last executing test programs:

6.058956802s ago: executing program 1 (id=3746):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x7002})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
pread64(0xffffffffffffffff, &(0x7f0000002200)=""/89, 0x59, 0x10000)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x0, 0x0, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10)
setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffff08004500001c000000008002907800000000e000030000009078006400d20000"], 0x0)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000001a00010729bd7000fbdbdf25028010f9fd16fd0b00100000"], 0x1c}, 0x1, 0x0, 0x0, 0x24000844}, 0x4800)
shutdown(r6, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={<r8=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
sendmmsg$inet_sctp(r5, &(0x7f0000000b40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0xfffffffffffffeca, 0x4040011}, {&(0x7f0000000080)=@in6={0xa, 0x4e24, 0xfff, @dev={0xfe, 0x80, '\x00', 0x11}, 0x9}, 0x1c, &(0x7f0000000440)=[{&(0x7f00000002c0)="f98b34e31db118a670067377bbc7f2278281e7100422af59ec38a5c878490ab739718ff1d4afebaf848e48fc98ed", 0x2e}, {&(0x7f0000000340)="100b999fd8e6b91d2df5446f020ee715e0b671a1e3867351101c8c7b42e7a53c886a1997e9697ab379ba0021092f2627e1b9e2c54e7ea27b51d4bc68bd6638291182c07337b02925a2d3bbf00b", 0x4d}, {&(0x7f0000000bc0)="4c3fb9c9ca573afc45dea22d7d82c6c9b56d353e2d5a0491c903e952caa9ce042abc3efc84ffe906fb4002d4381a12c8df49dd83656567d3dd5333658eb2366b5181fa5720a9d1b48268cbf5c3dc4003d1aeb72b158d9f744a3ce7d1505fe7fd13d6364d96d32ebba26a1f9939b21ee1f9a5be87a81c0086640ec1dec6adada188d5bf2ade34666202cee012bc28c6fab21e53e4086c1faee0240a92725c16ca8d8daacccf9690c258971fbf4d48", 0xae}, {&(0x7f0000000400)="73ed1e4276f42898080d3aaa92ebf4e1190b2846e338117f5d5330ad87ce02d2d9640e8efddb74f7e4a7376ec201014ba84f72875701", 0x36}, {&(0x7f0000000580)="3dcee2a5a24701169f16785ff8ea804f87fbd5a6aa734d155a46c9254356756daedd7e453760938924cfb00ccc084d727fde3610cdb1efbe570589fb4e3e06fbc0f71adb04d9496515335c3c7d71d076547fe4e83cfb1f6f5cb5968d156d68f442ca3e2096719214005690da8e1f3cc91241470525da91b11f9f0e01c9e289902dbf4af58fc4983db38ae5933d0c42ba014d793e3c12dbdbff919da9", 0x9c}, {&(0x7f0000000a40)="aa387c81c2c4e240dcda199d48f4d45296a59444de3189a1fbdb86e50d24b3887292e80de52e4e0ce82f6b7d3a9ee8d64280bc05a990d3162a407d426d6fd8ef6906821e9f40be8fcedc49ef5ecc2a6d7877533d891611d5b8caf909414726c9d0e06dd3d0c564176560fcb266500c2b9c42ed286d46ce8929561572e9d2211c4bdc60bb0a023f1739db4af4a2b1fd0e14312e15ea519ca6b9de7229d8c4d95f3efc5f6b38aedeb1eee88d40181c4f90b91a33286887b12c70428d6ea150d59fad", 0xc1}, {&(0x7f0000000940)="3c26bdfc4e69e8e97aaac6850f65483eb5db5e63ba96813ea0dfb0cf96b64ae70f7e6fe548ea912effd679ce3915bc08478d7d27048ac4957f3315f2fbd72f43bead3f20c3f0e0470f4bb16035fc49990e3e06c9e5196283b6e0de3ecc491e4e45ff3ab9c823bd40c8d272312aeee3bdca4eecb5451140ee3eaed6990068238fc1999bdbde648cbcfb373a3029654b60c1ccbe40559892b6259dfa85710a405626dce1baa4bcf5b5483dcb26b209fb7f9cb00f419acbc6638644a48b518077105ee57c427648998c67126a29298586f2a7fee3592262222d2cb3305a6145dfb5e4ed23760ac86d70044cbcbe06766b226c39f986", 0xf4}], 0x7, &(0x7f0000000a40), 0x0, 0x82}], 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1b, &(0x7f0000000240)={r8}, &(0x7f0000000280)=0x8)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)
unshare(0x62040200)
write$tun(0xffffffffffffffff, 0x0, 0x3e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

4.337907613s ago: executing program 1 (id=3759):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb060018000000000000004c0000004c000000080000000800000004000004030000000300000004000000090000000100000000000000030000000000000062d60000060000000d000000000000000400000001000000000000110200000009000000002e6e302e2e0000"], &(0x7f0000000300)=""/26, 0x6c, 0x1a, 0x1, 0xa, 0x10000}, 0x28)
r1 = socket$inet6(0xa, 0x2, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x9, 0x2d, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000010000000000000000300000018110000033f3b59ed09d4e635381ea11f973f2c22758643bf26acdc09a3b94b23822559b300124027bd1755a4c1c331cbfca0d33dbc910f45cae250c898cdaf2532e99275b80a8a021ba8ad326bc2e5a05ba65f57e164137c78836d1faa032a59e444e1e737a7eed94a577c410152bc605b429770a01f7f624ece22da79ad8eeff4100205643d81d5939a6378e611b72780b47dce898b9266d9f4930c1b418d6f4ee3bd8737cbc2e08bde96c04934d3bb756faf8cba4dd7a6f93bb51521469cbfc56305087c707c15e440c778ecb7468b4edd3e7bff47583ff55fb0a63451c110e6263e", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300004d0300008500000006000000180000000700000000000000000080f81832000005000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000850000006100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000880)='GPL\x00', 0x7, 0x90, &(0x7f0000000b00)=""/144, 0x41100, 0x9, '\x00', 0x0, @cgroup_sock=0xc, 0xffffffffffffffff, 0x8, &(0x7f0000000c00)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000c40)={0x1, 0x2, 0x8, 0xc}, 0x10, 0x0, 0xffffffffffffffff, 0x7, &(0x7f0000001240)=[0xffffffffffffffff], &(0x7f0000001280)=[{0x4, 0x3, 0xd, 0x2}, {0x1, 0x5, 0xa}, {0x0, 0x1, 0x9, 0x2}, {0x0, 0x5, 0x5, 0x8}, {0x2, 0x5, 0xe, 0x5}, {0x2, 0x4, 0x7, 0x1}, {0x5, 0x4, 0x4, 0x9}], 0x10, 0x214}, 0x94)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f00000002c0)=ANY=[@ANYBLOB="2c02020000000000000000000000ffffffffffff00000000"], 0x18)
getsockname$packet(0xffffffffffffffff, &(0x7f00000006c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000700)=0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', r2, @fallback, r0, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x2}, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002fc0)=[{{&(0x7f0000000340)={0xa, 0x4e23, 0xfffffff9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x9}, 0x1c, &(0x7f00000004c0)}}, {{&(0x7f0000000500)={0xa, 0x4e22, 0x0, @remote, 0x40}, 0x1c, &(0x7f0000000b00)}}], 0x2, 0x24000045)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, &(0x7f0000000040))
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1d, 0x0, 0x0, &(0x7f0000000680)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x53, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d80), &(0x7f0000000dc0), 0x10, 0x5}, 0x94)
bpf$PROG_BIND_MAP(0x1c, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
unshare(0x62040200)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}}, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r8, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000580)=""/230, 0xe6}, {&(0x7f00000004c0)=""/168, 0xa8}, {&(0x7f0000000900)=""/106, 0x6a}, {&(0x7f00000000c0)=""/26, 0xfe4b}], 0x4}, 0x2000000}], 0x2, 0x101, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, 0x0, 0x0)

3.866599533s ago: executing program 4 (id=3762):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'macvlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x8040600)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r3, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000d40)=ANY=[@ANYBLOB="8400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000540012800c0001006d6163766c616e0044000280060002000100000008000100010000000800030003000000080007000500000008000100100000000600020001000000100005800a000400aaaaaaaaaa2e000008000500", @ANYRES32=r1, @ANYBLOB="08000a00fb"], 0x84}, 0x1, 0x0, 0x0, 0x8040}, 0x20008040)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x2710, @host}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x1c, 0x3, 0x1, 0x201, 0x0, 0x0, {0x0, 0x0, 0xa}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x802}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000844}, 0x8000080)

3.185979256s ago: executing program 4 (id=3766):
r0 = socket(0x10, 0x5, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0xfffc, @rand_addr=0x64010101}, 0x10)
ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000080)=@req={0x28, &(0x7f0000000040)={'ipvlan1\x00', @ifru_mtu}})
getsockopt(r0, 0x200000000114, 0x2715, 0x0, &(0x7f0000000000))

3.130979801s ago: executing program 4 (id=3768):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x38, r0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xf4, 0x2}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x177f}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x8}]]}, 0x38}, 0x1, 0x0, 0x0, 0xd37697ff280d3c0e}, 0x4001)

2.954554079s ago: executing program 4 (id=3770):
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000004180)=ANY=[], 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[], 0x20}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x118, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0xdc, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0xbc, 0x1, [@m_skbedit={0x84, 0x16, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x5, 0x2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x5, 0x1, 0x1, 0x0, 0x2}}]}, {0x36, 0x6, "ff4418d4ef9fd207b883462bcf096233339e2b38fe56e3b81dbddd096859c2fb2a5a77e9a066c1e557df2976cb861888cc8f"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_connmark={0x34, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_FLAGS_GEN={0x8}]}}]}, 0x118}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, 0x0, 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

2.893309488s ago: executing program 4 (id=3773):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum64={0xb, 0x0, 0x0, 0x13, 0x1, 0x8}]}}, &(0x7f0000001f80)=""/212, 0x26, 0xd4, 0xa}, 0x28) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)=@dellinkprop={0x100, 0x6d, 0x800, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x1e1a0, 0x2}, [@IFLA_PORT_SELF={0x28, 0x19, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "68f5e87154e1f189df77e2e149bd1d8f"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0xfe}, @IFLA_PORT_VF={0x8, 0x1, 0xfffffffb}]}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_BROADCAST={0xa, 0x2, @local}, @IFLA_WEIGHT={0x8, 0xf, 0xfffffffa}, @IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x3c, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6}, @IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_IPVLAN_MODE={0x6}, @IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x3}, @IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x2}, @IFLA_IPVLAN_MODE={0x6, 0x1, 0x1}, @IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x2}]}}}, @IFLA_LINK_NETNSID={0x8}, @IFLA_PROP_LIST={0x40, 0x34, 0x0, 0x1, [{0x14, 0x35, 'nicvf0\x00'}, {0x14, 0x35, 'batadv_slave_1\x00'}, {0x14, 0x35, 'ipvlan0\x00'}]}, @IFLA_TARGET_NETNSID={0x8}]}, 0x100}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000)

2.779178801s ago: executing program 4 (id=3775):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="060000000400000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0, <r1=>0xffffffffffffffff}, 0x4)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x5)
splice(r2, 0x0, r4, 0x0, 0x80, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x28, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x58}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @alu={0x4, 0x0, 0x3, 0x2, 0x6, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @map_val={0x18, 0xa, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x5e}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @jmp={0x5, 0x0, 0x4, 0x4, 0x2, 0x4, 0xffffffffffffffff}, @func={0x85, 0x0, 0x1, 0x0, 0x4}]}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.714118452s ago: executing program 1 (id=3776):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0) (async)
unshare(0x24060400)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x15, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) (async)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x34, &(0x7f0000000080)=r2, 0x4) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(0x0, r4) (async)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, 0x0, 0x0) (async)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r8=>0x0)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r7, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}]}, 0x1c}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=<r9=>0x0)
r10 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r11) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r10, 0x0, &(0x7f00000000c0)=<r13=>0x0)
sendmsg$NFC_CMD_DEV_UP(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r13], 0x1c}}, 0x0)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r7, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r13}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000084}, 0x0)

2.536890198s ago: executing program 0 (id=3779):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x23}, @printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000180)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x1c, &(0x7f0000001080)=[@in6={0xa, 0x4e20, 0x4, @dev={0xfe, 0x80, '\x00', 0x23}, 0x3}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x4e24, 0x5, @empty, 0x4}}}, &(0x7f0000000040)=0x84)
unshare(0x20000400)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_PROG_QUERY(0x9, &(0x7f00000005c0)={@ifindex, 0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000002380)=""/4107, &(0x7f00000000c0)=0x1012)

2.423312094s ago: executing program 0 (id=3780):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'wg0\x00', 0x400})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000002c0)={'veth0\x00', 0xe00})

1.942987665s ago: executing program 3 (id=3782):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
unshare(0x62040200)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r1, 0x5421, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002021702500000000002020207b1af8ff00000000bfa10000951234d35864aa628023ce005f3d367c00000701fefff7ffffffb702000008000000b703003e6d000083850054308de8c7749781c53da224ccde11e158"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000061000000b70000004000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r3, 0x29, 0x3c, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xf)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_type(r4, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r5, &(0x7f0000000280), 0x9)
r6 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
r8 = openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000200)=0x1, 0x12)

1.851977775s ago: executing program 2 (id=3783):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}}}, 0x24}}, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r5}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001780)=ANY=[@ANYBLOB="1400"], 0x14}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r6)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="6d932bbd700000000000010000000800030003000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000014c0)=@newtfilter={0x48, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {}, {}, {0xd, 0xe}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x3, 0xfff2}}, @TCA_FLOWER_KEY_ETH_SRC={0xa, 0x6, @broadcast}]}}]}, 0x48}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r10}, 0x10)
r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
r13 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
close(r13)
sendmsg$SMC_PNETID_DEL(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000021c0)={0x20, r12, 0x1, 0x0, 0x0, {0x3, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x40030000000000}, 0x0)
sendmsg$nl_xfrm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="6c0100001000130700000000fcdbdf25e000000100000000000000000000000000020000000000000000000000000001000000004e2100020a0000006c000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ffffffff000000000000000000000000000000fe3200000000000000000000000000ffffac1414bb000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000050000000000000043050000000000000700000000000000ffffffffffffff7f000000000000000000000000000000000000000000000000000000002cbd70000035000002000400500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d3854faa140db9a200000000c538c7cb7a1c0004"], 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r14 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x18, r14, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0x4}]}, 0x18}}, 0x0)

1.793791576s ago: executing program 1 (id=3784):
unshare(0xa612de5ebfd882c3)
unshare(0x4000000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0200000004000000080000020100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES8=r0], 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1000})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000010040b7080000000000007b8af8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES64=r1, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x38}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68a75f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014000000008080002"], 0x1ec}}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0xffffffffffffff9b}, 0x40002101)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f0000000040)={0x1, &(0x7f00000009c0)=[{@none}]})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0904000000000000000002000003300004802c0001800c00010062697477697365001c00028008000340000000690800014000000004080002400000000a0900010073797a30000000000900020073797a3200000000140000001100010000000000000000430000080a0bf4ac004fd4ff1d90688cceb113fc3e87892e0b8ddaec115d0865f94237d358c66d5a7c4f8ae16f2bf6ae5c275fe6b393aac3b9148a30c62bb0021ec3c6f702a38f4659b8db53b7c8851b8df125b6c1a1a892df1d4cabcc4bee15ee0b55fb0f6c9ffc401d0686a6eadec4b46e52ab6ff9f7c54f0aa8727f5b736a3a450ddbb8959499768d56193b33e55b0d22c3cb064a6e0000000000000000"], 0x84}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
socket$unix(0x1, 0x5, 0x0)
unshare(0xa612de5ebfd882c3) (async)
unshare(0x4000000) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0200000004000000080000020100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES8=r0], 0x50) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) (async)
ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1000}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000010040b7080000000000007b8af8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES64=r1, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x38}, 0x94) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68a75f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014000000008080002"], 0x1ec}}, 0x0) (async)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58) (async)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800) (async)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) (async)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0xffffffffffffff9b}, 0x40002101) (async)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) (async)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r3, 0x800448d2, &(0x7f0000000040)={0x1, &(0x7f00000009c0)=[{@none}]}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0904000000000000000002000003300004802c0001800c00010062697477697365001c00028008000340000000690800014000000004080002400000000a0900010073797a30000000000900020073797a3200000000140000001100010000000000000000430000080a0bf4ac004fd4ff1d90688cceb113fc3e87892e0b8ddaec115d0865f94237d358c66d5a7c4f8ae16f2bf6ae5c275fe6b393aac3b9148a30c62bb0021ec3c6f702a38f4659b8db53b7c8851b8df125b6c1a1a892df1d4cabcc4bee15ee0b55fb0f6c9ffc401d0686a6eadec4b46e52ab6ff9f7c54f0aa8727f5b736a3a450ddbb8959499768d56193b33e55b0d22c3cb064a6e0000000000000000"], 0x84}, 0x1, 0x0, 0x0, 0x40010}, 0x0) (async)
socket$unix(0x1, 0x5, 0x0) (async)

1.66955273s ago: executing program 0 (id=3785):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001000010000000000fedbdf25070000001300000008000000", @ANYRES32, @ANYBLOB="10001a800586350e010000003cac7ecd040037"], 0x34}], 0x1}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)={0x3c, r2, 0x1, 0x1000000, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'vlan0\x00'}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_WIN={0x4b, 0x3, 0x3a1}]}]}]}, 0x3c}}, 0x0)

1.575059938s ago: executing program 2 (id=3786):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0)
socket(0x10, 0x3, 0x0)
unshare(0x40000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(0x0, r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000280)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x10000, 'syz0\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xfffffdb6, 0x2, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = socket(0x29, 0x2, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000140), 0x4)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014008000008080002"], 0x1ec}}, 0x0)
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0xffff, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]})
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000440)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x8, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]})
socket$inet_sctp(0x2, 0x5, 0x84)

1.459249463s ago: executing program 1 (id=3787):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x4, 0x80000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xd, 0xffe0}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8}]}}]}, 0x3c}}, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x0, 0xfffffffe, 0x0, 0x100}, 0x1c)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r1, 0x0, 0x0)
recvfrom$packet(r0, &(0x7f0000000540)=""/81, 0x51, 0x0, &(0x7f0000000140)={0x11, 0x4, 0x0, 0x1, 0x4}, 0x14)
setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000080)=0x8, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x20000056)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f0000000200)=0xb2, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x50, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast2}}}]}]}, 0x50}}, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' @\x00\x00', @ANYRES16=0x0, @ANYBLOB="000325bd7000fbdbdf25050000000c000980080002000300000004"], 0x24}}, 0x4004)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x51b, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc}, {0xc, 0x6}}}, @m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0xa0}}, 0x0)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e0001"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r2, 0x80047210, &(0x7f0000000000))
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.390793632s ago: executing program 0 (id=3788):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="0f00000004000000080000000200000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0x7, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r3, 0x0, 0xd}, 0x18)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r5, 0x0, 0x484, &(0x7f00000000c0)=""/24, &(0x7f0000000100)=0x18)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
sendmsg$netlink(r0, &(0x7f0000007d80)={0x0, 0x0, &(0x7f0000007d00)=[{&(0x7f0000000b00)=ANY=[@ANYBLOB="140000006a0015"], 0x14}], 0x1}, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000080)=ANY=[@ANYBLOB="cf0400000000000000001300", @ANYBLOB="0400130006001200000000000600b500850100000a0006"], 0x40}}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r7, 0x0, 0x29, &(0x7f0000000280)="20e1", 0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, &(0x7f0000000000), 0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}}, 0x4010)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004a40)=ANY=[@ANYBLOB="c0260000410007010000000007000000027c00000400fc80a72601"], 0x26c0}}, 0x4010)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r11, 0x400448e3, &(0x7f0000000100)={0x0, 0x4000, '\x00', 0x2})
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x11, r6, 0x3fcb7000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1a, 0x2, &(0x7f0000000000)=ANY=[@ANYRES8=r11], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x51}, 0x94)

1.219388771s ago: executing program 2 (id=3789):
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067f", 0x13}], 0x1)
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x9, &(0x7f0000000380), 0x98)
r1 = socket$inet(0xa, 0x801, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, @in={0x2, 0x4e22, @local}], 0x20)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x5)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000140), 0x4)
accept4(r1, 0x0, 0x0, 0x0)

1.049140231s ago: executing program 2 (id=3790):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @remote}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0x72}}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

935.091596ms ago: executing program 3 (id=3791):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
socket(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001c40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af9cc9e5ef6bda9df2c3af36effff9af2551ce935b0f327cb3f011a2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10738d3c9f7a98eccb26f7e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084075ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcb1a47a87baf63e4edf11c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b71e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f0800000000ea46c07adee10d0f2bc85cf37182256e4fd8f56942726efc07180eaa5421d697665c8bacd39cdb392e6153af80bc1a69e3bfab032e78c9a96eab13be845a0d44ef2a4ab414ac2e4802a3b5d3aa2a4a4fc259206d97d0cc1602d6b45ff414c53fc9f5f68438f0423e168a97923ca0464b40b2f797841fb2bb2e5ad9feff37220ab7c34f4c382c247e7735ad"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x1c)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
write(0xffffffffffffffff, &(0x7f0000000640)="81e87fd252b207469d5923e565a3599fc46dddf00a42bd392af8f50ea1640b2522a90dd9afe62b950377c97e7e9bf14de575b9e3f0b553b443eda0c2c1dea3aec4e3cfdfaa1baed6e9ccd9dafb5a04f4c9753e540535da6420c2f40a819b6f6ea2810964ae6575d7b2d7d88c1f13684ca759160cdcf2581d32791750220d7a3deab50fb0602a9f17a4bce4a8394cde2b7480f93aed7d583bfbc57b665e6850054d91a52b75e40cc72228a9", 0xab)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x19}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (fail_nth: 40)

909.84137ms ago: executing program 2 (id=3792):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route_sched_retired(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@delqdisc={0x5c, 0x25, 0x400, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x6, 0xf}, {0x4, 0xd}, {0xb, 0xffe0}}, [@q_dsmark={{0xb}, {0x14, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x13}]}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x2d}]}}]}, 0x5c}}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b0001006272696467650000400002800800050001"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

390.088869ms ago: executing program 3 (id=3793):
r0 = socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1800002, 0x10, r0, 0xbea5000)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
recvmmsg(r1, &(0x7f0000007340)=[{{&(0x7f0000000000)=@ax25={{0x3, @null}, [@default, @rose, @bcast, @rose, @rose, @netrom, @remote, @rose]}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000080)=""/240, 0xf0}, {&(0x7f0000000180)=""/193, 0xc1}, {&(0x7f0000000280)=""/99, 0x63}, {&(0x7f0000000300)=""/211, 0xd3}, {&(0x7f0000000400)=""/64, 0x40}], 0x5, &(0x7f00000004c0)=""/158, 0x9e}, 0x7}, {{&(0x7f0000000580)=@ax25={{0x3, @rose}, [@netrom, @netrom, @null, @rose, @netrom, @default, @bcast, @rose]}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000600)=""/192, 0xc0}], 0x1, &(0x7f0000000700)=""/132, 0x84}, 0x8}, {{&(0x7f00000007c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f0000001d00)=[{&(0x7f0000000840)=""/179, 0xb3}, {&(0x7f0000000900)=""/168, 0xa8}, {&(0x7f00000009c0)=""/140, 0x8c}, {&(0x7f0000000a80)=""/70, 0x46}, {&(0x7f0000000b00)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/206, 0xce}, {&(0x7f0000001c00)=""/149, 0x95}, {&(0x7f0000001cc0)=""/34, 0x22}], 0x8, &(0x7f0000001d80)=""/247, 0xf7}, 0x9}, {{0x0, 0x0, &(0x7f0000004180)=[{&(0x7f0000001e80)=""/4096, 0x1000}, {&(0x7f0000002e80)=""/120, 0x78}, {&(0x7f0000002f00)=""/156, 0x9c}, {&(0x7f0000002fc0)=""/27, 0x1b}, {&(0x7f0000003000)=""/175, 0xaf}, {&(0x7f00000030c0)=""/146, 0x92}, {&(0x7f0000003180)=""/4096, 0x1000}], 0x7, &(0x7f0000004200)=""/125, 0x7d}, 0xfffffffd}, {{0x0, 0x0, &(0x7f0000004400)=[{&(0x7f0000004280)=""/244, 0xf4}, {&(0x7f0000004380)=""/85, 0x55}], 0x2, &(0x7f0000004440)=""/8, 0x8}, 0xff}, {{0x0, 0x0, &(0x7f0000004700)=[{&(0x7f0000004480)=""/128, 0x80}, {&(0x7f0000004500)=""/167, 0xa7}, {&(0x7f00000045c0)=""/214, 0xd6}, {&(0x7f00000046c0)=""/22, 0x16}], 0x4, &(0x7f0000004740)=""/162, 0xa2}, 0x3ef2423}, {{0x0, 0x0, &(0x7f00000059c0)=[{&(0x7f0000004800)=""/199, 0xc7}, {&(0x7f0000004900)=""/4096, 0x1000}, {&(0x7f0000005900)=""/190, 0xbe}], 0x3, &(0x7f0000005a00)=""/166, 0xa6}, 0xfff}, {{&(0x7f0000005ac0)=@pppol2tpv3={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000005b40), 0x0, &(0x7f0000005b80)=""/134, 0x86}, 0xc0}, {{0x0, 0x0, &(0x7f0000007180)=[{&(0x7f0000005c40)=""/231, 0xe7}, {&(0x7f0000005d40)=""/191, 0xbf}, {&(0x7f0000005e00)=""/90, 0x5a}, {&(0x7f0000005e80)=""/160, 0xa0}, {&(0x7f0000005f40)=""/4096, 0x1000}, {&(0x7f0000006f40)=""/193, 0xc1}, {&(0x7f0000007040)=""/38, 0x26}, {&(0x7f0000007080)=""/137, 0x89}, {&(0x7f0000007140)=""/14, 0xe}], 0x9, &(0x7f0000007240)=""/199, 0xc7}, 0x6}], 0x9, 0x0, &(0x7f0000007580)={0x77359400})
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f00000075c0))
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007640), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000007680)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_PMK(r1, &(0x7f0000007740)={&(0x7f0000007600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000007700)={&(0x7f00000076c0)={0x34, r3, 0x400, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x20000000)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000007780)={0x1b, 0x0, 0x0, 0xc8000000, 0x0, 0x1, 0x101, '\x00', 0x0, r0, 0x2, 0x4, 0x4}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000007880)={r5, 0x58, &(0x7f0000007800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, &(0x7f00000078c0)=@rose)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000007900)=0x15, 0x4)
socket$igmp6(0xa, 0x3, 0x2)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000007b40)={0x11, 0x20, &(0x7f0000007940)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7c19b3df, 0x0, 0x0, 0x0, 0xcc}, [@map_val={0x18, 0xa, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x5}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x467}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @generic={0x8, 0x0, 0x8, 0x5, 0x9}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000007a40)='GPL\x00', 0x10, 0x0, 0x0, 0x41100, 0x47, '\x00', r6, @fallback=0x37, 0xffffffffffffffff, 0x8, &(0x7f0000007a80)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000007ac0)={0x4, 0x7, 0x9, 0xfff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000007b00)=[r5, r5, r5, r5, r5, r5, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x8}, 0x94)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000007c00)=r8)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$NL80211_CMD_SET_BEACON(r2, &(0x7f0000007d40)={&(0x7f0000007c40)={0x10, 0x0, 0x0, 0x2000a000}, 0xc, &(0x7f0000007d00)={&(0x7f0000007c80)={0x48, r3, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x6, 0x73}}}}, [@NL80211_ATTR_IE={0x1e, 0x2a, [@mic={0x8c, 0x18, {0x7de, "81cc2f039126", @long="20493b9a60caaad70169e474366a8577"}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000140}, 0x800)
bind$netlink(r2, &(0x7f0000007d80)={0x10, 0x0, 0x25dfdbfb, 0x20000}, 0xc)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
recvfrom$l2tp6(r2, &(0x7f0000007dc0)=""/106, 0x6a, 0x40012000, &(0x7f0000007e40)={0xa, 0x0, 0x0, @initdev}, 0x20)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000007ec0), r2)
sendmsg$TIPC_NL_BEARER_SET(r9, &(0x7f0000008080)={&(0x7f0000007e80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000008040)={&(0x7f0000007f00)={0x128, r10, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}]}, @TIPC_NLA_SOCK={0x90, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1de}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x46}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8e}]}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x401}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xcf01}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7f}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_LINK={0x50, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xee1}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6093}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x59}]}]}, @TIPC_NLA_MEDIA={0x4}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x4}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000081c0)={@map=r5, 0x20, 0x0, 0x79a, &(0x7f00000080c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000008100)=[0x0], &(0x7f0000008140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000008180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r11=>0x0}, 0x40)
r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000008240)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000008580)={r8, 0xe0, &(0x7f0000008480)={0x0, <r13=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000008280)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x4, &(0x7f00000082c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000008340)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x78, &(0x7f0000008380)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000083c0), &(0x7f0000008400), 0x8, 0x6d, 0x8, 0x8, &(0x7f0000008440)}}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000008200)={@cgroup=r12, 0xffffffffffffffff, 0x24, 0x21, r8, @void, @void, @void, @value=r13, r11}, 0x20)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r2, 0x28, 0x2, &(0x7f00000085c0)=0x2000000000000000, 0x8)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000008600)=<r14=>0x0)
sendmsg$nfc_llcp(r9, &(0x7f0000008b40)={&(0x7f0000008640)={0x27, r14, 0x0, 0x7, 0xc8, 0x10, "2857c2c32e222f3cacd41597737d052f21f6f132dbf336b35797e4721354b5c68d628122908455825891cc71730100807aa47c2e3947cf3d29ad275c211614", 0x13}, 0x60, &(0x7f0000008a00)=[{&(0x7f00000086c0)="a1e0f92fb61dc7aa4f91f35d67e3fd77b38e4c0f28a41a6707f6422a11529ccb170996b096e3d36f3941a5b218685b1288b3b11762bdbbed65315b7ad0f4dc1301b08adfa9d8435e51d4af30b5b2c325", 0x50}, {&(0x7f0000008740)="3d6eece6f10eb86a2b5403cf5ebbc10da5ebbb45d54e3f78c69af97585e4d3c89cbf4d8a1f2d2a01aa8b3807fec37d98ef8908069935d0cb5635d59a47d4a9b3f49ac27f40c6aa4190afe83e044109008a4c2eba81b983000d626d303b06486e9cfc7ad5ec757c544df1781ebfe01c9cfbc935ef9917f10a2aa09df8b5e1a7101c", 0x81}, {&(0x7f0000008800)="ef433c0566c7668ad0d3b21bc1eadc0cb7511b4e3cd8065807f5c7ecc63ccc95a30474d34a8591205080e418cb0cfbe57cffbe432f03a6233cdb253be3e227ee5e5f07273b104c73d2bc45d6363f14bfa4342c51a71aee8becc43bec97f8ad2a33f0cd9fe6ee767a4d466195b7ae6580567bda2d251c44c9f1bc26af8cf8f8a3e4644946606fba32aedd8e3ecca7017aeb1c03343bbfed21a66077b4d54f50e13bba9129d0c09fde54fa6c530cf8b99e895cdc888a56694b220d02e5ac24d4dc9111b1091612612fdd7c62144b6abf41bd874ffbf8c7e7212a2aad01a6b16971de6881f23e3e2369742429638cae15b37c05438517fdc82d0e935aeab8c7", 0xfe}, {&(0x7f0000008900)="dda16cf2efbc3c47cf740a74e40fef6da212120892b28f6af80a879aa6fbe89169ee3647550a6c7884cb9b32ada535f610a242179c29038f79d8a7dbfa2f2a2128d4d4dba281ac535ed2166dbed65ea2b5f6ec9a4f64013a601fc6f9c7c36942fcc5f8c31b1bef0b6668b71ad0407d675d9df5fc08058b799854037ffaec53d187fc398a0a55956bd1b55566a9c0a3f37657a6ae436c32e53d299e6671c16882e25e2e468d5cb938aff6274ab922bf1a7d5f4441381cb26708ac83b5cab4a704bab856597f327d4dd298e28e8468332d65c1e2bec8d687549ffe9f823750b04f76f27a50fc9746dceb3752ec61f63ec01ee0488c37b4a84e48", 0xf9}], 0x4, &(0x7f0000008a40)={0x100, 0x112, 0xf0b, "8c2c4973c1cdb5c8caa8f8a1c88a0310f08368a4366350b517e4a2c1f1d1b7d173f994d3c9607da2156afb98b4854673c0f36797ac8291ab7365ef3390bae8e3ab15d47010eac8421333fe74799b368dfa6eefd656bdc5a1dfbb5db300d934d5ec7be0b0d6d37bba5e4b02d0c97323e4d3532ff3e666e481db30e77a8d29550c5eb01f107ae0695290ca2c3d312e9171900c99378d981e02fa9d93b6fab73fee2a135fde7a31669dae3306483519487d749c8e20f8e356afe81d4632b8b36af8c99d64321b4b0a22dfe8de739e492439738224da86284c9776ac215279fa8564e3ddcb4684b23ccd53ab2d3a3d1d3da6"}, 0x100, 0x6159cd9fdefc064c}, 0xc000)

307.004216ms ago: executing program 0 (id=3794):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x10, 0x80002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'veth0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x4, 0xf}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x4, 0xf}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
socket(0x400000000010, 0x3, 0x0) (async)
r5 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0) (async)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000800)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x24, 0x2c, 0xc20, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0x4, 0xa}, {0x0, 0x5}, {0xc, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4048008}, 0x20004804)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), r8)
sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000800000003000000100001800a00010069623a6c6f000000555a00c438d1baf86c648dac501c2d6ca7ecea34953a9fc1872f3a5f602de69f7e21890363d9ceb642a5e4f28395d36c7bf5a709844974fc58215904464e896c1f42acf73697446d7c4ece8080b17668aaacb8c17eebea6616fd3f874ba452cff7a3c179970fd29ad8d7ce787b4e79cd8dbc21f7a00f49804a871b82436372c7606a7f2f8d96"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000004)
socket$netlink(0x10, 0x3, 0x0) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4007007bbd00030500"/20, @ANYRES32=0x0, @ANYBLOB="15010000000000002400128009000100626f6e6400000000140002800500010002000000060019007bb10000"], 0x44}}, 0x2000c085)
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000200)=""/76, 0x0, 0xc00, 0x0, 0x3}, 0x20)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x7, 0x4, 0x430, 0x240, 0x110, 0x0, 0x348, 0x348, 0x348, 0x4, &(0x7f00000001c0), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffffffffffffd}}}, {{@arp={@private=0xa010101, @empty, 0xffffff00, 0x8c6e5c79b278119, 0x8, 0xa, {@mac=@remote, {[0xff, 0xff, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, 0x400, 0x8, 0x2, 0x14, 0x1, 0x0, 'bridge_slave_0\x00', 'bond0\x00', {0xff}, {}, 0x0, 0x35}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x9, 0x7f6c, 0x9, 0x0, 0x0, "e83d9531ea3483863885e7f6f60d6691c74c58c8ad6a7b3637f60fa978f602a93a643274dc42f9100be637af33b604aca5b19b6efde989025ecbd7005f2444a6"}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x3ff, {0x40000000000000}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x480) (async)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x7, 0x4, 0x430, 0x240, 0x110, 0x0, 0x348, 0x348, 0x348, 0x4, &(0x7f00000001c0), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffffffffffffd}}}, {{@arp={@private=0xa010101, @empty, 0xffffff00, 0x8c6e5c79b278119, 0x8, 0xa, {@mac=@remote, {[0xff, 0xff, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, 0x400, 0x8, 0x2, 0x14, 0x1, 0x0, 'bridge_slave_0\x00', 'bond0\x00', {0xff}, {}, 0x0, 0x35}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x9, 0x7f6c, 0x9, 0x0, 0x0, "e83d9531ea3483863885e7f6f60d6691c74c58c8ad6a7b3637f60fa978f602a93a643274dc42f9100be637af33b604aca5b19b6efde989025ecbd7005f2444a6"}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x3ff, {0x40000000000000}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x480)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) (async)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r12)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$int_in(r10, 0x5452, &(0x7f0000000000)=0xf) (async)
ioctl$int_in(r10, 0x5452, &(0x7f0000000000)=0xf)
epoll_create1(0x80000)
ioctl$SIOCSIFHWADDR(r12, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)

303.398375ms ago: executing program 3 (id=3795):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
listen(r0, 0xffffffff)
sendmmsg(r0, &(0x7f0000000540)=[{{&(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4000}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000300)='>', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0xfe61}}], 0x2, 0xc88c4)
getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000040), &(0x7f0000000140)=0x10)

283.154438ms ago: executing program 2 (id=3796):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYBLOB="0008000000020000bc0012800c0001006d6163766c616e00ac00028008000300010000000800010010000000010004000180c200000300000a00040000000000030000000800070005000000080007000a0000004c0005800a000400aaaaaaaaaabb00000a000400aaaaaaaaaabb00000a0004004ac92f9d35ed00000a000400aaaaaaaaaaaa00000a000400aaaaaaaaaabb00000a000400aaaaaaaaaaaa000006000200010000000a"], 0xf0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x8100, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@dev, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{@in=@private=0xa010101, 0x0, 0x3c}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xfd}, 0x3503, 0x0, 0x0, 0x7, 0x0, 0x6}}, 0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
accept4$phonet_pipe(r5, 0x0, 0x0, 0x80000)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, 0x0, &(0x7f0000000180))
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="78000000070a01020000004a0000000005000006090001007379ce660bf77a3100000000580004805400018009000100261a54f75d7753086d6574610800000044000280080001400000000c080003400000000d08000240000003ff0800014000000000080002400000000108000340002200"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r7)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r7, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

194.147049ms ago: executing program 1 (id=3797):
r0 = socket(0x1, 0x80000, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x81, 0x4, 0x2}, 0x50)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r1, &(0x7f0000000600), &(0x7f0000000340)=@udp6=r2, 0x1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$unix(0x1, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r7)
getsockname$packet(r7, &(0x7f0000000240)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x40)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c000000100001052bbd7400ffdbdf2500000000", @ANYRES32=r8, @ANYBLOB="01600000000000001c0012800900010069707870000000000c00028008000300ac1414bb"], 0x3c}}, 0x84000)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000880)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, 0x12a13, 0x1a001}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}]}}}]}, 0x3c}}, 0x20004000)
r9 = socket$kcm(0x10, 0x3, 0x0)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000200)={0x5}, 0x4)
sendmsg$kcm(r9, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_NOACK_MAP(r3, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x44, 0x0, 0x800, 0xa0f2, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x858}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0xb}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x6a17}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040000}, 0x8000)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="a07f4164340d189b9cfc010000efb4d33f72b449d546ac0c215aa7ca2410872324dc743d71f196723d3909c77ce19310ad649b27cd4cc66d676d2e2fbdfad23a3a2c695aa9c53f1fff177d318e61b18c6ef025bbb9755a042cc1274f94438fd02f6df36733236e0cdd77220a9d5d9a51ce0e39c6b5700e1808c12f42a519ad196d63381519f5bb32a2d6f0f2367835659086064933cae0bbeade3eea6a8ca8c332807e29e24318c50c151aaef815804cde7eafd185757c5afa16201f57", @ANYRES16=r5, @ANYBLOB="00042dbd7000fbdbdf25440000000c009900040000007300000008006b0040000000c8015a800c0003800500040002000000bc0001804100020026053a481f3546281d161f4a013e043c392d2a5209194e38340b120f4909460b04301f0c0645414821074f16004c32310f2d100c0f5253440a47013d5300000005000400000000004a0002003303231c0519153c504815622541380751492136014d1e112d2821082d131f541b291c3897310f1839281d1c052133043443483d23420b404231424b2f313540003118311b410000050006000000000005000700010000000500060001000000050007000100000098000080420002002a10230b11081d52371b2a1e44533e213720001c120f3b3048430b0511014410283342361e57115413232a194e0b3c021f433c1547483300151410271e14000005000600000000000500040001000000140003000e0000025800090007007d0006000500240001006c363630053609010b1812610c0303065e48600b2403f90236045a011b0530300500070002000000640001800500070001000000140003005b080800ff030800ffff8100fcff0400140005000000020007000000040007000000070014000500080008000080050005000f00090047041400050003000900020005000400ff010200ad0b05000400000000000400080108000c0021000000"], 0x1fc}, 0x1, 0x0, 0x0, 0x400c4080}, 0x8800)
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x50, r5, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x200, 0x0)
close(r11)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0xa, 0x80a, 0x7ff)
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})

191.770316ms ago: executing program 3 (id=3798):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000852b1262fac55aa5e000000000000000f9ffffff00fe00000001000084080000000600000001000000030000000000feffffff2d000000"], &(0x7f0000000380)=""/3, 0x46, 0x3, 0x1}, 0x20) (async)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x1c, 0x15, 0x301, 0x0, 0x0, {0xa}, [@typed={0x8, 0x2, 0x0, 0x0, @fd}]}, 0x1c}}, 0x20000080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)={0x2c, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x12}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) (async)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r2, 0x6, 0x9, &(0x7f0000000500)=0x81, 0x4) (async)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001fc0)=@delchain={0x1a8, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2}, {0x0, 0xfff3}, {0x0, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x174, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_POLICE={0x4}, @TCA_BPF_ACT={0x164, 0x1, [@m_mirred={0x160, 0x11, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0xf1, 0xffffffffffffffff, 0x6}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x3, 0x8, 0xe, 0x4}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x5c, 0x4, 0xfff, 0x1}, 0x4}}]}, {0xd1, 0x6, "319bb848351b002738b6c4c50b9141bebb58a1fd9f04e35af9c32268b29dfa1c25c9502b51b55eff39526a56fd0f6d8f94d05679ea0836ee4adecfe3236d2d9a2d17310974eb3856d00a1028999d09c1f69183f20defc6d04e2c20de3729c15f156d19b570d01b6142387bd42a81ccacf99246c39d5c0d6e393d44dab6dd2521c8f0dd94491c7577458990a9641f0c88b8c57718b8f2c791c8d35eeee9461545ee2dd6d5371b63e2755d125610f6fb5c23db3466b1c9e7b9a79e2f269e7e897258f89199853270075498a6c432"}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}}, @TCA_CHAIN={0x8}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x884}, 0x20000080)
r3 = socket(0x10, 0x803, 0x0)
sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtaction={0x158, 0x30, 0x1, 0x0, 0x0, {}, [{0xf9, 0x1, [@m_xt={0x110, 0x1c, 0x0, 0x0, {{0x7}, {0x28, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'nat\x00'}]}, {0xc4, 0x6, "286a94f4e14beb084c99dae709c351adc8cab22923a37861cfe86658f320ba887e5828b35bc61b6aed21ef47903c360113fff2ade33fa3ad6cbfe1fb0be30daad11c8591bb5facff1d522b2856c1cf72253512d1a2190ea9ac8a783ade006a341c87e6a5a4e0a2b6f5545d96e93a183befcdf3d7af624e0a00465227afef2f86519d0091ccc0ae34fc69bcd8a22cd2cf1af4644d1993bdc3eae657e01cc9264a53346454cc31b59f5e235a3010d59b03da66892760a28c7e0a839c8b85b1f59a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_vlan={0x0, 0x13, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x0, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x0, 0x6, 0x4}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x0, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x0, 0x6, 0x4}, @TCA_VLAN_PUSH_VLAN_ID={0x0, 0x3, 0x59e}]}, {0x0, 0x6, "0d6884d9f22194477c7a1b7a4aee0a92ae59bf6b4da2a4ac0a4e077050ffbe64071924a078d4cd9537344ef681f944e7a6cb8c3b0d1d7ec9711a6dfca366394529610dee2bb14b056117"}, {0x0, 0x7, {0x0, 0x1}}, {0x0, 0x8, {0x2}}}}, @m_skbedit={0x0, 0x2, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x0, 0x5, 0xe58d}]}, {0x0, 0x6, "fe6a4b6835b449dc052637c753e1dda678c36f3005fa44d65d01afb09b5813c657672ee7c49f8c387fac770be3618c18f9fc9d7ef3612514ba78c352a34a7a4395cdc8922488d2bd2b4ad8982d40d08c8f4ced9d3177f3832c7b38798edc33b3eeddada71054392c05d8148a6dd26109344749df834ba36fad984752883c3b46646e0caa501a1ffd6f7b862b39f394140afdd160fa03155c4ee232dabd186974"}, {}, {0x0, 0x8, {0x3, 0x1}}}}]}]}, 0x158}}, 0x0) (async)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000d00)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e9002c35b89f64969a0430ce281eee6802d8f0036dd7a0da8ee68896cc0d8026f64b07d835c4ad5092f591f4cc7a4fda1588837cf53a33b85afdee4f3896a55d1029ba5236493343854fd0500ac0be80b70b6f4f34799196d5d3f0ac77fdefb22a1422fd150f80c884b98b7dfbdb324078962f79f8309a0d16c7b01adf340525a4989ed2e1d82579c3cf698f3e6560980874204fb9f39ac717a44f842aa3f929397c39aae4a8bfbe2c89ed2b8b9cf8f75019283889261085aab64aa6a6e06c486e90df9ee263c297ed7cbe6ef973dd90db461902f90b5d459c94c75ba3cada13a80ecd8771e16a2c40b7f091d67f63b195fd2ca2c199daedb2e2fd"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) (async)
unshare(0x8040600) (async)
r7 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) (async)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r8, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r9, 0x80)
connect$unix(r7, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r6, 0x2000012, 0x100e, 0x7ffe, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

55.026924ms ago: executing program 3 (id=3799):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0)
socket(0x10, 0x3, 0x0)
unshare(0x40000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(0x0, r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000280)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x10000, 'syz0\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xfffffdb6, 0x2, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = socket(0x29, 0x2, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000140), 0x4)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014008000008080002"], 0x1ec}}, 0x0)
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0xffff, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]})
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000440)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x8, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]})
socket$inet_sctp(0x2, 0x5, 0x84)

0s ago: executing program 0 (id=3800):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000400)={@mcast1, 0x62, r3})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r2, @ANYBLOB="00000016010000001800120008000100736974000c00020008000300", @ANYRES16=r2], 0x38}, 0x1, 0x0, 0x0, 0x8c1}, 0x20000004)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=ANY=[@ANYBLOB="58000000100039042cbd7000eaffffff000003e4", @ANYRES32=r3, @ANYBLOB="03000000cb1507003800128008000100736974002c00028008000100", @ANYRES32, @ANYBLOB="08000300ac"], 0x58}, 0x1, 0x0, 0x0, 0x20008004}, 0x4000040)

kernel console output (not intermixed with test programs):

syzkaller1: entered promiscuous mode
[  330.691531][T15215] syzkaller1: entered allmulticast mode
[  330.730673][T15224] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2886'.
[  330.743078][T15219] netlink: 'syz.1.2885': attribute type 13 has an invalid length.
[  330.878328][T15228] netlink: 'syz.2.2887': attribute type 29 has an invalid length.
[  331.053296][T15238] siw: device registration error -23
[  331.105919][T15240] netlink: 'syz.1.2892': attribute type 21 has an invalid length.
[  331.143041][T15240] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2892'.
[  331.207075][T15247] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2895'.
[  331.312566][T15250] lo speed is unknown, defaulting to 1000
[  331.327390][T15250] lo speed is unknown, defaulting to 1000
[  331.360238][T15253] openvswitch: netlink: IP tunnel dst address not specified
[  331.534765][T15262] netlink: 'syz.3.2900': attribute type 29 has an invalid length.
[  331.650436][T15268] netlink: 'syz.3.2902': attribute type 11 has an invalid length.
[  331.753951][T15273] netlink: 'syz.2.2904': attribute type 1 has an invalid length.
[  331.839775][T15273] netlink: 'syz.2.2904': attribute type 1 has an invalid length.
[  332.133568][T15286] netlink: 'syz.2.2904': attribute type 1 has an invalid length.
[  332.241308][T15286] 8021q: adding VLAN 0 to HW filter on device bond2
[  332.297156][T15290] 8021q: adding VLAN 0 to HW filter on device bond2
[  332.308814][T15290] bond2: (slave wlan0): making interface the new active one
[  332.317666][T15290] bond2: (slave wlan0): Enslaving as an active interface with an up link
[  332.406662][T15273] vlan2: entered allmulticast mode
[  332.411822][T15273] veth1: entered allmulticast mode
[  332.442977][T15304] netlink: 'syz.1.2912': attribute type 3 has an invalid length.
[  332.699436][T15333] syzkaller0: entered promiscuous mode
[  332.841071][T15335] lo speed is unknown, defaulting to 1000
[  332.868105][T15335] lo speed is unknown, defaulting to 1000
[  333.421283][T15360] netlink: 'syz.3.2924': attribute type 29 has an invalid length.
[  334.635473][ T5867] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  334.644538][ T5867] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  334.653022][ T5867] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  334.661177][ T5867] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  334.672601][ T5867] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  334.735384][T15415] lo speed is unknown, defaulting to 1000
[  334.743768][T15415] lo speed is unknown, defaulting to 1000
[  335.041526][T15427] bridge4: entered promiscuous mode
[  335.075382][T15427] bridge4: entered allmulticast mode
[  335.103779][T15427] team0: Port device bridge4 added
[  335.138447][T15415] chnl_net:caif_netlink_parms(): no params data found
[  335.164536][T15439] __nla_validate_parse: 8 callbacks suppressed
[  335.164553][T15439] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2945'.
[  335.201797][T15441] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2945'.
[  335.414838][T15415] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.422627][T15415] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.446355][T15415] bridge_slave_0: entered allmulticast mode
[  335.473638][T15415] bridge_slave_0: entered promiscuous mode
[  335.501131][T15415] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.509139][T15415] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.516812][T15415] bridge_slave_1: entered allmulticast mode
[  335.525520][T15415] bridge_slave_1: entered promiscuous mode
[  335.618714][T15415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  335.652576][T15415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  335.777404][T15415] team0: Port device team_slave_0 added
[  335.784117][T15457] lo speed is unknown, defaulting to 1000
[  335.801779][T15415] team0: Port device team_slave_1 added
[  335.838522][T15464] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  335.846825][T15457] lo speed is unknown, defaulting to 1000
[  335.887430][T15467] netlink: 'syz.3.2952': attribute type 2 has an invalid length.
[  335.936794][T15464] tipc: Disabling bearer <eth:syzkaller0>
[  336.035040][T15415] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.063307][T15415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.278094][T15415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.562510][T15415] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.605869][T15415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.661072][T15415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  336.737407][T15492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2960'.
[  336.737438][T15487] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2959'.
[  336.756281][ T5864] Bluetooth: hci0: command tx timeout
[  336.762498][T15487] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2959'.
[  336.794929][T15478] netlink: 'syz.4.2957': attribute type 3 has an invalid length.
[  336.820631][T15485] lo speed is unknown, defaulting to 1000
[  336.893402][T15485] lo speed is unknown, defaulting to 1000
[  336.914901][T15489] lo speed is unknown, defaulting to 1000
[  336.949914][T15489] lo speed is unknown, defaulting to 1000
[  336.965212][T15415] hsr_slave_0: entered promiscuous mode
[  336.972508][T15415] hsr_slave_1: entered promiscuous mode
[  336.979175][T15415] debugfs: 'hsr0' already exists in 'hsr'
[  336.985014][T15415] Cannot create hsr debugfs directory
[  337.043984][T15497] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2961'.
[  337.370125][T15499] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  337.768274][T15519] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  338.016737][T15530] netlink: 'syz.2.2970': attribute type 23 has an invalid length.
[  338.065549][T15526] netlink: 'syz.3.2974': attribute type 29 has an invalid length.
[  338.161534][T15533] lo speed is unknown, defaulting to 1000
[  338.260211][T15537] netlink: 260 bytes leftover after parsing attributes in process `syz.4.2975'.
[  338.269831][T15537] netlink: 260 bytes leftover after parsing attributes in process `syz.4.2975'.
[  338.283209][T15533] lo speed is unknown, defaulting to 1000
[  338.396120][T15415] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  338.459380][T15415] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  338.524373][T15415] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  338.615132][T15415] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  338.827359][ T5864] Bluetooth: hci0: command tx timeout
[  339.076103][T15581] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2987'.
[  339.350792][T15569] netlink: 'syz.4.2986': attribute type 29 has an invalid length.
[  339.358642][T15584] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2988'.
[  339.681628][T15415] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.729701][T15415] 8021q: adding VLAN 0 to HW filter on device team0
[  339.749978][T11205] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.757187][T11205] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.833653][T11198] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.840888][T11198] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.998137][T15415] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  340.296973][T15619] __nla_validate_parse: 2 callbacks suppressed
[  340.296990][T15619] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2998'.
[  340.316796][T15621] netlink: 'syz.3.2999': attribute type 29 has an invalid length.
[  340.338950][T15619] macvlan1: entered promiscuous mode
[  340.347909][T15619] macvlan1: left promiscuous mode
[  340.369472][T15415] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.428448][T15623] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3000'.
[  340.442146][T15623] netlink: 212316 bytes leftover after parsing attributes in process `syz.3.3000'.
[  340.501669][T15415] veth0_vlan: entered promiscuous mode
[  340.524666][T15415] veth1_vlan: entered promiscuous mode
[  340.701522][T15415] veth0_macvtap: entered promiscuous mode
[  340.738885][T15415] veth1_macvtap: entered promiscuous mode
[  340.792063][T15415] batman_adv: batadv0: Interface activated: batadv_slave_0
[  340.822512][T15415] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.850025][T15644] gretap1: entered promiscuous mode
[  340.892658][T11203] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.908372][ T5864] Bluetooth: hci0: command tx timeout
[  340.926540][T11203] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.948884][T11203] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.963930][T11203] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.078707][T15651] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3007'.
[  341.201308][T15657] netlink: 'syz.0.3008': attribute type 4 has an invalid length.
[  341.224488][T15658] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3007'.
[  341.276354][T15656] netlink: 'syz.4.3009': attribute type 29 has an invalid length.
[  341.373985][T11171] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.397463][T11171] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.431890][T15660] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3008'.
[  341.473024][T11195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.513719][T11195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.674216][T15668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2929'.
[  342.234570][T15692] netlink: 'syz.3.3019': attribute type 29 has an invalid length.
[  342.578608][T15702] netlink: 'syz.0.3023': attribute type 13 has an invalid length.
[  342.616334][T15702] netlink: 'syz.0.3023': attribute type 17 has an invalid length.
[  342.682232][ T5867] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  342.694410][ T5867] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  342.703042][ T5867] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  342.718584][ T5867] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  342.727201][ T5867] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  342.822204][T15702] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  342.924743][T15708] lo speed is unknown, defaulting to 1000
[  343.005818][ T5864] Bluetooth: hci0: command tx timeout
[  343.018209][T15711] lo speed is unknown, defaulting to 1000
[  343.025005][T15708] lo speed is unknown, defaulting to 1000
[  343.132229][T15711] lo speed is unknown, defaulting to 1000
[  343.504889][T15734] netlink: 'syz.3.3031': attribute type 29 has an invalid length.
[  343.787157][T15758] delete_channel: no stack
[  343.966611][T15708] chnl_net:caif_netlink_parms(): no params data found
[  344.128438][T15773] netlink: 'syz.3.3038': attribute type 24 has an invalid length.
[  344.372945][T15708] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.380610][T15708] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.388138][T15708] bridge_slave_0: entered allmulticast mode
[  344.395325][T15708] bridge_slave_0: entered promiscuous mode
[  344.402740][T15786] netlink: 'syz.0.3043': attribute type 29 has an invalid length.
[  344.459796][T15708] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.470360][T15708] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.481587][T15708] bridge_slave_1: entered allmulticast mode
[  344.489811][T15708] bridge_slave_1: entered promiscuous mode
[  344.530430][T15791] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3041'.
[  344.556067][T15708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  344.570333][T15708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  344.617973][T15708] team0: Port device team_slave_0 added
[  344.633196][T15708] team0: Port device team_slave_1 added
[  344.699007][T15708] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.714022][T15708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.743097][T15708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  344.803020][T15708] batman_adv: batadv0: Adding interface: batadv_slave_1
[  344.819745][T15708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.846086][ T5864] Bluetooth: hci3: command tx timeout
[  344.860660][T15708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  344.992283][T15804] syzkaller0: entered promiscuous mode
[  345.001519][T15804] syzkaller0: entered allmulticast mode
[  345.276949][T15817] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3051'.
[  345.292165][T15816] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3051'.
[  346.799927][T15708] hsr_slave_0: entered promiscuous mode
[  346.807687][T15708] hsr_slave_1: entered promiscuous mode
[  346.813881][T15708] debugfs: 'hsr0' already exists in 'hsr'
[  346.819867][T15708] Cannot create hsr debugfs directory
[  346.887308][T15824] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.898892][T15827] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3054'.
[  346.921883][ T5864] Bluetooth: hci3: command tx timeout
[  347.035313][T15824] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.145446][T15824] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.251831][T15824] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.383400][T15840] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  347.408124][T15842] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  348.048963][T11195] dvmrp1 (unregistering): left allmulticast mode
[  348.669909][T11195] bond1 (unregistering): Released all slaves
[  348.784146][T11195] bond0 (unregistering): Released all slaves
[  348.896004][T11195] bond2 (unregistering): (slave wlan0): Releasing active interface
[  348.910308][T11195] bond2 (unregistering): Released all slaves
[  348.987227][ T5864] Bluetooth: hci3: command tx timeout
[  349.002907][T11205] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.125167][T11195] tipc: Left network mode
[  349.173033][T11198] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.201146][T11198] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.201907][T15864] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  349.227857][T11195] IPVS: stopping backup sync thread 13763 ...
[  349.242198][T11198] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.661155][T15885] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3071'.
[  350.082364][T15894] netlink: 204 bytes leftover after parsing attributes in process `syz.4.3075'.
[  350.205740][T15708] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  350.255214][T15904] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3077'.
[  350.283551][T15904] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  350.365222][T15708] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  350.444355][T15916] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3081'.
[  350.455924][T15708] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  350.509339][T15708] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  350.546081][T15918] netlink: 'syz.4.3080': attribute type 2 has an invalid length.
[  350.563164][T15916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3081'.
[  350.608671][T11195] hsr_slave_0: left promiscuous mode
[  350.621652][T11195] hsr_slave_1: left promiscuous mode
[  350.689672][T11195] pimreg (unregistering): left allmulticast mode
[  351.033485][T15946] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3084'.
[  351.072652][ T5864] Bluetooth: hci3: command tx timeout
[  351.774533][T15931] (unnamed net_device) (uninitialized): option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0)
[  352.223286][T15956] tipc: Started in network mode
[  352.238050][T15956] tipc: Node identity e2f8f870153a, cluster identity 4711
[  352.247349][T15956] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  352.305884][T15956] syzkaller0: entered promiscuous mode
[  352.311387][T15956] syzkaller0: entered allmulticast mode
[  352.330333][T15708] 8021q: adding VLAN 0 to HW filter on device bond0
[  352.411757][T15954] tipc: Resetting bearer <eth:syzkaller0>
[  352.468593][T15954] tipc: Disabling bearer <eth:syzkaller0>
[  352.520357][T11195] IPVS: stop unused estimator thread 0...
[  352.592941][T15708] 8021q: adding VLAN 0 to HW filter on device team0
[  352.603651][T15975] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  352.651041][T11171] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.658258][T11171] bridge0: port 1(bridge_slave_0) entered forwarding state
[  352.689614][T11171] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.696926][T11171] bridge0: port 2(bridge_slave_1) entered forwarding state
[  352.825296][T15986] sch_tbf: peakrate 1130 is lower than or equals to rate 8135890974208070034 !
[  352.868512][T15989] !
: renamed from dummy0
[  352.884510][T15985] netlink: 'syz.1.3097': attribute type 9 has an invalid length.
[  352.892766][T15985] netlink: 'syz.1.3097': attribute type 6 has an invalid length.
[  352.929424][T15991] netlink: 240 bytes leftover after parsing attributes in process `syz.4.3094'.
[  353.021824][T15995] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode broadcast(3)
[  353.178951][T15995] lo speed is unknown, defaulting to 1000
[  353.223804][T15995] lo speed is unknown, defaulting to 1000
[  353.431943][T15708] 8021q: adding VLAN 0 to HW filter on device batadv0
[  353.847173][T16011] netlink: 'syz.4.3100': attribute type 2 has an invalid length.
[  353.868064][T16011] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3100'.
[  353.920812][T16015] IPv6: NLM_F_CREATE should be specified when creating new route
[  354.050902][T16008] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.233117][T16008] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.361669][T16008] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.430987][T15708] veth0_vlan: entered promiscuous mode
[  355.194162][T16008] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.243697][T16026] netlink: 5636 bytes leftover after parsing attributes in process `syz.3.3102'.
[  355.257275][T15708] veth1_vlan: entered promiscuous mode
[  355.511095][T16032] netlink: 'syz.3.3103': attribute type 1 has an invalid length.
[  355.521743][T15708] veth0_macvtap: entered promiscuous mode
[  355.547203][T16032] netlink: 'syz.3.3103': attribute type 1 has an invalid length.
[  355.575353][T16032] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3103'.
[  355.598228][T16032] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3103'.
[  355.616167][T11199] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.724585][T16036] netlink: 'syz.4.3104': attribute type 1 has an invalid length.
[  355.740985][T15708] veth1_macvtap: entered promiscuous mode
[  355.790750][T16036] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  355.796275][T11198] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.843956][T11198] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.909101][T11198] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.926473][T15708] batman_adv: batadv0: Interface activated: batadv_slave_0
[  355.958173][T16044] netlink: 'syz.4.3106': attribute type 25 has an invalid length.
[  355.970611][T15708] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.060107][T11171] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.070456][T11171] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.099868][T11171] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.147571][T11171] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.228025][T16050] ieee802154 phy0 wpan0: encryption failed: -22
[  356.385334][T11199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.421321][T11199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.516034][T11198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.524187][T11198] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.746409][T16077] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3013'.
[  356.833497][T16073] syzkaller0: entered promiscuous mode
[  356.861828][T16073] syzkaller0: entered allmulticast mode
[  356.900392][T16079] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3119'.
[  356.931950][T16079] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  357.520318][ T5867] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  357.537983][ T5867] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  357.550313][ T5867] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  357.571427][ T5867] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  357.590559][ T5867] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  358.922295][T16088] syzkaller0: entered promiscuous mode
[  358.928008][T16088] syzkaller0: entered allmulticast mode
[  359.096187][T16099] lo speed is unknown, defaulting to 1000
[  359.103706][T16099] lo speed is unknown, defaulting to 1000
[  359.215730][T16110] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96
[  359.272599][T16120] netlink: 'syz.1.3126': attribute type 16 has an invalid length.
[  359.345267][T16120] netlink: 'syz.1.3126': attribute type 3 has an invalid length.
[  359.410631][T16120] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.3126'.
[  359.575132][T16099] chnl_net:caif_netlink_parms(): no params data found
[  359.706434][ T5867] Bluetooth: hci1: command tx timeout
[  359.811932][T16143] netlink: 'syz.3.3133': attribute type 6 has an invalid length.
[  359.829037][T16143] IPv6: NLM_F_CREATE should be specified when creating new route
[  360.010346][T16141] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3133'.
[  360.030883][T16141] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  360.268209][T16099] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.277579][T16099] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.284960][T16099] bridge_slave_0: entered allmulticast mode
[  360.293778][T16099] bridge_slave_0: entered promiscuous mode
[  360.305102][T16099] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.325950][T16099] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.338910][T16099] bridge_slave_1: entered allmulticast mode
[  360.358603][T16099] bridge_slave_1: entered promiscuous mode
[  360.397448][T16165] netlink: 'syz.2.3138': attribute type 1 has an invalid length.
[  360.486278][T16165] netlink: 'syz.2.3138': attribute type 4 has an invalid length.
[  360.557051][T16173] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3138'.
[  360.583362][T16173] openvswitch: netlink: Flow key attr not present in new flow.
[  360.717685][T16099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  360.790098][T16099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  360.857734][T16189] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  360.871741][T16191] netlink: 'syz.3.3144': attribute type 1 has an invalid length.
[  360.942644][T16099] team0: Port device team_slave_0 added
[  360.972579][T16099] team0: Port device team_slave_1 added
[  361.118996][T16205] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3149'.
[  361.135691][T16099] batman_adv: batadv0: Adding interface: batadv_slave_0
[  361.142665][T16099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.187650][T16202] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3148'.
[  361.196372][T16099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  361.229659][T16099] batman_adv: batadv0: Adding interface: batadv_slave_1
[  361.237165][T16099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.263965][T16099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  361.290721][T16205] 8021q: VLANs not supported on ipvlan1
[  361.346501][T16207] macsec1: entered promiscuous mode
[  361.351751][T16207] macsec1: entered allmulticast mode
[  361.480050][T16202] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3148'.
[  361.501500][T16216] netlink: 'syz.3.3150': attribute type 9 has an invalid length.
[  361.786546][ T5867] Bluetooth: hci1: command tx timeout
[  361.832467][T16099] hsr_slave_0: entered promiscuous mode
[  361.842387][T16099] hsr_slave_1: entered promiscuous mode
[  362.070438][T16234] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3158'.
[  362.215946][T16244] netlink: 'syz.1.3160': attribute type 3 has an invalid length.
[  362.316436][T16242] netlink: 'syz.0.3159': attribute type 11 has an invalid length.
[  362.375903][T16242] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3159'.
[  362.384493][T16248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3161'.
[  362.554311][T16254] netlink: 'syz.1.3163': attribute type 3 has an invalid length.
[  362.578583][T16254] netlink: 'syz.1.3163': attribute type 1 has an invalid length.
[  362.667654][T16256] netlink: 'syz.3.3164': attribute type 15 has an invalid length.
[  363.006682][T16266] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3167'.
[  363.258719][T16266] veth3: entered promiscuous mode
[  363.453822][T16099] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  363.502895][T16099] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  363.542600][T16099] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  363.597511][T16099] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  363.624314][T16275] Bluetooth: hci0: Opcode 0x080f failed: -22
[  363.866923][ T5867] Bluetooth: hci1: command tx timeout
[  363.929714][T16288] lo speed is unknown, defaulting to 1000
[  363.959528][T16288] lo speed is unknown, defaulting to 1000
[  364.278784][T16099] 8021q: adding VLAN 0 to HW filter on device bond0
[  364.307229][T16099] 8021q: adding VLAN 0 to HW filter on device team0
[  364.324185][T11203] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.331445][T11203] bridge0: port 1(bridge_slave_0) entered forwarding state
[  364.358535][T11196] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.365790][T11196] bridge0: port 2(bridge_slave_1) entered forwarding state
[  364.400843][T16302] netlink: 'syz.1.3175': attribute type 13 has an invalid length.
[  364.415373][T16302] netlink: 'syz.1.3175': attribute type 17 has an invalid length.
[  364.560008][T16302] 8021q: adding VLAN 0 to HW filter on device team0
[  364.574296][T16302] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  365.362982][T16344] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  365.397127][T16342] tap0: tun_chr_ioctl cmd 1074025675
[  365.402470][T16342] tap0: persist disabled
[  365.407420][ T5955] IPVS: starting estimator thread 0...
[  365.442197][T16344] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  365.451045][T16344] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  365.495704][T16352] IPVS: using max 28 ests per chain, 67200 per kthread
[  365.504807][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3189'.
[  365.524174][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3189'.
[  365.541149][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3189'.
[  365.562572][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3189'.
[  365.571707][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3189'.
[  365.626320][ T5867] Bluetooth: hci0: command tx timeout
[  365.787129][T16099] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.945802][ T5867] Bluetooth: hci1: command tx timeout
[  366.230993][T16375] sctp: [Deprecated]: syz.1.3194 (pid 16375) Use of int in maxseg socket option.
[  366.230993][T16375] Use struct sctp_assoc_value instead
[  366.251075][T16382] sctp: [Deprecated]: syz.1.3194 (pid 16382) Use of int in maxseg socket option.
[  366.251075][T16382] Use struct sctp_assoc_value instead
[  366.840124][T16099] veth0_vlan: entered promiscuous mode
[  366.854577][T16099] veth1_vlan: entered promiscuous mode
[  366.942565][T16099] veth0_macvtap: entered promiscuous mode
[  366.958459][T16099] veth1_macvtap: entered promiscuous mode
[  366.993650][T16099] batman_adv: batadv0: Interface activated: batadv_slave_0
[  367.033270][T16099] batman_adv: batadv0: Interface activated: batadv_slave_1
[  367.065456][T11203] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.092777][T11203] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.140262][T16415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3205'.
[  367.146902][T11203] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.153655][T16415] netlink: 7 bytes leftover after parsing attributes in process `syz.0.3205'.
[  367.172734][T11203] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.297147][T11198] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.331346][T11198] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.439555][T11205] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.469129][T16422] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  367.477803][T11205] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.492963][T16422] syzkaller0: entered promiscuous mode
[  367.499138][T16422] syzkaller0: entered allmulticast mode
[  367.521187][T16422] tipc: Resetting bearer <eth:syzkaller0>
[  367.660279][T16433] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3210'.
[  367.939315][T16456] lo speed is unknown, defaulting to 1000
[  367.959154][T16456] lo speed is unknown, defaulting to 1000
[  368.119120][T16463] syzkaller0: entered promiscuous mode
[  368.124713][T16463] syzkaller0: entered allmulticast mode
[  368.276403][ T5867] Bluetooth: hci1: command tx timeout
[  368.525078][   T43] tipc: Node number set to 4156749936
[  368.773980][T16472] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3225'.
[  368.926267][ T5864] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  368.952644][ T5864] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  368.970049][ T5864] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  368.984185][ T5864] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  368.994803][ T5864] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  369.598356][T16476] Bluetooth: MGMT ver 1.23
[  370.283362][T16473] lo speed is unknown, defaulting to 1000
[  370.305148][T16473] lo speed is unknown, defaulting to 1000
[  370.558547][T16495] netlink: 'syz.2.3233': attribute type 1 has an invalid length.
[  370.574172][T16495] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3233'.
[  371.066468][ T5867] Bluetooth: hci2: command tx timeout
[  371.099338][T16473] chnl_net:caif_netlink_parms(): no params data found
[  371.179497][T16519] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3240'.
[  371.323293][T16524] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3242'.
[  371.333393][T16526] netlink: 'syz.1.3241': attribute type 10 has an invalid length.
[  371.412389][T16526] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.421217][T16526] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.439189][T16526] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.446444][T16526] bridge0: port 2(bridge_slave_1) entered forwarding state
[  371.453978][T16526] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.461233][T16526] bridge0: port 1(bridge_slave_0) entered forwarding state
[  371.478250][T16526] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  371.570240][T16473] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.577898][T16473] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.585171][T16473] bridge_slave_0: entered allmulticast mode
[  371.625281][T16473] bridge_slave_0: entered promiscuous mode
[  371.647396][T16473] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.664891][T16473] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.704473][T16473] bridge_slave_1: entered allmulticast mode
[  371.724524][T16473] bridge_slave_1: entered promiscuous mode
[  371.789493][T16544] bridge_slave_0: left allmulticast mode
[  371.806918][T16545] syz.2.3248: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  371.866149][T16544] bridge_slave_0: left promiscuous mode
[  371.880551][T16544] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.926137][T16545] CPU: 1 UID: 0 PID: 16545 Comm: syz.2.3248 Not tainted syzkaller #0 PREEMPT(full) 
[  371.926181][T16545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  371.926198][T16545] Call Trace:
[  371.926205][T16545]  <TASK>
[  371.926215][T16545]  dump_stack_lvl+0x189/0x250
[  371.926245][T16545]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.926266][T16545]  ? __pfx__printk+0x10/0x10
[  371.926290][T16545]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  371.926312][T16545]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  371.926334][T16545]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  371.926358][T16545]  warn_alloc+0x214/0x310
[  371.926385][T16545]  ? stack_depot_save_flags+0x40/0x860
[  371.926411][T16545]  ? __pfx_warn_alloc+0x10/0x10
[  371.926438][T16545]  ? kasan_save_track+0x4f/0x80
[  371.926460][T16545]  ? xskq_create+0x56/0x170
[  371.926476][T16545]  ? xsk_init_queue+0xb0/0x110
[  371.926496][T16545]  ? xsk_setsockopt+0x4dc/0x8d0
[  371.926517][T16545]  ? do_sock_setsockopt+0x179/0x1b0
[  371.926535][T16545]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  371.926551][T16545]  ? do_syscall_64+0xfa/0x3b0
[  371.926567][T16545]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.926595][T16545]  __vmalloc_node_range_noprof+0x125/0x12f0
[  371.926651][T16545]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  371.926682][T16545]  ? __kasan_kmalloc+0x93/0xb0
[  371.926707][T16545]  vmalloc_user_noprof+0xad/0xf0
[  371.926730][T16545]  ? xskq_create+0xbf/0x170
[  371.926748][T16545]  xskq_create+0xbf/0x170
[  371.926768][T16545]  xsk_init_queue+0xb0/0x110
[  371.926802][T16545]  xsk_setsockopt+0x4dc/0x8d0
[  371.926829][T16545]  ? __pfx_xsk_setsockopt+0x10/0x10
[  371.926854][T16545]  ? __pfx_aa_sk_perm+0x10/0x10
[  371.926883][T16545]  ? aa_sock_opt_perm+0xff/0x1b0
[  371.926902][T16545]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  371.926920][T16545]  ? __pfx_xsk_setsockopt+0x10/0x10
[  371.926945][T16545]  do_sock_setsockopt+0x179/0x1b0
[  371.926969][T16545]  __x64_sys_setsockopt+0x13f/0x1b0
[  371.926994][T16545]  do_syscall_64+0xfa/0x3b0
[  371.927011][T16545]  ? lockdep_hardirqs_on+0x9c/0x150
[  371.927028][T16545]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.927044][T16545]  ? clear_bhb_loop+0x60/0xb0
[  371.927063][T16545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.927083][T16545] RIP: 0033:0x7f1ac298ebe9
[  371.927097][T16545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.927110][T16545] RSP: 002b:00007f1ac3843038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  371.927129][T16545] RAX: ffffffffffffffda RBX: 00007f1ac2bc6090 RCX: 00007f1ac298ebe9
[  371.927142][T16545] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  371.927152][T16545] RBP: 00007f1ac2a11e19 R08: 0000000000000004 R09: 0000000000000000
[  371.927162][T16545] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  371.927173][T16545] R13: 00007f1ac2bc6128 R14: 00007f1ac2bc6090 R15: 00007fff2a673f38
[  371.927204][T16545]  </TASK>
[  371.927215][T16545] Mem-Info:
[  372.128595][T16545] active_anon:4114 inactive_anon:0 isolated_anon:0
[  372.128595][T16545]  active_file:3605 inactive_file:39975 isolated_file:0
[  372.128595][T16545]  unevictable:768 dirty:273 writeback:0
[  372.128595][T16545]  slab_reclaimable:12823 slab_unreclaimable:149567
[  372.128595][T16545]  mapped:30379 shmem:1412 pagetables:988
[  372.128595][T16545]  sec_pagetables:0 bounce:0
[  372.128595][T16545]  kernel_misc_reclaimable:0
[  372.128595][T16545]  free:1271668 free_pcp:18392 free_cma:0
[  372.136324][T16544] bridge_slave_1: left allmulticast mode
[  372.137811][T16545] Node 0 active_anon:16456kB inactive_anon:0kB active_file:14420kB inactive_file:159696kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121516kB dirty:1088kB writeback:0kB shmem:4112kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14988kB pagetables:3840kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  372.148736][T16544] bridge_slave_1: left promiscuous mode
[  372.149006][T16544] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.160872][T16545] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  372.270886][T16562] netlink: 'syz.1.3251': attribute type 1 has an invalid length.
[  372.292072][T16545] Node 0 
[  372.366985][T16562] netlink: 'syz.1.3251': attribute type 6 has an invalid length.
[  372.386902][T16545] DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  372.416364][T16562] netlink: 'syz.1.3251': attribute type 3 has an invalid length.
[  372.424210][T16545] lowmem_reserve[]: 0 2497 2499 2499 2499
[  372.431772][T16545] Node 0 DMA32 free:1172000kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16408kB inactive_anon:0kB active_file:14420kB inactive_file:158120kB unevictable:1536kB writepending:1084kB present:3129332kB managed:2557424kB mlocked:0kB bounce:0kB free_pcp:62996kB local_pcp:33604kB free_cma:0kB
[  372.433551][T16544] bond0: (slave bond_slave_0): Releasing backup interface
[  372.464893][T16545] lowmem_reserve[]: 0 0 1 1 1
[  372.464945][T16545] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1576kB unevictable:0kB writepending:4kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  372.465003][T16545] lowmem_reserve[]: 0 0 0 0 0
[  372.465046][T16545] Node 1 Normal free:3899100kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:10816kB local_pcp:5568kB free_cma:0kB
[  372.465101][T16545] lowmem_reserve[]: 0 0 0 0 0
[  372.548915][T16545] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  372.561803][T16545] Node 0 DMA32: 770*4kB (UM) 348*8kB (UM) 151*16kB (UM) 202*32kB (UME) 40*64kB (UM) 46*128kB (ME) 33*256kB (UM) 21*512kB (UM) 43*1024kB (UM) 8*2048kB (UM) 261*4096kB (UM) = 1171864kB
[  372.562785][T16544] bond0: (slave bond_slave_1): Releasing backup interface
[  372.580157][T16545] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  372.580320][T16545] Node 1 Normal: 149*4kB (UME) 43*8kB (UME) 41*16kB (UME) 189*32kB (UME) 50*64kB (UME) 13*128kB (UME) 4*256kB (UME) 3*512kB (UM) 1*1024kB (M) 2*2048kB (UE) 947*4096kB (M) = 3899100kB
[  372.580527][T16545] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  372.580544][T16545] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  372.580560][T16545] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  372.580576][T16545] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  372.580592][T16545] 44989 total pagecache pages
[  372.580610][T16545] 0 pages in swap cache
[  372.580618][T16545] Free swap  = 124996kB
[  372.580626][T16545] Total swap = 124996kB
[  372.580636][T16545] 2097051 pages RAM
[  372.580644][T16545] 0 pages HighMem/MovableOnly
[  372.580652][T16545] 425669 pages reserved
[  372.580660][T16545] 0 pages cma reserved
[  372.708051][T16544] team0: Port device team_slave_0 removed
[  372.726719][T16544] team0: Port device team_slave_1 removed
[  372.733150][T16544] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  372.741433][T16544] batman_adv: batadv0: Removing interface: batadv_slave_0
[  372.752801][T16544] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  372.762109][T16544] batman_adv: batadv0: Removing interface: batadv_slave_1
[  372.861177][T16560] dummy0: entered promiscuous mode
[  372.877411][T16560] macsec1: entered promiscuous mode
[  372.893619][T16560] dummy0: left promiscuous mode
[  373.076534][T16473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  373.107763][T16473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  373.138772][T16570] bridge_slave_0: left allmulticast mode
[  373.144573][T16570] bridge_slave_0: left promiscuous mode
[  373.150606][T16570] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.157476][ T5867] Bluetooth: hci2: command tx timeout
[  373.230049][T16570] bridge_slave_1: left allmulticast mode
[  373.258488][T16570] bridge_slave_1: left promiscuous mode
[  373.264304][T16570] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.317399][T16570] bond0: (slave bond_slave_0): Releasing backup interface
[  373.333699][T16570] bond0: (slave bond_slave_1): Releasing backup interface
[  373.353212][T16570] team0: Port device team_slave_0 removed
[  373.363273][T16570] team0: Port device team_slave_1 removed
[  373.371754][T16570] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  373.379754][T16570] batman_adv: batadv0: Removing interface: batadv_slave_0
[  373.382898][T16583] netlink: 'syz.1.3258': attribute type 1 has an invalid length.
[  373.395008][T16583] netlink: 228 bytes leftover after parsing attributes in process `syz.1.3258'.
[  373.397082][T16570] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  373.412815][T16570] batman_adv: batadv0: Removing interface: batadv_slave_1
[  373.598740][T16473] team0: Port device team_slave_0 added
[  373.605359][T16586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3260'.
[  373.621025][T16473] team0: Port device team_slave_1 added
[  374.037418][T16473] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.055272][T16473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.091622][T16473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.130908][T16473] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.152020][T16473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.195102][T16597] netlink: 'syz.0.3262': attribute type 1 has an invalid length.
[  374.203198][T16597] netlink: 236 bytes leftover after parsing attributes in process `syz.0.3262'.
[  374.218694][T16473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  374.258931][T16599] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3263'.
[  374.378255][T16606] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3263'.
[  374.519350][T16473] hsr_slave_0: entered promiscuous mode
[  374.542711][T16473] hsr_slave_1: entered promiscuous mode
[  374.553940][T16473] debugfs: 'hsr0' already exists in 'hsr'
[  374.568697][T16616] netlink: 'syz.0.3265': attribute type 1 has an invalid length.
[  374.580314][T16473] Cannot create hsr debugfs directory
[  374.842665][T16626] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3270'.
[  374.860529][T16627] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3270'.
[  374.961634][T16473] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.149999][T16473] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.242429][ T5867] Bluetooth: hci2: command tx timeout
[  375.303403][T16473] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.423995][T16645] lo speed is unknown, defaulting to 1000
[  375.425699][T16646] syzkaller0: left promiscuous mode
[  375.522675][T16646] syzkaller0: left allmulticast mode
[  375.554661][T16473] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.667083][T16645] lo speed is unknown, defaulting to 1000
[  375.672763][T16654] __nla_validate_parse: 1 callbacks suppressed
[  375.672782][T16654] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3277'.
[  375.704726][T16657] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3277'.
[  375.730701][T16657] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3277'.
[  376.043684][T16473] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  376.061034][T16473] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  376.093350][T16473] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  376.196839][T16678] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3278'.
[  376.223583][T16473] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  376.471482][T16689] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3284'.
[  376.520889][T16694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3284'.
[  376.678422][T16473] 8021q: adding VLAN 0 to HW filter on device bond0
[  376.747772][T16473] 8021q: adding VLAN 0 to HW filter on device team0
[  376.786478][T16700] FAULT_INJECTION: forcing a failure.
[  376.786478][T16700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.788304][T11171] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.806711][T11171] bridge0: port 1(bridge_slave_0) entered forwarding state
[  376.826069][T16700] CPU: 0 UID: 0 PID: 16700 Comm: syz.1.3287 Not tainted syzkaller #0 PREEMPT(full) 
[  376.826094][T16700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  376.826104][T16700] Call Trace:
[  376.826110][T16700]  <TASK>
[  376.826122][T16700]  dump_stack_lvl+0x189/0x250
[  376.826146][T16700]  ? __pfx____ratelimit+0x10/0x10
[  376.826165][T16700]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.826192][T16700]  ? __pfx__printk+0x10/0x10
[  376.826226][T16700]  should_fail_ex+0x414/0x560
[  376.826254][T16700]  _copy_to_user+0x31/0xb0
[  376.826275][T16700]  simple_read_from_buffer+0xe1/0x170
[  376.826304][T16700]  proc_fail_nth_read+0x1b3/0x220
[  376.826326][T16700]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  376.826349][T16700]  ? rw_verify_area+0x2a6/0x4d0
[  376.826368][T16700]  ? __lock_acquire+0xab9/0xd20
[  376.826388][T16700]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  376.826408][T16700]  vfs_read+0x1fd/0xa30
[  376.826427][T16700]  ? fdget_pos+0x247/0x320
[  376.826446][T16700]  ? __pfx___mutex_lock+0x10/0x10
[  376.826465][T16700]  ? __pfx_vfs_read+0x10/0x10
[  376.826486][T16700]  ? __fget_files+0x2a/0x420
[  376.826507][T16700]  ? __fget_files+0x3a0/0x420
[  376.826520][T16700]  ? __fget_files+0x2a/0x420
[  376.826545][T16700]  ksys_read+0x145/0x250
[  376.826568][T16700]  ? __pfx_ksys_read+0x10/0x10
[  376.826585][T16700]  ? rcu_is_watching+0x15/0xb0
[  376.826608][T16700]  ? do_syscall_64+0xbe/0x3b0
[  376.826630][T16700]  do_syscall_64+0xfa/0x3b0
[  376.826646][T16700]  ? lockdep_hardirqs_on+0x9c/0x150
[  376.826663][T16700]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.826679][T16700]  ? clear_bhb_loop+0x60/0xb0
[  376.826699][T16700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.826715][T16700] RIP: 0033:0x7f1f9b38d5fc
[  376.826732][T16700] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  376.826746][T16700] RSP: 002b:00007f1f9c2dd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  376.826765][T16700] RAX: ffffffffffffffda RBX: 00007f1f9b5c5fa0 RCX: 00007f1f9b38d5fc
[  376.826778][T16700] RDX: 000000000000000f RSI: 00007f1f9c2dd0a0 RDI: 0000000000000003
[  376.826789][T16700] RBP: 00007f1f9c2dd090 R08: 0000000000000000 R09: 0000000000000000
[  376.826800][T16700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.826810][T16700] R13: 00007f1f9b5c6038 R14: 00007f1f9b5c5fa0 R15: 00007ffe86880108
[  376.826841][T16700]  </TASK>
[  377.082347][T11171] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.089593][T11171] bridge0: port 2(bridge_slave_1) entered forwarding state
[  377.211845][T16473] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  377.295500][T16712] netlink: 'syz.4.3290': attribute type 1 has an invalid length.
[  377.306726][ T5867] Bluetooth: hci2: command tx timeout
[  377.537346][T16712] veth3: entered promiscuous mode
[  377.761444][T16724] netlink: 'syz.2.3292': attribute type 74 has an invalid length.
[  378.045389][T16473] 8021q: adding VLAN 0 to HW filter on device batadv0
[  378.100178][T16736] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (71)
[  378.138704][T16736] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  378.192262][T16750] netlink: 27 bytes leftover after parsing attributes in process `syz.0.3297'.
[  378.213310][T16473] veth0_vlan: entered promiscuous mode
[  378.260133][T16473] veth1_vlan: entered promiscuous mode
[  378.292653][T16744] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3298'.
[  378.304330][T16751] lo speed is unknown, defaulting to 1000
[  378.343249][T16753] openvswitch: netlink: Flow actions attr not present in new flow.
[  378.348885][T16751] lo speed is unknown, defaulting to 1000
[  378.361611][T16473] veth0_macvtap: entered promiscuous mode
[  378.384974][T16473] veth1_macvtap: entered promiscuous mode
[  378.441865][T16473] batman_adv: batadv0: Interface activated: batadv_slave_0
[  378.512519][T16473] batman_adv: batadv0: Interface activated: batadv_slave_1
[  378.553434][T11171] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.569568][T16762] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3303'.
[  378.579912][T11171] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.593345][T11171] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.603346][T11205] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.670184][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  378.677278][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  378.704424][T16762] batman_adv: batadv0: Adding interface: dummy0
[  378.710938][T16762] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.748044][T16762] batman_adv: batadv0: Interface activated: dummy0
[  378.898856][T16767] batadv0: mtu less than device minimum
[  378.906220][T16767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.918542][T16767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.930387][T16767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.942354][T16767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.954331][T16767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.966233][T16767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  378.978407][T16767] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  379.104130][T16762] batman_adv: batadv0: Adding interface: ip6gretap1
[  379.112864][T16762] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.140305][T16762] batman_adv: batadv0: Interface activated: ip6gretap1
[  379.330689][T16793] syz_tun: entered promiscuous mode
[  379.464177][T16798] syzkaller0: entered promiscuous mode
[  379.470301][T16798] syzkaller0: entered allmulticast mode
[  379.529147][T16805] ip6gretap0: entered allmulticast mode
[  379.578561][T11191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.594739][T11191] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.027933][T16809] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3315'.
[  381.514250][T16813] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3317'.
[  381.523630][T16813] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3317'.
[  381.632701][T16818] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3319'.
[  381.657632][T11203] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.683552][T11203] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.028584][T16843] netlink: 'syz.1.3324': attribute type 2 has an invalid length.
[  382.058363][T16844] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3326'.
[  382.275345][T16852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3329'.
[  382.348990][T16852] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3329'.
[  382.369990][T16851] syzkaller0: entered promiscuous mode
[  382.382873][T16851] syzkaller0: entered allmulticast mode
[  382.389042][T16852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3329'.
[  382.734811][T16871] netlink: 'syz.3.3333': attribute type 32 has an invalid length.
[  382.816790][T16877] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3333'.
[  382.845521][T16874] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3337'.
[  382.958571][T16886] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3338'.
[  385.111874][T16916] syzkaller0: entered promiscuous mode
[  385.117727][T16916] syzkaller0: entered allmulticast mode
[  385.254984][T16921] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  385.314077][T16923] !
: renamed from dummy0 (while UP)
[  385.539672][T16930] lo speed is unknown, defaulting to 1000
[  385.587466][T16930] lo speed is unknown, defaulting to 1000
[  385.742584][T16934] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input7
[  385.782673][T16936] netlink: 'syz.1.3355': attribute type 4 has an invalid length.
[  385.861137][T16936] Ã: renamed from bond0 (while UP)
[  386.223370][T16952] vlan2: entered allmulticast mode
[  386.229543][T16952] bond0: entered allmulticast mode
[  386.262377][T16946] netlink: 'syz.3.3358': attribute type 1 has an invalid length.
[  386.280152][T16946] netlink: 'syz.3.3358': attribute type 2 has an invalid length.
[  386.300022][T16942] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  386.426964][T16961] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  386.612064][T16970] tipc: Started in network mode
[  386.625484][T16970] tipc: Node identity 4, cluster identity 4711
[  386.639636][T16970] tipc: Node number set to 4
[  386.715434][T16979] __nla_validate_parse: 10 callbacks suppressed
[  386.715452][T16979] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3368'.
[  386.749818][T16979] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3368'.
[  386.792472][T16980] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3368'.
[  386.802072][T16980] net_ratelimit: 32 callbacks suppressed
[  386.802083][T16980] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  386.941969][T16989] netlink: 'syz.2.3372': attribute type 2 has an invalid length.
[  386.979046][T16991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3373'.
[  387.060150][T16989] : entered promiscuous mode
[  387.589721][T17022] lo speed is unknown, defaulting to 1000
[  387.598910][T17022] lo speed is unknown, defaulting to 1000
[  387.639458][T17030] netlink: 'syz.1.3383': attribute type 1 has an invalid length.
[  387.675491][T17030] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.3383'.
[  387.690793][T17032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3382'.
[  387.978015][T17038] batadv_slave_1: entered promiscuous mode
[  388.003064][T17038] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3386'.
[  388.021252][T17038] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  388.092974][T17038] batadv_slave_1 (unregistering): left promiscuous mode
[  388.101674][T17038] batman_adv: batadv0: Removing interface: batadv_slave_1
[  388.367163][T17024] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  388.378835][T17060] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3393'.
[  388.401437][T17024] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  388.408747][T17061] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3392'.
[  388.634051][T17070] macsec1: entered promiscuous mode
[  388.666026][T17070] mac80211_hwsim hwsim37 wlan0: entered promiscuous mode
[  388.685023][T17070] macsec1: entered allmulticast mode
[  388.692988][T17070] mac80211_hwsim hwsim37 wlan0: entered allmulticast mode
[  388.734605][T17024] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  388.747730][T17070] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3395'.
[  388.773465][T17024] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  388.791098][T17077] macsec2: entered promiscuous mode
[  388.796955][T17077] macsec2: entered allmulticast mode
[  388.885139][T17024] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  388.905022][T17024] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  389.103239][T17024] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  389.122178][T17024] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  389.141911][T17085] lo speed is unknown, defaulting to 1000
[  389.178972][T17095] netlink: 'syz.2.3402': attribute type 2 has an invalid length.
[  389.264342][T17085] lo speed is unknown, defaulting to 1000
[  389.375827][T17097] netlink: 'syz.3.3403': attribute type 9 has an invalid length.
[  389.440460][T17097] hsr0: entered promiscuous mode
[  389.467368][T17097] macvlan2: entered promiscuous mode
[  389.480883][T17097] macvlan2: entered allmulticast mode
[  389.493152][T17097] hsr0: entered allmulticast mode
[  389.504306][T17097] hsr_slave_0: entered allmulticast mode
[  389.514660][T17097] hsr_slave_1: entered allmulticast mode
[  390.307208][T17130] batman_adv: batadv0: Interface deactivated: dummy0
[  390.819178][T17130] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  390.985289][T11171] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  391.031999][T11171] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  391.062704][T11171] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  391.200969][T11171] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  391.572313][T17182] netlink: 'syz.0.3425': attribute type 13 has an invalid length.
[  391.582060][T17182] netlink: 'syz.0.3425': attribute type 17 has an invalid length.
[  391.597208][T17182] netlink: 'syz.0.3425': attribute type 27 has an invalid length.
[  391.690481][T17182] 8021q: adding VLAN 0 to HW filter on device team0
[  391.751630][T17182] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  392.027063][T17186] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.034471][T17186] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.521896][T17186] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.545326][T17186] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.743926][T17211] FAULT_INJECTION: forcing a failure.
[  392.743926][T17211] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  392.759460][T17211] CPU: 1 UID: 0 PID: 17211 Comm: syz.4.3433 Not tainted syzkaller #0 PREEMPT(full) 
[  392.759486][T17211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  392.759497][T17211] Call Trace:
[  392.759504][T17211]  <TASK>
[  392.759512][T17211]  dump_stack_lvl+0x189/0x250
[  392.759538][T17211]  ? __pfx____ratelimit+0x10/0x10
[  392.759556][T17211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.759576][T17211]  ? __pfx__printk+0x10/0x10
[  392.759600][T17211]  ? fs_reclaim_acquire+0x7d/0x100
[  392.759633][T17211]  should_fail_ex+0x414/0x560
[  392.759661][T17211]  prepare_alloc_pages+0x213/0x610
[  392.759687][T17211]  __alloc_frozen_pages_noprof+0x123/0x370
[  392.759709][T17211]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  392.759738][T17211]  ? policy_nodemask+0x27c/0x720
[  392.759766][T17211]  alloc_pages_mpol+0x232/0x4a0
[  392.759794][T17211]  vma_alloc_folio_noprof+0xe4/0x200
[  392.759819][T17211]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  392.759855][T17211]  folio_prealloc+0x30/0x180
[  392.759878][T17211]  do_wp_page+0x1231/0x5800
[  392.759922][T17211]  ? __pfx_do_wp_page+0x10/0x10
[  392.759939][T17211]  ? do_raw_spin_lock+0x121/0x290
[  392.759962][T17211]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  392.759994][T17211]  __handle_mm_fault+0x1033/0x5440
[  392.760032][T17211]  ? __pfx___handle_mm_fault+0x10/0x10
[  392.760068][T17211]  ? follow_page_pte+0xd03/0x13e0
[  392.760101][T17211]  handle_mm_fault+0x40a/0x8e0
[  392.760132][T17211]  __get_user_pages+0x1699/0x2ce0
[  392.760150][T17211]  ? __lock_acquire+0xab9/0xd20
[  392.760211][T17211]  __gup_longterm_locked+0xde9/0x1660
[  392.760246][T17211]  ? sanity_check_pinned_pages+0x123a/0x1300
[  392.760275][T17211]  gup_fast_fallback+0x1e6a/0x2010
[  392.760331][T17211]  ? __pfx_gup_fast_fallback+0x10/0x10
[  392.760348][T17211]  ? stack_trace_save+0x9c/0xe0
[  392.760367][T17211]  ? __pfx_stack_trace_save+0x10/0x10
[  392.760403][T17211]  ? pin_user_pages_fast+0x4d/0xb0
[  392.760426][T17211]  iov_iter_extract_pages+0x35a/0x5e0
[  392.760456][T17211]  extract_iter_to_sg+0xe46/0x24e0
[  392.760491][T17211]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  392.760534][T17211]  ? __asan_memset+0x22/0x50
[  392.760556][T17211]  af_alg_get_rsgl+0x436/0x810
[  392.760597][T17211]  skcipher_recvmsg+0x3c0/0x11c0
[  392.760622][T17211]  ? aa_sk_perm+0x81e/0x950
[  392.760658][T17211]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  392.760683][T17211]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  392.760700][T17211]  ? security_socket_recvmsg+0x7e/0x2e0
[  392.760719][T17211]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  392.760740][T17211]  sock_recvmsg+0x229/0x270
[  392.760768][T17211]  ____sys_recvmsg+0x1c9/0x460
[  392.760797][T17211]  ? __pfx_____sys_recvmsg+0x10/0x10
[  392.760833][T17211]  ? import_iovec+0x74/0xa0
[  392.760856][T17211]  ___sys_recvmsg+0x1b5/0x510
[  392.760881][T17211]  ? __pfx____sys_recvmsg+0x10/0x10
[  392.760927][T17211]  ? __fget_files+0x3a0/0x420
[  392.760953][T17211]  __x64_sys_recvmsg+0x198/0x260
[  392.760976][T17211]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  392.761006][T17211]  ? __pfx_ksys_write+0x10/0x10
[  392.761025][T17211]  ? rcu_is_watching+0x15/0xb0
[  392.761048][T17211]  ? do_syscall_64+0xbe/0x3b0
[  392.761066][T17211]  do_syscall_64+0xfa/0x3b0
[  392.761082][T17211]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.761099][T17211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.761116][T17211]  ? clear_bhb_loop+0x60/0xb0
[  392.761136][T17211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.761152][T17211] RIP: 0033:0x7fd130f8ebe9
[  392.761168][T17211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.761183][T17211] RSP: 002b:00007fd131eee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  392.761202][T17211] RAX: ffffffffffffffda RBX: 00007fd1311c5fa0 RCX: 00007fd130f8ebe9
[  392.761215][T17211] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  392.761226][T17211] RBP: 00007fd131eee090 R08: 0000000000000000 R09: 0000000000000000
[  392.761237][T17211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.761248][T17211] R13: 00007fd1311c6038 R14: 00007fd1311c5fa0 R15: 00007ffe4d37a4d8
[  392.761280][T17211]  </TASK>
[  393.205435][T17186] tipc: Resetting bearer <eth:syzkaller0>
[  393.236123][T17186] mac80211_hwsim hwsim37 wlan0: left allmulticast mode
[  393.243166][T17186] mac80211_hwsim hwsim37 wlan0: left promiscuous mode
[  393.287846][T17203] __nla_validate_parse: 9 callbacks suppressed
[  393.287868][T17203] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3431'.
[  393.348237][T17203] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  393.366140][T11195] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.402447][T11195] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.515514][T11195] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.525436][T11195] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.542646][T17225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3435'.
[  393.666119][T17228] openvswitch: netlink: Actions may not be safe on all matching packets
[  393.690883][T17226] lo speed is unknown, defaulting to 1000
[  393.715157][T17226] lo speed is unknown, defaulting to 1000
[  393.843435][T17240] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3441'.
[  393.962574][T17242] lo speed is unknown, defaulting to 1000
[  393.970283][T17242] lo speed is unknown, defaulting to 1000
[  394.111417][T17253] FAULT_INJECTION: forcing a failure.
[  394.111417][T17253] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  394.222784][T17253] CPU: 0 UID: 0 PID: 17253 Comm: syz.2.3444 Not tainted syzkaller #0 PREEMPT(full) 
[  394.222810][T17253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  394.222821][T17253] Call Trace:
[  394.222828][T17253]  <TASK>
[  394.222836][T17253]  dump_stack_lvl+0x189/0x250
[  394.222861][T17253]  ? __pfx____ratelimit+0x10/0x10
[  394.222880][T17253]  ? __pfx_dump_stack_lvl+0x10/0x10
[  394.222899][T17253]  ? __pfx__printk+0x10/0x10
[  394.222921][T17253]  ? fs_reclaim_acquire+0x7d/0x100
[  394.222953][T17253]  should_fail_ex+0x414/0x560
[  394.222980][T17253]  prepare_alloc_pages+0x213/0x610
[  394.223011][T17253]  __alloc_frozen_pages_noprof+0x123/0x370
[  394.223034][T17253]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  394.223061][T17253]  ? policy_nodemask+0x27c/0x720
[  394.223087][T17253]  alloc_pages_mpol+0x232/0x4a0
[  394.223114][T17253]  vma_alloc_folio_noprof+0xe4/0x200
[  394.223138][T17253]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  394.223174][T17253]  folio_prealloc+0x30/0x180
[  394.223197][T17253]  do_wp_page+0x1231/0x5800
[  394.223241][T17253]  ? __pfx_do_wp_page+0x10/0x10
[  394.223258][T17253]  ? do_raw_spin_lock+0x121/0x290
[  394.223281][T17253]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  394.223312][T17253]  __handle_mm_fault+0x1033/0x5440
[  394.223348][T17253]  ? __pfx___handle_mm_fault+0x10/0x10
[  394.223383][T17253]  ? follow_page_pte+0xd03/0x13e0
[  394.223415][T17253]  handle_mm_fault+0x40a/0x8e0
[  394.223445][T17253]  __get_user_pages+0x1699/0x2ce0
[  394.223461][T17253]  ? __lock_acquire+0xab9/0xd20
[  394.223522][T17253]  __gup_longterm_locked+0xde9/0x1660
[  394.223555][T17253]  ? sanity_check_pinned_pages+0x123a/0x1300
[  394.223585][T17253]  gup_fast_fallback+0x1e6a/0x2010
[  394.223640][T17253]  ? __pfx_gup_fast_fallback+0x10/0x10
[  394.223658][T17253]  ? stack_trace_save+0x9c/0xe0
[  394.223676][T17253]  ? __pfx_stack_trace_save+0x10/0x10
[  394.223708][T17253]  ? pin_user_pages_fast+0x4d/0xb0
[  394.223730][T17253]  iov_iter_extract_pages+0x35a/0x5e0
[  394.223762][T17253]  extract_iter_to_sg+0xe46/0x24e0
[  394.223797][T17253]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  394.223840][T17253]  ? __asan_memset+0x22/0x50
[  394.223860][T17253]  af_alg_get_rsgl+0x436/0x810
[  394.223903][T17253]  skcipher_recvmsg+0x3c0/0x11c0
[  394.223929][T17253]  ? aa_sk_perm+0x81e/0x950
[  394.223962][T17253]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  394.224000][T17253]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  394.224017][T17253]  ? security_socket_recvmsg+0x7e/0x2e0
[  394.224036][T17253]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  394.224055][T17253]  sock_recvmsg+0x229/0x270
[  394.224083][T17253]  ____sys_recvmsg+0x1c9/0x460
[  394.224110][T17253]  ? __pfx_____sys_recvmsg+0x10/0x10
[  394.224143][T17253]  ? import_iovec+0x74/0xa0
[  394.224163][T17253]  ___sys_recvmsg+0x1b5/0x510
[  394.224187][T17253]  ? __pfx____sys_recvmsg+0x10/0x10
[  394.224231][T17253]  ? __fget_files+0x3a0/0x420
[  394.224257][T17253]  __x64_sys_recvmsg+0x198/0x260
[  394.224280][T17253]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  394.224313][T17253]  ? rcu_is_watching+0x15/0xb0
[  394.224330][T17253]  ? trace_sys_enter+0x25/0x100
[  394.224356][T17253]  do_syscall_64+0xfa/0x3b0
[  394.224373][T17253]  ? lockdep_hardirqs_on+0x9c/0x150
[  394.224389][T17253]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.224404][T17253]  ? clear_bhb_loop+0x60/0xb0
[  394.224424][T17253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.224441][T17253] RIP: 0033:0x7f1ac298ebe9
[  394.224457][T17253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.224472][T17253] RSP: 002b:00007f1ac3864038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  394.224492][T17253] RAX: ffffffffffffffda RBX: 00007f1ac2bc5fa0 RCX: 00007f1ac298ebe9
[  394.224505][T17253] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  394.224515][T17253] RBP: 00007f1ac3864090 R08: 0000000000000000 R09: 0000000000000000
[  394.224525][T17253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.224535][T17253] R13: 00007f1ac2bc6038 R14: 00007f1ac2bc5fa0 R15: 00007fff2a673f38
[  394.224563][T17253]  </TASK>
[  394.677155][T17259] netlink: 'syz.1.3446': attribute type 10 has an invalid length.
[  394.691500][T17259] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3446'.
[  394.783599][T17259] team0: Port device geneve0 added
[  394.872719][T11195] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.896747][T11195] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  394.942802][T17266] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  394.955395][T11195] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  394.964559][T11195] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.991565][T17266] syzkaller0: entered promiscuous mode
[  394.997409][T17266] syzkaller0: entered allmulticast mode
[  395.066897][T17270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3447'.
[  395.091061][T17270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3447'.
[  395.855802][T17265] tipc: Resetting bearer <eth:syzkaller0>
[  396.336953][T17265] tipc: Disabling bearer <eth:syzkaller0>
[  400.977182][T17296] FAULT_INJECTION: forcing a failure.
[  400.977182][T17296] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.003803][T17296] CPU: 0 UID: 0 PID: 17296 Comm: syz.3.3459 Not tainted syzkaller #0 PREEMPT(full) 
[  401.003827][T17296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  401.003837][T17296] Call Trace:
[  401.003844][T17296]  <TASK>
[  401.003852][T17296]  dump_stack_lvl+0x189/0x250
[  401.003877][T17296]  ? __pfx____ratelimit+0x10/0x10
[  401.003895][T17296]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.003914][T17296]  ? __pfx__printk+0x10/0x10
[  401.003936][T17296]  ? __might_fault+0xb0/0x130
[  401.003968][T17296]  should_fail_ex+0x414/0x560
[  401.003995][T17296]  _copy_from_user+0x2d/0xb0
[  401.004014][T17296]  ___sys_sendmsg+0x158/0x2a0
[  401.004038][T17296]  ? __pfx____sys_sendmsg+0x10/0x10
[  401.004090][T17296]  ? __fget_files+0x2a/0x420
[  401.004103][T17296]  ? __fget_files+0x3a0/0x420
[  401.004127][T17296]  __x64_sys_sendmsg+0x19b/0x260
[  401.004147][T17296]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  401.004173][T17296]  ? __pfx_ksys_write+0x10/0x10
[  401.004192][T17296]  ? rcu_is_watching+0x15/0xb0
[  401.004215][T17296]  ? do_syscall_64+0xbe/0x3b0
[  401.004237][T17296]  do_syscall_64+0xfa/0x3b0
[  401.004252][T17296]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.004269][T17296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.004286][T17296]  ? clear_bhb_loop+0x60/0xb0
[  401.004307][T17296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.004323][T17296] RIP: 0033:0x7f4994f8ebe9
[  401.004339][T17296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.004353][T17296] RSP: 002b:00007f49931f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  401.004372][T17296] RAX: ffffffffffffffda RBX: 00007f49951c5fa0 RCX: 00007f4994f8ebe9
[  401.004384][T17296] RDX: 0000000004000084 RSI: 00002000000003c0 RDI: 0000000000000003
[  401.004395][T17296] RBP: 00007f49931f6090 R08: 0000000000000000 R09: 0000000000000000
[  401.004405][T17296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.004416][T17296] R13: 00007f49951c6038 R14: 00007f49951c5fa0 R15: 00007fffbef36318
[  401.004446][T17296]  </TASK>
[  401.256211][T17300] lo speed is unknown, defaulting to 1000
[  401.263685][T17300] lo speed is unknown, defaulting to 1000
[  420.810912][T17310] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3462'.
[  420.811732][T17316] openvswitch: netlink: IP tunnel dst address not specified
[  420.835246][T17315] netlink: 'syz.2.3463': attribute type 1 has an invalid length.
[  420.857607][T17307] can: request_module (can-proto-0) failed.
[  420.966052][T17307] can: request_module (can-proto-0) failed.
[  420.968707][T17321] bond1: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  421.073845][T17315] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  421.085074][T17315] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  421.179394][T17315] bond1 (unregistering): (slave ip6gretap2): Releasing backup interface
[  421.203544][T17315] bond1 (unregistering): Released all slaves
[  421.537483][T17347] FAULT_INJECTION: forcing a failure.
[  421.537483][T17347] name failslab, interval 1, probability 0, space 0, times 0
[  421.556327][T17348] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3472'.
[  421.583682][T17347] CPU: 1 UID: 0 PID: 17347 Comm: syz.0.3473 Not tainted syzkaller #0 PREEMPT(full) 
[  421.583709][T17347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  421.583720][T17347] Call Trace:
[  421.583727][T17347]  <TASK>
[  421.583735][T17347]  dump_stack_lvl+0x189/0x250
[  421.583759][T17347]  ? __pfx____ratelimit+0x10/0x10
[  421.583778][T17347]  ? __pfx_dump_stack_lvl+0x10/0x10
[  421.583796][T17347]  ? __pfx__printk+0x10/0x10
[  421.583822][T17347]  ? __pfx___might_resched+0x10/0x10
[  421.583841][T17347]  should_fail_ex+0x414/0x560
[  421.583864][T17347]  should_failslab+0xa8/0x100
[  421.583887][T17347]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  421.583908][T17347]  ? __alloc_skb+0x112/0x2d0
[  421.583929][T17347]  __alloc_skb+0x112/0x2d0
[  421.583950][T17347]  netlink_sendmsg+0x5c6/0xb30
[  421.583977][T17347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  421.583996][T17347]  ? aa_sock_msg_perm+0xf1/0x1d0
[  421.584015][T17347]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  421.584032][T17347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  421.584049][T17347]  __sock_sendmsg+0x219/0x270
[  421.584075][T17347]  ____sys_sendmsg+0x505/0x830
[  421.584100][T17347]  ? __pfx_____sys_sendmsg+0x10/0x10
[  421.584127][T17347]  ? import_iovec+0x74/0xa0
[  421.584148][T17347]  ___sys_sendmsg+0x21f/0x2a0
[  421.584169][T17347]  ? __pfx____sys_sendmsg+0x10/0x10
[  421.584219][T17347]  ? __fget_files+0x2a/0x420
[  421.584232][T17347]  ? __fget_files+0x3a0/0x420
[  421.584257][T17347]  __x64_sys_sendmsg+0x19b/0x260
[  421.584279][T17347]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  421.584306][T17347]  ? __pfx_ksys_write+0x10/0x10
[  421.584324][T17347]  ? rcu_is_watching+0x15/0xb0
[  421.584345][T17347]  ? do_syscall_64+0xbe/0x3b0
[  421.584366][T17347]  do_syscall_64+0xfa/0x3b0
[  421.584381][T17347]  ? lockdep_hardirqs_on+0x9c/0x150
[  421.584398][T17347]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.584414][T17347]  ? clear_bhb_loop+0x60/0xb0
[  421.584444][T17347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.584459][T17347] RIP: 0033:0x7f384198ebe9
[  421.584475][T17347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.584490][T17347] RSP: 002b:00007f3842731038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  421.584508][T17347] RAX: ffffffffffffffda RBX: 00007f3841bc5fa0 RCX: 00007f384198ebe9
[  421.584521][T17347] RDX: 0000000004000084 RSI: 00002000000003c0 RDI: 0000000000000003
[  421.584533][T17347] RBP: 00007f3842731090 R08: 0000000000000000 R09: 0000000000000000
[  421.584544][T17347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  421.584554][T17347] R13: 00007f3841bc6038 R14: 00007f3841bc5fa0 R15: 00007ffe02575ff8
[  421.584584][T17347]  </TASK>
[  421.922217][T17349] netlink: 'syz.2.3472': attribute type 4 has an invalid length.
[  421.998621][T17355] netlink: 'syz.0.3475': attribute type 1 has an invalid length.
[  422.065331][T17358] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3476'.
[  422.098882][T17360] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  422.194088][T17360] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode
[  422.228396][T17360] bond1: (slave vcan1): making interface the new active one
[  422.236758][T17362] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3477'.
[  422.238519][T17360] bond1: (slave vcan1): Enslaving as an active interface with an up link
[  422.260917][T17355] bond1: (slave vcan2): The slave device specified does not support setting the MAC address
[  422.328579][T17355] bond1: (slave vcan2): Enslaving as a backup interface with an up link
[  422.355024][T17366] netlink: 'syz.2.3479': attribute type 1 has an invalid length.
[  422.387399][T17360] 8021q: adding VLAN 0 to HW filter on device bond1
[  422.429219][T17366] 8021q: adding VLAN 0 to HW filter on device bond1
[  422.481839][T17371] 8021q: adding VLAN 0 to HW filter on device bond1
[  422.492339][T17371] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  422.504273][T17374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3481'.
[  422.516473][T17371] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  422.576599][T17379] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3481'.
[  422.585013][T17366] bond1: (slave bridge2): Enslaving as an active interface with a down link
[  422.611675][T17374] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3481'.
[  422.621165][T17374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3481'.
[  422.963694][T17403] FAULT_INJECTION: forcing a failure.
[  422.963694][T17403] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  422.996222][T17403] CPU: 1 UID: 0 PID: 17403 Comm: syz.0.3488 Not tainted syzkaller #0 PREEMPT(full) 
[  422.996249][T17403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  422.996259][T17403] Call Trace:
[  422.996265][T17403]  <TASK>
[  422.996272][T17403]  dump_stack_lvl+0x189/0x250
[  422.996298][T17403]  ? __pfx____ratelimit+0x10/0x10
[  422.996315][T17403]  ? __pfx_dump_stack_lvl+0x10/0x10
[  422.996333][T17403]  ? __pfx__printk+0x10/0x10
[  422.996357][T17403]  ? fs_reclaim_acquire+0x7d/0x100
[  422.996389][T17403]  should_fail_ex+0x414/0x560
[  422.996416][T17403]  prepare_alloc_pages+0x213/0x610
[  422.996442][T17403]  __alloc_frozen_pages_noprof+0x123/0x370
[  422.996462][T17403]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  422.996491][T17403]  ? policy_nodemask+0x27c/0x720
[  422.996520][T17403]  alloc_pages_mpol+0x232/0x4a0
[  422.996548][T17403]  vma_alloc_folio_noprof+0xe4/0x200
[  422.996573][T17403]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  422.996606][T17403]  folio_prealloc+0x30/0x180
[  422.996630][T17403]  do_wp_page+0x1231/0x5800
[  422.996675][T17403]  ? __pfx_do_wp_page+0x10/0x10
[  422.996691][T17403]  ? do_raw_spin_lock+0x121/0x290
[  422.996713][T17403]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  422.996742][T17403]  __handle_mm_fault+0x1033/0x5440
[  422.996777][T17403]  ? __pfx___handle_mm_fault+0x10/0x10
[  422.996809][T17403]  ? follow_page_pte+0xd03/0x13e0
[  422.996841][T17403]  handle_mm_fault+0x40a/0x8e0
[  422.996873][T17403]  __get_user_pages+0x1699/0x2ce0
[  422.996890][T17403]  ? __lock_acquire+0xab9/0xd20
[  422.996945][T17403]  __gup_longterm_locked+0xde9/0x1660
[  422.996977][T17403]  ? sanity_check_pinned_pages+0x1241/0x1300
[  422.996999][T17403]  ? gup_fast_fallback+0x195f/0x2010
[  422.997027][T17403]  gup_fast_fallback+0x1e6a/0x2010
[  422.997069][T17403]  ? __pfx_gup_fast_fallback+0x10/0x10
[  422.997084][T17403]  ? kasan_save_track+0x4f/0x80
[  422.997097][T17403]  ? kasan_save_track+0x3e/0x80
[  422.997110][T17403]  ? __kasan_kmalloc+0x93/0xb0
[  422.997125][T17403]  ? sock_kmalloc+0xd6/0x160
[  422.997140][T17403]  ? af_alg_get_rsgl+0x236/0x810
[  422.997155][T17403]  ? skcipher_recvmsg+0x3c0/0x11c0
[  422.997172][T17403]  ? ____sys_recvmsg+0x1c9/0x460
[  422.997187][T17403]  ? ___sys_recvmsg+0x1b5/0x510
[  422.997201][T17403]  ? __x64_sys_recvmsg+0x198/0x260
[  422.997219][T17403]  ? pin_user_pages_fast+0x4d/0xb0
[  422.997237][T17403]  iov_iter_extract_pages+0x35a/0x5e0
[  422.997259][T17403]  extract_iter_to_sg+0xe46/0x24e0
[  422.997284][T17403]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  422.997308][T17403]  ? rcu_is_watching+0x15/0xb0
[  422.997322][T17403]  ? trace_kmalloc+0x1f/0xd0
[  422.997335][T17403]  ? __kmalloc_noprof+0x29b/0x4f0
[  422.997355][T17403]  ? __asan_memset+0x22/0x50
[  422.997371][T17403]  af_alg_get_rsgl+0x436/0x810
[  422.997401][T17403]  skcipher_recvmsg+0x3c0/0x11c0
[  422.997420][T17403]  ? aa_sk_perm+0x81e/0x950
[  422.997448][T17403]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  422.997466][T17403]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  422.997479][T17403]  ? security_socket_recvmsg+0x7e/0x2e0
[  422.997493][T17403]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  422.997508][T17403]  sock_recvmsg+0x229/0x270
[  422.997529][T17403]  ____sys_recvmsg+0x1c9/0x460
[  422.997552][T17403]  ? __pfx_____sys_recvmsg+0x10/0x10
[  422.997579][T17403]  ? import_iovec+0x74/0xa0
[  422.997597][T17403]  ___sys_recvmsg+0x1b5/0x510
[  422.997616][T17403]  ? __pfx____sys_recvmsg+0x10/0x10
[  422.997651][T17403]  ? __fget_files+0x3a0/0x420
[  422.997673][T17403]  __x64_sys_recvmsg+0x198/0x260
[  422.997690][T17403]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  422.997712][T17403]  ? __pfx_ksys_write+0x10/0x10
[  422.997727][T17403]  ? rcu_is_watching+0x15/0xb0
[  422.997744][T17403]  ? do_syscall_64+0xbe/0x3b0
[  422.997762][T17403]  do_syscall_64+0xfa/0x3b0
[  422.997774][T17403]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.997787][T17403]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.997800][T17403]  ? clear_bhb_loop+0x60/0xb0
[  422.997816][T17403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.997829][T17403] RIP: 0033:0x7f384198ebe9
[  422.997844][T17403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  422.997857][T17403] RSP: 002b:00007f3842731038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  422.997872][T17403] RAX: ffffffffffffffda RBX: 00007f3841bc5fa0 RCX: 00007f384198ebe9
[  422.997882][T17403] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  422.997890][T17403] RBP: 00007f3842731090 R08: 0000000000000000 R09: 0000000000000000
[  422.997898][T17403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  422.997906][T17403] R13: 00007f3841bc6038 R14: 00007f3841bc5fa0 R15: 00007ffe02575ff8
[  422.997929][T17403]  </TASK>
[  423.498505][T17411] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3486'.
[  423.546066][T17413] veth0: entered promiscuous mode
[  423.557289][T17412] veth0: left promiscuous mode
[  423.901098][T17436] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3497'.
[  424.078701][T17444] syzkaller0: entered promiscuous mode
[  424.084207][T17444] syzkaller0: entered allmulticast mode
[  424.129565][T17447] FAULT_INJECTION: forcing a failure.
[  424.129565][T17447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  424.158135][T17447] CPU: 0 UID: 0 PID: 17447 Comm: syz.4.3500 Not tainted syzkaller #0 PREEMPT(full) 
[  424.158161][T17447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  424.158171][T17447] Call Trace:
[  424.158178][T17447]  <TASK>
[  424.158186][T17447]  dump_stack_lvl+0x189/0x250
[  424.158211][T17447]  ? __pfx____ratelimit+0x10/0x10
[  424.158229][T17447]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.158249][T17447]  ? __pfx__printk+0x10/0x10
[  424.158278][T17447]  ? __might_fault+0xb0/0x130
[  424.158311][T17447]  should_fail_ex+0x414/0x560
[  424.158337][T17447]  _copy_from_iter+0x1de/0x1790
[  424.158363][T17447]  ? rcu_is_watching+0x15/0xb0
[  424.158382][T17447]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  424.158405][T17447]  ? __pfx__copy_from_iter+0x10/0x10
[  424.158424][T17447]  ? __build_skb_around+0x257/0x3e0
[  424.158446][T17447]  ? netlink_sendmsg+0x642/0xb30
[  424.158462][T17447]  ? skb_put+0x11b/0x210
[  424.158483][T17447]  netlink_sendmsg+0x6b2/0xb30
[  424.158510][T17447]  ? __pfx_netlink_sendmsg+0x10/0x10
[  424.158531][T17447]  ? aa_sock_msg_perm+0xf1/0x1d0
[  424.158554][T17447]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  424.158572][T17447]  ? __pfx_netlink_sendmsg+0x10/0x10
[  424.158590][T17447]  __sock_sendmsg+0x219/0x270
[  424.158615][T17447]  ____sys_sendmsg+0x505/0x830
[  424.158640][T17447]  ? __pfx_____sys_sendmsg+0x10/0x10
[  424.158669][T17447]  ? import_iovec+0x74/0xa0
[  424.158691][T17447]  ___sys_sendmsg+0x21f/0x2a0
[  424.158713][T17447]  ? __pfx____sys_sendmsg+0x10/0x10
[  424.158770][T17447]  ? __fget_files+0x2a/0x420
[  424.158784][T17447]  ? __fget_files+0x3a0/0x420
[  424.158811][T17447]  __x64_sys_sendmsg+0x19b/0x260
[  424.158832][T17447]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  424.158862][T17447]  ? __pfx_ksys_write+0x10/0x10
[  424.158879][T17447]  ? rcu_is_watching+0x15/0xb0
[  424.158901][T17447]  ? do_syscall_64+0xbe/0x3b0
[  424.158924][T17447]  do_syscall_64+0xfa/0x3b0
[  424.158940][T17447]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.158957][T17447]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.158973][T17447]  ? clear_bhb_loop+0x60/0xb0
[  424.158994][T17447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.159009][T17447] RIP: 0033:0x7fd130f8ebe9
[  424.159025][T17447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.159040][T17447] RSP: 002b:00007fd131eee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  424.159059][T17447] RAX: ffffffffffffffda RBX: 00007fd1311c5fa0 RCX: 00007fd130f8ebe9
[  424.159072][T17447] RDX: 0000000004000084 RSI: 00002000000003c0 RDI: 0000000000000003
[  424.159083][T17447] RBP: 00007fd131eee090 R08: 0000000000000000 R09: 0000000000000000
[  424.159094][T17447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  424.159105][T17447] R13: 00007fd1311c6038 R14: 00007fd1311c5fa0 R15: 00007ffe4d37a4d8
[  424.159135][T17447]  </TASK>
[  426.135006][T17465] __nla_validate_parse: 3 callbacks suppressed
[  426.135024][T17465] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3505'.
[  426.159301][T17465] netlink: 560 bytes leftover after parsing attributes in process `syz.4.3505'.
[  426.273169][T17461] bridge_slave_1: left allmulticast mode
[  426.279427][T17461] bridge_slave_1: left promiscuous mode
[  426.285308][T17461] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.297667][T17461] bridge_slave_0: left allmulticast mode
[  426.303404][T17461] bridge_slave_0: left promiscuous mode
[  426.316812][T17461] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.794701][T17493] sctp: [Deprecated]: syz.1.3512 (pid 17493) Use of int in maxseg socket option.
[  426.794701][T17493] Use struct sctp_assoc_value instead
[  426.884564][T17495] lo speed is unknown, defaulting to 1000
[  426.893010][T17495] lo speed is unknown, defaulting to 1000
[  427.064799][T17507] netlink: 'syz.4.3516': attribute type 1 has an invalid length.
[  427.243267][T17509] syzkaller0: entered promiscuous mode
[  427.249420][T17509] syzkaller0: entered allmulticast mode
[  427.256145][T17512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3519'.
[  427.339389][T17519] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3520'.
[  427.572946][T17531] FAULT_INJECTION: forcing a failure.
[  427.572946][T17531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  427.587081][T17531] CPU: 1 UID: 0 PID: 17531 Comm: syz.2.3525 Not tainted syzkaller #0 PREEMPT(full) 
[  427.587104][T17531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  427.587114][T17531] Call Trace:
[  427.587121][T17531]  <TASK>
[  427.587129][T17531]  dump_stack_lvl+0x189/0x250
[  427.587152][T17531]  ? __pfx____ratelimit+0x10/0x10
[  427.587170][T17531]  ? __pfx_dump_stack_lvl+0x10/0x10
[  427.587186][T17531]  ? __pfx__printk+0x10/0x10
[  427.587217][T17531]  should_fail_ex+0x414/0x560
[  427.587243][T17531]  _copy_to_user+0x31/0xb0
[  427.587264][T17531]  simple_read_from_buffer+0xe1/0x170
[  427.587290][T17531]  proc_fail_nth_read+0x1b3/0x220
[  427.587309][T17531]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  427.587328][T17531]  ? rw_verify_area+0x2a6/0x4d0
[  427.587345][T17531]  ? __lock_acquire+0xab9/0xd20
[  427.587362][T17531]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  427.587381][T17531]  vfs_read+0x1fd/0xa30
[  427.587399][T17531]  ? fdget_pos+0x247/0x320
[  427.587418][T17531]  ? __pfx___mutex_lock+0x10/0x10
[  427.587437][T17531]  ? __pfx_vfs_read+0x10/0x10
[  427.587457][T17531]  ? __fget_files+0x2a/0x420
[  427.587475][T17531]  ? __fget_files+0x3a0/0x420
[  427.587486][T17531]  ? __fget_files+0x2a/0x420
[  427.587510][T17531]  ksys_read+0x145/0x250
[  427.587532][T17531]  ? __pfx_ksys_read+0x10/0x10
[  427.587549][T17531]  ? rcu_is_watching+0x15/0xb0
[  427.587570][T17531]  ? do_syscall_64+0xbe/0x3b0
[  427.587591][T17531]  do_syscall_64+0xfa/0x3b0
[  427.587606][T17531]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.587619][T17531]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.587634][T17531]  ? clear_bhb_loop+0x60/0xb0
[  427.587651][T17531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.587667][T17531] RIP: 0033:0x7f1ac298d5fc
[  427.587683][T17531] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  427.587698][T17531] RSP: 002b:00007f1ac3864030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  427.587717][T17531] RAX: ffffffffffffffda RBX: 00007f1ac2bc5fa0 RCX: 00007f1ac298d5fc
[  427.587729][T17531] RDX: 000000000000000f RSI: 00007f1ac38640a0 RDI: 0000000000000004
[  427.587740][T17531] RBP: 00007f1ac3864090 R08: 0000000000000000 R09: 0000000000000000
[  427.587750][T17531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  427.587759][T17531] R13: 00007f1ac2bc6038 R14: 00007f1ac2bc5fa0 R15: 00007fff2a673f38
[  427.587795][T17531]  </TASK>
[  429.941229][T17574] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3538'.
[  430.768797][T17628] lo speed is unknown, defaulting to 1000
[  430.788993][T17628] lo speed is unknown, defaulting to 1000
[  430.949994][T17640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3559'.
[  430.979415][T17637] lo speed is unknown, defaulting to 1000
[  431.012566][T17637] lo speed is unknown, defaulting to 1000
[  431.398189][T17659] netlink: 'syz.4.3563': attribute type 1 has an invalid length.
[  431.442619][T17659] bond1: entered promiscuous mode
[  431.456168][T17659] bond1: entered allmulticast mode
[  431.461740][T17659] 8021q: adding VLAN 0 to HW filter on device bond1
[  431.509992][T17659] 8021q: adding VLAN 0 to HW filter on device bond2
[  431.543716][T17659] bond2: entered promiscuous mode
[  431.550240][T17659] bond2: entered allmulticast mode
[  431.556753][T17659] bond1: (slave bond2): Enslaving as a backup interface with a down link
[  431.680013][T17671] vlan0: entered promiscuous mode
[  431.734584][T17673] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3568'.
[  431.830948][T10397] IPVS: starting estimator thread 0...
[  431.956442][T17677] IPVS: using max 26 ests per chain, 62400 per kthread
[  431.986606][T17685] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3571'.
[  432.004051][T17685] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3571'.
[  432.120372][T17696] netlink: 'syz.0.3573': attribute type 25 has an invalid length.
[  432.240514][T17702] netlink: 'syz.4.3576': attribute type 3 has an invalid length.
[  432.251147][T17702] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3576'.
[  432.274227][T17704] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3575'.
[  432.331580][T17704] netlink: 'syz.0.3575': attribute type 4 has an invalid length.
[  432.491017][T17711] netlink: 'syz.4.3580': attribute type 11 has an invalid length.
[  432.503712][T17712] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3579'.
[  432.549064][T17712] netlink: 240 bytes leftover after parsing attributes in process `syz.3.3579'.
[  433.147432][T17742] lo speed is unknown, defaulting to 1000
[  433.167409][T17742] lo speed is unknown, defaulting to 1000
[  434.187333][T17761] lo speed is unknown, defaulting to 1000
[  434.271017][T17761] lo speed is unknown, defaulting to 1000
[  434.969941][T17785] netlink: 6032 bytes leftover after parsing attributes in process `syz.4.3599'.
[  434.999250][T17786] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3598'.
[  435.092874][T17791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3598'.
[  435.339957][T17799] netlink: 'syz.1.3603': attribute type 4 has an invalid length.
[  435.354050][T17799] netlink: 'syz.1.3603': attribute type 21 has an invalid length.
[  435.724210][T17825] sctp: [Deprecated]: syz.0.3611 (pid 17825) Use of int in max_burst socket option deprecated.
[  435.724210][T17825] Use struct sctp_assoc_value instead
[  435.743801][T17825] syzkaller0: entered promiscuous mode
[  435.750861][T17825] syzkaller0: entered allmulticast mode
[  435.905084][T17833] lo speed is unknown, defaulting to 1000
[  435.921871][T17833] lo speed is unknown, defaulting to 1000
[  436.297942][T17854] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  436.325808][T17854] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  436.391372][T17858] IPVS: length: 165 != 8
[  436.448822][T17860] tipc: Started in network mode
[  436.454175][T17860] tipc: Node identity bad297d1ace6, cluster identity 4711
[  436.466906][T17860] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  436.474357][T17860] syzkaller0: entered promiscuous mode
[  436.480015][T17860] syzkaller0: entered allmulticast mode
[  436.582216][T17867] tipc: Resetting bearer <eth:syzkaller0>
[  436.609519][T17867] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  436.620525][   T30] audit: type=1804 audit(1756910277.739:5): pid=17869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3626" name="/newroot/94/cgroup.controllers" dev="tmpfs" ino=498 res=1 errno=0
[  436.686451][   T30] audit: type=1800 audit(1756910277.739:6): pid=17869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3626" name="cgroup.controllers" dev="tmpfs" ino=498 res=0 errno=0
[  436.730637][   T30] audit: type=1800 audit(1756910277.769:7): pid=17869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3626" name="cgroup.controllers" dev="tmpfs" ino=498 res=0 errno=0
[  436.773920][T17875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  436.806637][T17874] tipc: Resetting bearer <eth:syzkaller0>
[  436.843215][T17874] tipc: Disabling bearer <eth:syzkaller0>
[  436.900545][T17870] lo speed is unknown, defaulting to 1000
[  436.921870][T17870] lo speed is unknown, defaulting to 1000
[  437.066904][T17885] batman_adv: batadv0: Adding interface: vxlan0
[  437.073366][T17885] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.100836][T17885] batman_adv: batadv0: Interface activated: vxlan0
[  437.108374][T11191] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  437.117437][T11191] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  437.146460][T11191] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  437.176401][T11191] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  437.452120][T17908] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  437.464755][T17908] netlink: 'syz.4.3637': attribute type 13 has an invalid length.
[  437.508545][T17912] __nla_validate_parse: 4 callbacks suppressed
[  437.508565][T17912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3639'.
[  437.561980][T17912] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3639'.
[  437.562317][T17910] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  437.622191][T17918] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3639'.
[  437.635324][T17918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3639'.
[  438.519010][T17957] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3654'.
[  438.572940][T17961] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3654'.
[  438.770791][T17965] syzkaller1: entered allmulticast mode
[  438.779138][T17965] netlink: 'syz.1.3656': attribute type 10 has an invalid length.
[  438.787743][T17965] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3656'.
[  438.835931][T11199] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  438.884732][T11199] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  438.932469][T11199] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  438.997697][T11199] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  439.442658][   T30] audit: type=1800 audit(1756910280.569:8): pid=17981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3661" name="memory.events" dev="tmpfs" ino=554 res=0 errno=0
[  440.138919][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  440.145428][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  440.215886][T18016] netlink: 20824 bytes leftover after parsing attributes in process `syz.0.3671'.
[  440.237744][T18016] netlink: 'syz.0.3671': attribute type 25 has an invalid length.
[  440.790949][T18024] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3673'.
[  440.971214][T18028] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3675'.
[  441.023012][T18030] geneve3: entered allmulticast mode
[  441.520030][T18046] geneve2: entered promiscuous mode
[  441.541853][T11203] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  441.566965][T11203] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  441.608469][T11203] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  441.632092][T11203] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  441.732203][T18060] netlink: 'syz.2.3684': attribute type 25 has an invalid length.
[  442.145474][T18072] bridge_slave_0: entered promiscuous mode
[  442.158729][T18072] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  442.323738][T11191] tipc: Subscription rejected, illegal request
[  443.076200][T18116] block nbd3: server does not support multiple connections per device.
[  443.091575][T18116] block nbd3: shutting down sockets
[  443.158079][T18124] __nla_validate_parse: 3 callbacks suppressed
[  443.158095][T18124] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3704'.
[  443.458391][T18134] lo speed is unknown, defaulting to 1000
[  443.494012][T18134] lo speed is unknown, defaulting to 1000
[  443.699214][T18139] tipc: Started in network mode
[  443.704463][T18139] tipc: Node identity f28e15b2aeb6, cluster identity 4711
[  443.753998][T18139] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  443.782407][T18140] syzkaller0: entered promiscuous mode
[  443.793106][T18140] syzkaller0: entered allmulticast mode
[  443.887174][T18139] tipc: Resetting bearer <eth:syzkaller0>
[  443.930609][T18138] tipc: Resetting bearer <eth:syzkaller0>
[  443.962969][T18138] tipc: Disabling bearer <eth:syzkaller0>
[  444.223198][T18164] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3715'.
[  444.368079][T18165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3717'.
[  444.454265][T18176] netlink: 'syz.3.3719': attribute type 10 has an invalid length.
[  444.543090][T18176] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  444.605199][T18183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3721'.
[  444.685747][T18182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3721'.
[  444.740642][T18182] bridge_slave_1: left allmulticast mode
[  444.742076][T18191] atomic_op ffff888062eaa198 conn xmit_atomic 0000000000000000
[  444.764403][T18182] bridge_slave_1: left promiscuous mode
[  444.780633][T18182] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.812956][T18182] bridge_slave_0: left allmulticast mode
[  444.818966][T18182] bridge_slave_0: left promiscuous mode
[  444.838756][T18182] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.227456][T18218] ip6erspan0: entered allmulticast mode
[  445.279802][T18220] lo speed is unknown, defaulting to 1000
[  445.385376][T18220] lo speed is unknown, defaulting to 1000
[  445.806415][T18236] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3736'.
[  446.003950][T18248] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3739'.
[  446.211890][T18258] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma?
[  446.291668][T18252] lo speed is unknown, defaulting to 1000
[  446.299847][T18252] lo speed is unknown, defaulting to 1000
[  446.323847][T18258] xt_socket: unknown flags 0x50
[  446.337503][T18264] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3744'.
[  446.406855][T18266] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3745'.
[  446.484995][T18266] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3745'.
[  446.586993][T18271] syz_tun: entered allmulticast mode
[  446.665150][T18281] netlink: 'syz.2.3748': attribute type 1 has an invalid length.
[  446.699658][T18282] dvmrp8: entered allmulticast mode
[  446.729112][T18284] netlink: 'syz.4.3750': attribute type 10 has an invalid length.
[  446.960408][T18284] bond0: (slave wlan1): Opening slave failed
[  447.221920][T18305] netlink: 'syz.0.3751': attribute type 25 has an invalid length.
[  447.474818][T18294] lo speed is unknown, defaulting to 1000
[  447.513580][T18269] syz_tun: left allmulticast mode
[  447.586563][T18269] dvmrp8: left allmulticast mode
[  447.872763][T18294] lo speed is unknown, defaulting to 1000
[  448.333460][T18343] __nla_validate_parse: 4 callbacks suppressed
[  448.333477][T18343] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3760'.
[  448.380542][T18341] lo speed is unknown, defaulting to 1000
[  448.397579][T18344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  448.408822][T18341] lo speed is unknown, defaulting to 1000
[  448.653654][T18358] FAULT_INJECTION: forcing a failure.
[  448.653654][T18358] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  448.725339][T18350] lo speed is unknown, defaulting to 1000
[  448.738085][T18358] CPU: 1 UID: 0 PID: 18358 Comm: syz.3.3764 Not tainted syzkaller #0 PREEMPT(full) 
[  448.738111][T18358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  448.738121][T18358] Call Trace:
[  448.738128][T18358]  <TASK>
[  448.738136][T18358]  dump_stack_lvl+0x189/0x250
[  448.738161][T18358]  ? __pfx____ratelimit+0x10/0x10
[  448.738180][T18358]  ? __pfx_dump_stack_lvl+0x10/0x10
[  448.738199][T18358]  ? __pfx__printk+0x10/0x10
[  448.738224][T18358]  ? fs_reclaim_acquire+0x7d/0x100
[  448.738258][T18358]  should_fail_ex+0x414/0x560
[  448.738285][T18358]  prepare_alloc_pages+0x213/0x610
[  448.738310][T18358]  __alloc_frozen_pages_noprof+0x123/0x370
[  448.738333][T18358]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  448.738361][T18358]  ? policy_nodemask+0x27c/0x720
[  448.738390][T18358]  alloc_pages_mpol+0x232/0x4a0
[  448.738418][T18358]  vma_alloc_folio_noprof+0xe4/0x200
[  448.738443][T18358]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  448.738479][T18358]  folio_prealloc+0x30/0x180
[  448.738503][T18358]  do_wp_page+0x1231/0x5800
[  448.738555][T18358]  ? __pfx_do_wp_page+0x10/0x10
[  448.738572][T18358]  ? do_raw_spin_lock+0x121/0x290
[  448.738596][T18358]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  448.738627][T18358]  __handle_mm_fault+0x1033/0x5440
[  448.738666][T18358]  ? __pfx___handle_mm_fault+0x10/0x10
[  448.738702][T18358]  ? follow_page_pte+0xd03/0x13e0
[  448.738734][T18358]  handle_mm_fault+0x40a/0x8e0
[  448.738767][T18358]  __get_user_pages+0x1699/0x2ce0
[  448.738785][T18358]  ? __lock_acquire+0xab9/0xd20
[  448.738845][T18358]  __gup_longterm_locked+0xde9/0x1660
[  448.738880][T18358]  ? sanity_check_pinned_pages+0x1241/0x1300
[  448.738903][T18358]  ? gup_fast_fallback+0x195f/0x2010
[  448.738927][T18358]  gup_fast_fallback+0x1e6a/0x2010
[  448.738983][T18358]  ? __pfx_gup_fast_fallback+0x10/0x10
[  448.739003][T18358]  ? kasan_save_track+0x4f/0x80
[  448.739020][T18358]  ? kasan_save_track+0x3e/0x80
[  448.739037][T18358]  ? __kasan_kmalloc+0x93/0xb0
[  448.739056][T18358]  ? sock_kmalloc+0xd6/0x160
[  448.739084][T18358]  ? af_alg_get_rsgl+0x236/0x810
[  448.739101][T18358]  ? skcipher_recvmsg+0x3c0/0x11c0
[  448.739120][T18358]  ? ____sys_recvmsg+0x1c9/0x460
[  448.739136][T18358]  ? ___sys_recvmsg+0x1b5/0x510
[  448.739152][T18358]  ? __x64_sys_recvmsg+0x198/0x260
[  448.739176][T18358]  ? pin_user_pages_fast+0x4d/0xb0
[  448.739199][T18358]  iov_iter_extract_pages+0x35a/0x5e0
[  448.739228][T18358]  extract_iter_to_sg+0xe46/0x24e0
[  448.739262][T18358]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  448.739292][T18358]  ? rcu_is_watching+0x15/0xb0
[  448.739310][T18358]  ? trace_kmalloc+0x1f/0xd0
[  448.739328][T18358]  ? __kmalloc_noprof+0x29b/0x4f0
[  448.739355][T18358]  ? __asan_memset+0x22/0x50
[  448.739376][T18358]  af_alg_get_rsgl+0x436/0x810
[  448.739417][T18358]  skcipher_recvmsg+0x3c0/0x11c0
[  448.739442][T18358]  ? aa_sk_perm+0x81e/0x950
[  448.739477][T18358]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  448.739502][T18358]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  448.739519][T18358]  ? security_socket_recvmsg+0x7e/0x2e0
[  448.739544][T18358]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  448.739565][T18358]  sock_recvmsg+0x229/0x270
[  448.739592][T18358]  ____sys_recvmsg+0x1c9/0x460
[  448.739622][T18358]  ? __pfx_____sys_recvmsg+0x10/0x10
[  448.739659][T18358]  ? import_iovec+0x74/0xa0
[  448.739682][T18358]  ___sys_recvmsg+0x1b5/0x510
[  448.739708][T18358]  ? __pfx____sys_recvmsg+0x10/0x10
[  448.739756][T18358]  ? __fget_files+0x3a0/0x420
[  448.739784][T18358]  __x64_sys_recvmsg+0x198/0x260
[  448.739807][T18358]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  448.739837][T18358]  ? __pfx_ksys_write+0x10/0x10
[  448.739856][T18358]  ? rcu_is_watching+0x15/0xb0
[  448.739878][T18358]  ? do_syscall_64+0xbe/0x3b0
[  448.739901][T18358]  do_syscall_64+0xfa/0x3b0
[  448.739917][T18358]  ? lockdep_hardirqs_on+0x9c/0x150
[  448.739934][T18358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.739951][T18358]  ? clear_bhb_loop+0x60/0xb0
[  448.739971][T18358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.739988][T18358] RIP: 0033:0x7f4994f8ebe9
[  448.740003][T18358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.740017][T18358] RSP: 002b:00007f49931f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  448.740036][T18358] RAX: ffffffffffffffda RBX: 00007f49951c5fa0 RCX: 00007f4994f8ebe9
[  448.740049][T18358] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  448.740060][T18358] RBP: 00007f49931f6090 R08: 0000000000000000 R09: 0000000000000000
[  448.740070][T18358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  448.740081][T18358] R13: 00007f49951c6038 R14: 00007f49951c5fa0 R15: 00007fffbef36318
[  448.740112][T18358]  </TASK>
[  449.216152][T18350] lo speed is unknown, defaulting to 1000
[  449.413516][T18366] netlink: 'syz.2.3765': attribute type 12 has an invalid length.
[  449.432105][T18366] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.3765'.
[  449.743473][T18391] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3774'.
[  449.905165][T18395] vlan2: entered promiscuous mode
[  449.994473][T18404] FAULT_INJECTION: forcing a failure.
[  449.994473][T18404] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  449.999564][T18395] gretap0: entered promiscuous mode
[  450.025759][T18404] CPU: 0 UID: 0 PID: 18404 Comm: syz.3.3777 Not tainted syzkaller #0 PREEMPT(full) 
[  450.025785][T18404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  450.025795][T18404] Call Trace:
[  450.025802][T18404]  <TASK>
[  450.025810][T18404]  dump_stack_lvl+0x189/0x250
[  450.025835][T18404]  ? __pfx____ratelimit+0x10/0x10
[  450.025853][T18404]  ? __pfx_dump_stack_lvl+0x10/0x10
[  450.025872][T18404]  ? __pfx__printk+0x10/0x10
[  450.025895][T18404]  ? fs_reclaim_acquire+0x7d/0x100
[  450.025928][T18404]  should_fail_ex+0x414/0x560
[  450.025954][T18404]  prepare_alloc_pages+0x213/0x610
[  450.025979][T18404]  __alloc_frozen_pages_noprof+0x123/0x370
[  450.026000][T18404]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  450.026027][T18404]  ? policy_nodemask+0x27c/0x720
[  450.026054][T18404]  alloc_pages_mpol+0x232/0x4a0
[  450.026082][T18404]  vma_alloc_folio_noprof+0xe4/0x200
[  450.026106][T18404]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  450.026140][T18404]  folio_prealloc+0x30/0x180
[  450.026161][T18404]  do_wp_page+0x1231/0x5800
[  450.026200][T18404]  ? __pfx_do_wp_page+0x10/0x10
[  450.026216][T18404]  ? do_raw_spin_lock+0x121/0x290
[  450.026237][T18404]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  450.026264][T18404]  __handle_mm_fault+0x1033/0x5440
[  450.026299][T18404]  ? __pfx___handle_mm_fault+0x10/0x10
[  450.026332][T18404]  ? follow_page_pte+0xd03/0x13e0
[  450.026362][T18404]  handle_mm_fault+0x40a/0x8e0
[  450.026392][T18404]  __get_user_pages+0x1699/0x2ce0
[  450.026408][T18404]  ? __lock_acquire+0xab9/0xd20
[  450.026466][T18404]  __gup_longterm_locked+0xde9/0x1660
[  450.026498][T18404]  ? sanity_check_pinned_pages+0x1241/0x1300
[  450.026521][T18404]  ? gup_fast_fallback+0x195f/0x2010
[  450.026543][T18404]  gup_fast_fallback+0x1e6a/0x2010
[  450.026597][T18404]  ? __pfx_gup_fast_fallback+0x10/0x10
[  450.026616][T18404]  ? kasan_save_track+0x4f/0x80
[  450.026634][T18404]  ? kasan_save_track+0x3e/0x80
[  450.026650][T18404]  ? __kasan_kmalloc+0x93/0xb0
[  450.026669][T18404]  ? sock_kmalloc+0xd6/0x160
[  450.026686][T18404]  ? af_alg_get_rsgl+0x236/0x810
[  450.026703][T18404]  ? skcipher_recvmsg+0x3c0/0x11c0
[  450.026722][T18404]  ? ____sys_recvmsg+0x1c9/0x460
[  450.026738][T18404]  ? ___sys_recvmsg+0x1b5/0x510
[  450.026754][T18404]  ? __x64_sys_recvmsg+0x198/0x260
[  450.026776][T18404]  ? pin_user_pages_fast+0x4d/0xb0
[  450.026797][T18404]  iov_iter_extract_pages+0x35a/0x5e0
[  450.026825][T18404]  extract_iter_to_sg+0xe46/0x24e0
[  450.026859][T18404]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  450.026883][T18404]  ? sock_kmalloc+0xd6/0x160
[  450.026904][T18404]  ? rcu_is_watching+0x15/0xb0
[  450.026922][T18404]  ? trace_kmalloc+0x1f/0xd0
[  450.026940][T18404]  ? __kmalloc_noprof+0x29b/0x4f0
[  450.026968][T18404]  ? __asan_memset+0x22/0x50
[  450.026990][T18404]  af_alg_get_rsgl+0x436/0x810
[  450.027030][T18404]  skcipher_recvmsg+0x3c0/0x11c0
[  450.027055][T18404]  ? aa_sk_perm+0x81e/0x950
[  450.027089][T18404]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  450.027114][T18404]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  450.027130][T18404]  ? security_socket_recvmsg+0x7e/0x2e0
[  450.027149][T18404]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  450.027170][T18404]  sock_recvmsg+0x229/0x270
[  450.027196][T18404]  ____sys_recvmsg+0x1c9/0x460
[  450.027226][T18404]  ? __pfx_____sys_recvmsg+0x10/0x10
[  450.027262][T18404]  ? import_iovec+0x74/0xa0
[  450.027286][T18404]  ___sys_recvmsg+0x1b5/0x510
[  450.027312][T18404]  ? __pfx____sys_recvmsg+0x10/0x10
[  450.027359][T18404]  ? __fget_files+0x3a0/0x420
[  450.027387][T18404]  __x64_sys_recvmsg+0x198/0x260
[  450.027409][T18404]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  450.027446][T18404]  ? __pfx_ksys_write+0x10/0x10
[  450.027463][T18404]  ? rcu_is_watching+0x15/0xb0
[  450.027485][T18404]  ? do_syscall_64+0xbe/0x3b0
[  450.027508][T18404]  do_syscall_64+0xfa/0x3b0
[  450.027523][T18404]  ? lockdep_hardirqs_on+0x9c/0x150
[  450.027540][T18404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.027556][T18404]  ? clear_bhb_loop+0x60/0xb0
[  450.027577][T18404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.027593][T18404] RIP: 0033:0x7f4994f8ebe9
[  450.027610][T18404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.027624][T18404] RSP: 002b:00007f49931f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  450.027642][T18404] RAX: ffffffffffffffda RBX: 00007f49951c5fa0 RCX: 00007f4994f8ebe9
[  450.027655][T18404] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  450.027666][T18404] RBP: 00007f49931f6090 R08: 0000000000000000 R09: 0000000000000000
[  450.027677][T18404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  450.027688][T18404] R13: 00007f49951c6038 R14: 00007f49951c5fa0 R15: 00007fffbef36318
[  450.027719][T18404]  </TASK>
[  450.030240][T18408] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3778'.
[  450.729349][T18417] lo speed is unknown, defaulting to 1000
[  450.780238][T18417] lo speed is unknown, defaulting to 1000
[  450.849871][T18423] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3784'.
[  450.906876][T18423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3784'.
[  450.944960][T18425] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3785'.
[  450.973217][T18431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3786'.
[  450.980558][T18425] tipc: Enabled bearer <eth:vlan0>, priority 18
[  451.029323][T18432] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3786'.
[  451.131804][T18436] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3786'.
[  451.219150][T18438] netlink: zone id is out of range
[  451.227907][T18438] netlink: zone id is out of range
[  451.301738][T18438] netlink: set zone limit has 4 unknown bytes
[  451.490786][T18438] netlink: del zone limit has 4 unknown bytes
[  451.550606][T18435] netlink: 'syz.1.3787': attribute type 1 has an invalid length.
[  451.564530][T18449] FAULT_INJECTION: forcing a failure.
[  451.564530][T18449] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  451.598905][T18449] CPU: 1 UID: 0 PID: 18449 Comm: syz.3.3791 Not tainted syzkaller #0 PREEMPT(full) 
[  451.598930][T18449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  451.598941][T18449] Call Trace:
[  451.598948][T18449]  <TASK>
[  451.598956][T18449]  dump_stack_lvl+0x189/0x250
[  451.598980][T18449]  ? __pfx____ratelimit+0x10/0x10
[  451.598997][T18449]  ? __pfx_dump_stack_lvl+0x10/0x10
[  451.599014][T18449]  ? __pfx__printk+0x10/0x10
[  451.599037][T18449]  ? fs_reclaim_acquire+0x7d/0x100
[  451.599069][T18449]  should_fail_ex+0x414/0x560
[  451.599106][T18449]  prepare_alloc_pages+0x213/0x610
[  451.599131][T18449]  __alloc_frozen_pages_noprof+0x123/0x370
[  451.599151][T18449]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  451.599178][T18449]  ? policy_nodemask+0x27c/0x720
[  451.599205][T18449]  alloc_pages_mpol+0x232/0x4a0
[  451.599231][T18449]  vma_alloc_folio_noprof+0xe4/0x200
[  451.599256][T18449]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  451.599288][T18449]  folio_prealloc+0x30/0x180
[  451.599313][T18449]  do_wp_page+0x1231/0x5800
[  451.599355][T18449]  ? __pfx_do_wp_page+0x10/0x10
[  451.599371][T18449]  ? do_raw_spin_lock+0x121/0x290
[  451.599394][T18449]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  451.599423][T18449]  __handle_mm_fault+0x1033/0x5440
[  451.599460][T18449]  ? __pfx___handle_mm_fault+0x10/0x10
[  451.599494][T18449]  ? follow_page_pte+0xd03/0x13e0
[  451.599524][T18449]  handle_mm_fault+0x40a/0x8e0
[  451.599556][T18449]  __get_user_pages+0x1699/0x2ce0
[  451.599572][T18449]  ? __lock_acquire+0xab9/0xd20
[  451.599628][T18449]  __gup_longterm_locked+0xde9/0x1660
[  451.599662][T18449]  ? sanity_check_pinned_pages+0x1241/0x1300
[  451.599685][T18449]  ? gup_fast_fallback+0x195f/0x2010
[  451.599708][T18449]  gup_fast_fallback+0x1e6a/0x2010
[  451.599760][T18449]  ? __pfx_gup_fast_fallback+0x10/0x10
[  451.599779][T18449]  ? kasan_save_track+0x4f/0x80
[  451.599795][T18449]  ? kasan_save_track+0x3e/0x80
[  451.599811][T18449]  ? __kasan_kmalloc+0x93/0xb0
[  451.599829][T18449]  ? sock_kmalloc+0xd6/0x160
[  451.599848][T18449]  ? af_alg_get_rsgl+0x236/0x810
[  451.599863][T18449]  ? skcipher_recvmsg+0x3c0/0x11c0
[  451.599881][T18449]  ? ____sys_recvmsg+0x1c9/0x460
[  451.599898][T18449]  ? ___sys_recvmsg+0x1b5/0x510
[  451.599914][T18449]  ? __x64_sys_recvmsg+0x198/0x260
[  451.599934][T18449]  ? pin_user_pages_fast+0x4d/0xb0
[  451.599955][T18449]  iov_iter_extract_pages+0x35a/0x5e0
[  451.599984][T18449]  extract_iter_to_sg+0xe46/0x24e0
[  451.600018][T18449]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  451.600048][T18449]  ? rcu_is_watching+0x15/0xb0
[  451.600066][T18449]  ? trace_kmalloc+0x1f/0xd0
[  451.600091][T18449]  ? __kmalloc_noprof+0x29b/0x4f0
[  451.600118][T18449]  ? __asan_memset+0x22/0x50
[  451.600139][T18449]  af_alg_get_rsgl+0x436/0x810
[  451.600180][T18449]  skcipher_recvmsg+0x3c0/0x11c0
[  451.600204][T18449]  ? aa_sk_perm+0x81e/0x950
[  451.600240][T18449]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  451.600264][T18449]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  451.600279][T18449]  ? security_socket_recvmsg+0x7e/0x2e0
[  451.600298][T18449]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  451.600317][T18449]  sock_recvmsg+0x229/0x270
[  451.600344][T18449]  ____sys_recvmsg+0x1c9/0x460
[  451.600373][T18449]  ? __pfx_____sys_recvmsg+0x10/0x10
[  451.600411][T18449]  ? import_iovec+0x74/0xa0
[  451.600433][T18449]  ___sys_recvmsg+0x1b5/0x510
[  451.600459][T18449]  ? __pfx____sys_recvmsg+0x10/0x10
[  451.600506][T18449]  ? __fget_files+0x3a0/0x420
[  451.600533][T18449]  __x64_sys_recvmsg+0x198/0x260
[  451.600555][T18449]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  451.600585][T18449]  ? __pfx_ksys_write+0x10/0x10
[  451.600603][T18449]  ? rcu_is_watching+0x15/0xb0
[  451.600626][T18449]  ? do_syscall_64+0xbe/0x3b0
[  451.600648][T18449]  do_syscall_64+0xfa/0x3b0
[  451.600664][T18449]  ? lockdep_hardirqs_on+0x9c/0x150
[  451.600681][T18449]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.600697][T18449]  ? clear_bhb_loop+0x60/0xb0
[  451.600718][T18449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.600733][T18449] RIP: 0033:0x7f4994f8ebe9
[  451.600749][T18449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.600762][T18449] RSP: 002b:00007f49931f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  451.600780][T18449] RAX: ffffffffffffffda RBX: 00007f49951c5fa0 RCX: 00007f4994f8ebe9
[  451.600792][T18449] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  451.600802][T18449] RBP: 00007f49931f6090 R08: 0000000000000000 R09: 0000000000000000
[  451.600812][T18449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  451.600822][T18449] R13: 00007f49951c6038 R14: 00007f49951c5fa0 R15: 00007fffbef36318
[  451.600850][T18449]  </TASK>
[  452.060340][T18435] netlink: 'syz.1.3787': attribute type 2 has an invalid length.
[  452.068393][T18435] netlink: 'syz.1.3787': attribute type 1 has an invalid length.
[  452.296760][T18457] lo: MTU too low for tipc bearer
[  452.301857][T18457] tipc: Enabling of bearer <ib:lo> rejected, failed to enable media
[  452.326330][T18457] syzkaller0: entered promiscuous mode
[  452.333615][T18457] syzkaller0: entered allmulticast mode
[  452.362823][T18464] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  452.487899][T18471] netlink: 'syz.1.3797': attribute type 10 has an invalid length.
[  452.519323][T18471] wlan1: mtu less than device minimum
[  452.519452][T18474] 
[  452.524921][T18471] Ã: (slave wlan1): Error -22 calling dev_set_mtu
[  452.527041][T18474] ======================================================
[  452.527050][T18474] WARNING: possible circular locking dependency detected
[  452.527066][T18474] syzkaller #0 Not tainted
[  452.527075][T18474] ------------------------------------------------------
[  452.527082][T18474] syz.3.3799/18474 is trying to acquire lock:
[  452.527092][T18474] ffffffff8f68e2d8 (nr_neigh_list_lock){+...}-{3:3}, at: nr_remove_neigh+0x25/0xe0
[  452.527136][T18474] 
[  452.527136][T18474] but task is already holding lock:
[  452.527142][T18474] ffff8880763ec570 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0xcce/0x2570
[  452.540994][T18471] syzkaller0: left promiscuous mode
[  452.547655][T18474] 
[  452.547655][T18474] which lock already depends on the new lock.
[  452.547655][T18474] 
[  452.547665][T18474] 
[  452.547665][T18474] the existing dependency chain (in reverse order) is:
[  452.547671][T18474] 
[  452.547671][T18474] -> #2 (&nr_node->node_lock){+...}-{3:3}:
[  452.547699][T18474]        lock_acquire+0x120/0x360
[  452.547725][T18474]        _raw_spin_lock_bh+0x36/0x50
[  452.552119][T18471] syzkaller0: left allmulticast mode
[  452.559111][T18474]        nr_rt_device_down+0x12a/0x720
[  452.559138][T18474]        nr_device_event+0x137/0x150
[  452.559154][T18474]        notifier_call_chain+0x1b6/0x3e0
[  452.559168][T18474]        netif_close_many+0x29c/0x410
[  452.559188][T18474]        netif_close+0x158/0x210
[  452.559205][T18474]        dev_close+0x10a/0x220
[  452.559218][T18474]        bpq_device_event+0x377/0x6a0
[  452.675696][T18474]        notifier_call_chain+0x1b6/0x3e0
[  452.681410][T18474]        netif_close_many+0x29c/0x410
[  452.686857][T18474]        netif_close+0x158/0x210
[  452.691782][T18474]        dev_close+0x10a/0x220
[  452.696533][T18474]        bond_setup_by_slave+0x5f/0x3f0
[  452.702060][T18474]        bond_enslave+0x6ca/0x3810
[  452.707152][T18474]        bond_do_ioctl+0x635/0x9b0
[  452.712239][T18474]        bond_siocdevprivate+0x17e/0x350
[  452.717849][T18474]        dev_ifsioc+0xb54/0xf00
[  452.722676][T18474]        dev_ioctl+0x84c/0x1150
[  452.727506][T18474]        sock_ioctl+0x719/0x790
[  452.732338][T18474]        __se_sys_ioctl+0xf9/0x170
[  452.737429][T18474]        do_syscall_64+0xfa/0x3b0
[  452.742431][T18474]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.748828][T18474] 
[  452.748828][T18474] -> #1 (nr_node_list_lock){+...}-{3:3}:
[  452.756628][T18474]        lock_acquire+0x120/0x360
[  452.761635][T18474]        _raw_spin_lock_bh+0x36/0x50
[  452.766905][T18474]        nr_rt_device_down+0xa9/0x720
[  452.772261][T18474]        nr_device_event+0x137/0x150
[  452.777528][T18474]        notifier_call_chain+0x1b6/0x3e0
[  452.783138][T18474]        netif_close_many+0x29c/0x410
[  452.788494][T18474]        netif_close+0x158/0x210
[  452.793415][T18474]        dev_close+0x10a/0x220
[  452.798159][T18474]        bpq_device_event+0x377/0x6a0
[  452.803518][T18474]        notifier_call_chain+0x1b6/0x3e0
[  452.809129][T18474]        netif_close_many+0x29c/0x410
[  452.814482][T18474]        netif_close+0x158/0x210
[  452.819400][T18474]        dev_close+0x10a/0x220
[  452.824156][T18474]        bond_setup_by_slave+0x5f/0x3f0
[  452.829705][T18474]        bond_enslave+0x6ca/0x3810
[  452.834813][T18474]        bond_do_ioctl+0x635/0x9b0
[  452.839909][T18474]        bond_siocdevprivate+0x17e/0x350
[  452.845523][T18474]        dev_ifsioc+0xb54/0xf00
[  452.850357][T18474]        dev_ioctl+0x84c/0x1150
[  452.855191][T18474]        sock_ioctl+0x719/0x790
[  452.860028][T18474]        __se_sys_ioctl+0xf9/0x170
[  452.865121][T18474]        do_syscall_64+0xfa/0x3b0
[  452.870128][T18474]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.876526][T18474] 
[  452.876526][T18474] -> #0 (nr_neigh_list_lock){+...}-{3:3}:
[  452.884417][T18474]        validate_chain+0xb9b/0x2140
[  452.889691][T18474]        __lock_acquire+0xab9/0xd20
[  452.894890][T18474]        lock_acquire+0x120/0x360
[  452.899906][T18474]        _raw_spin_lock_bh+0x36/0x50
[  452.905190][T18474]        nr_remove_neigh+0x25/0xe0
[  452.910292][T18474]        nr_add_node+0x1d9f/0x2570
[  452.915394][T18474]        nr_rt_ioctl+0xc12/0xd50
[  452.920403][T18474]        sock_do_ioctl+0xdc/0x300
[  452.925415][T18474]        sock_ioctl+0x576/0x790
[  452.930249][T18474]        __se_sys_ioctl+0xf9/0x170
[  452.935343][T18474]        do_syscall_64+0xfa/0x3b0
[  452.940349][T18474]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.946746][T18474] 
[  452.946746][T18474] other info that might help us debug this:
[  452.946746][T18474] 
[  452.956953][T18474] Chain exists of:
[  452.956953][T18474]   nr_neigh_list_lock --> nr_node_list_lock --> &nr_node->node_lock
[  452.956953][T18474] 
[  452.970760][T18474]  Possible unsafe locking scenario:
[  452.970760][T18474] 
[  452.978189][T18474]        CPU0                    CPU1
[  452.983542][T18474]        ----                    ----
[  452.988891][T18474]   lock(&nr_node->node_lock);
[  452.993638][T18474]                                lock(nr_node_list_lock);
[  453.000730][T18474]                                lock(&nr_node->node_lock);
[  453.007994][T18474]   lock(nr_neigh_list_lock);
[  453.012657][T18474] 
[  453.012657][T18474]  *** DEADLOCK ***
[  453.012657][T18474] 
[  453.020798][T18474] 1 lock held by syz.3.3799/18474:
[  453.025895][T18474]  #0: ffff8880763ec570 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0xcce/0x2570
[  453.035638][T18474] 
[  453.035638][T18474] stack backtrace:
[  453.041516][T18474] CPU: 0 UID: 0 PID: 18474 Comm: syz.3.3799 Not tainted syzkaller #0 PREEMPT(full) 
[  453.041537][T18474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  453.041545][T18474] Call Trace:
[  453.041554][T18474]  <TASK>
[  453.041562][T18474]  dump_stack_lvl+0x189/0x250
[  453.041582][T18474]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.041597][T18474]  ? __pfx__printk+0x10/0x10
[  453.041613][T18474]  ? stack_trace_save+0x9c/0xe0
[  453.041633][T18474]  print_circular_bug+0x2ee/0x310
[  453.041649][T18474]  check_noncircular+0x134/0x160
[  453.041665][T18474]  validate_chain+0xb9b/0x2140
[  453.041679][T18474]  ? kernel_text_address+0xa5/0xe0
[  453.041697][T18474]  ? __kernel_text_address+0xd/0x40
[  453.041713][T18474]  ? unwind_get_return_address+0x4d/0x90
[  453.041728][T18474]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  453.041743][T18474]  ? arch_stack_walk+0xfc/0x150
[  453.041762][T18474]  __lock_acquire+0xab9/0xd20
[  453.041782][T18474]  ? nr_remove_neigh+0x25/0xe0
[  453.041794][T18474]  lock_acquire+0x120/0x360
[  453.041810][T18474]  ? nr_remove_neigh+0x25/0xe0
[  453.041824][T18474]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  453.041839][T18474]  ? do_raw_spin_unlock+0x122/0x240
[  453.041854][T18474]  ? nr_remove_neigh+0x25/0xe0
[  453.041865][T18474]  _raw_spin_lock_bh+0x36/0x50
[  453.041884][T18474]  ? nr_remove_neigh+0x25/0xe0
[  453.041895][T18474]  nr_remove_neigh+0x25/0xe0
[  453.041908][T18474]  nr_add_node+0x1d9f/0x2570
[  453.041928][T18474]  ? nr_call_to_digi+0x126/0x1b0
[  453.041945][T18474]  nr_rt_ioctl+0xc12/0xd50
[  453.041966][T18474]  ? kasan_quarantine_put+0xdd/0x220
[  453.041983][T18474]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  453.042004][T18474]  ? apparmor_capable+0x137/0x1b0
[  453.042023][T18474]  ? capable+0x89/0xe0
[  453.042035][T18474]  ? nr_ioctl+0x1b1/0x3b0
[  453.042051][T18474]  sock_do_ioctl+0xdc/0x300
[  453.042070][T18474]  ? __pfx_sock_do_ioctl+0x10/0x10
[  453.042085][T18474]  ? __lock_acquire+0xab9/0xd20
[  453.042107][T18474]  sock_ioctl+0x576/0x790
[  453.042124][T18474]  ? __pfx_sock_ioctl+0x10/0x10
[  453.042139][T18474]  ? __fget_files+0x2a/0x420
[  453.042151][T18474]  ? __fget_files+0x3a0/0x420
[  453.042162][T18474]  ? __fget_files+0x2a/0x420
[  453.042174][T18474]  ? bpf_lsm_file_ioctl+0x9/0x20
[  453.042190][T18474]  ? __pfx_sock_ioctl+0x10/0x10
[  453.042206][T18474]  __se_sys_ioctl+0xf9/0x170
[  453.042227][T18474]  do_syscall_64+0xfa/0x3b0
[  453.042242][T18474]  ? lockdep_hardirqs_on+0x9c/0x150
[  453.042254][T18474]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.042268][T18474]  ? clear_bhb_loop+0x60/0xb0
[  453.042282][T18474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.042295][T18474] RIP: 0033:0x7f4994f8ebe9
[  453.042308][T18474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.042320][T18474] RSP: 002b:00007f49931f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  453.042336][T18474] RAX: ffffffffffffffda RBX: 00007f49951c5fa0 RCX: 00007f4994f8ebe9
[  453.042347][T18474] RDX: 0000200000000440 RSI: 000000000000890b RDI: 0000000000000009
[  453.042356][T18474] RBP: 00007f4995011e19 R08: 0000000000000000 R09: 0000000000000000
[  453.042365][T18474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  453.042373][T18474] R13: 00007f49951c6038 R14: 00007f49951c5fa0 R15: 00007fffbef36318
[  453.042388][T18474]  </TASK>
[  453.384795][T18479] __nla_validate_parse: 7 callbacks suppressed
[  453.384814][T18479] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3800'.