.401698][ T2812]  which belongs to the cache kmalloc-1k of size 1024
[  145.415732][ T2812] The buggy address is located 184 bytes inside of
[  145.415732][ T2812]  freed 1024-byte region [ffff888065461800, ffff888065461c00)
[  145.429598][ T2812] 
[  145.431907][ T2812] The buggy address belongs to the physical page:
[  145.438304][ T2812] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x65460
[  145.447051][ T2812] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  145.455616][ T2812] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  145.463148][ T2812] page_type: 0xffffefff(slab)
[  145.467902][ T2812] raw: 00fff00000000040 ffff888015041dc0 dead000000000100 dead000000000122
[  145.476475][ T2812] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  145.485044][ T2812] head: 00fff00000000040 ffff888015041dc0 dead000000000100 dead000000000122
[  145.493700][ T2812] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  145.502358][ T2812] head: 00fff00000000003 ffffea0001951801 ffffffffffffffff 0000000000000000
[  145.511008][ T2812] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  145.519654][ T2812] page dumped because: kasan: bad access detected
[  145.526059][ T2812] page_owner tracks the page as allocated
[  145.531756][ T2812] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5144, tgid 5144 (kworker/1:6), ts 61975903036, free_ts 14560672681
[  145.552329][ T2812]  post_alloc_hook+0x1f3/0x230
[  145.557086][ T2812]  get_page_from_freelist+0x2e4c/0x2f10
[  145.562623][ T2812]  __alloc_pages_noprof+0x256/0x6c0
[  145.567812][ T2812]  alloc_slab_page+0x5f/0x120
[  145.572473][ T2812]  allocate_slab+0x5a/0x2f0
[  145.576961][ T2812]  ___slab_alloc+0xcd1/0x14b0
[  145.581626][ T2812]  __slab_alloc+0x58/0xa0
[  145.586119][ T2812]  __kmalloc_noprof+0x257/0x400
[  145.590954][ T2812]  ___neigh_create+0x691/0x2470
[  145.595792][ T2812]  ip6_finish_output2+0x1631/0x1680
[  145.600976][ T2812]  ip6_finish_output+0x41e/0x810
[  145.605902][ T2812]  NF_HOOK+0x9e/0x430
[  145.609872][ T2812]  mld_sendpack+0x843/0xdb0
[  145.614364][ T2812]  mld_ifc_work+0x7d6/0xd90
[  145.618852][ T2812]  process_scheduled_works+0xa2c/0x1830
[  145.624390][ T2812]  worker_thread+0x86d/0xd50
[  145.628974][ T2812] page last free pid 1 tgid 1 stack trace:
[  145.634760][ T2812]  free_unref_page+0xd22/0xea0
[  145.639512][ T2812]  free_contig_range+0x9e/0x160
[  145.644348][ T2812]  destroy_args+0x8a/0x890
[  145.648758][ T2812]  debug_vm_pgtable+0x4be/0x550
[  145.653596][ T2812]  do_one_initcall+0x248/0x880
[  145.658345][ T2812]  do_initcall_level+0x157/0x210
[  145.663274][ T2812]  do_initcalls+0x3f/0x80
[  145.667588][ T2812]  kernel_init_freeable+0x435/0x5d0
[  145.672791][ T2812]  kernel_init+0x1d/0x2b0
[  145.677128][ T2812]  ret_from_fork+0x4b/0x80
[  145.681548][ T2812]  ret_from_fork_asm+0x1a/0x30
[  145.686312][ T2812] 
[  145.688622][ T2812] Memory state around the buggy address:
[  145.694238][ T2812]  ffff888065461780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  145.702287][ T2812]  ffff888065461800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  145.710348][ T2812] >ffff888065461880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  145.718826][ T2812]                                         ^
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[  145.724701][ T2812]  ffff888065461900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  145.732746][ T2812]  ffff888065461980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  145.740785][ T2812] ==================================================================
[  145.748919][ T2812] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  145.756119][ T2812] CPU: 0 PID: 2812 Comm: kworker/u8:7 Not tainted 6.10.0-rc5-syzkaller-01200-gcda91d5b911a #0
[  145.766367][ T2812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  145.776442][ T2812] Workqueue: l2tp l2tp_tunnel_del_work
[  145.781927][ T2812] Call Trace:
[  145.785225][ T2812]  <TASK>
[  145.788164][ T2812]  dump_stack_lvl+0x241/0x360
[  145.792854][ T2812]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.798065][ T2812]  ? __pfx__printk+0x10/0x10
[  145.802667][ T2812]  ? vscnprintf+0x5d/0x90
[  145.807012][ T2812]  panic+0x349/0x860
[  145.810912][ T2812]  ? check_panic_on_warn+0x21/0xb0
[  145.816042][ T2812]  ? __pfx_panic+0x10/0x10
[  145.820466][ T2812]  ? mark_lock+0x9a/0x350
[  145.824806][ T2812]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  145.830709][ T2812]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  145.836620][ T2812]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  145.842965][ T2812]  ? print_report+0x502/0x550
[  145.847663][ T2812]  check_panic_on_warn+0x86/0xb0
[  145.852610][ T2812]  ? l2tp_tunnel_del_work+0xe5/0x330
[  145.857890][ T2812]  end_report+0x77/0x160
[  145.862158][ T2812]  kasan_report+0x154/0x180
[  145.866657][ T2812]  ? l2tp_tunnel_del_work+0xe5/0x330
[  145.872117][ T2812]  l2tp_tunnel_del_work+0xe5/0x330
[  145.877233][ T2812]  ? process_scheduled_works+0x945/0x1830
[  145.882946][ T2812]  process_scheduled_works+0xa2c/0x1830
[  145.888500][ T2812]  ? __pfx_process_scheduled_works+0x10/0x10
[  145.894562][ T2812]  ? assign_work+0x364/0x3d0
[  145.899143][ T2812]  worker_thread+0x86d/0xd50
[  145.903727][ T2812]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  145.909710][ T2812]  ? __kthread_parkme+0x169/0x1d0
[  145.914734][ T2812]  ? __pfx_worker_thread+0x10/0x10
[  145.919839][ T2812]  kthread+0x2f0/0x390
[  145.923896][ T2812]  ? __pfx_worker_thread+0x10/0x10
[  145.928989][ T2812]  ? __pfx_kthread+0x10/0x10
[  145.933566][ T2812]  ret_from_fork+0x4b/0x80
[  145.937974][ T2812]  ? __pfx_kthread+0x10/0x10
[  145.942553][ T2812]  ret_from_fork_asm+0x1a/0x30
[  145.947311][ T2812]  </TASK>
[  145.950423][ T2812] Kernel Offset: disabled
[  145.954733][ T2812] Rebooting in 86400 seconds..