last executing test programs:

4.436786418s ago: executing program 1 (id=3086):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14, 0x10}}, 0xc0}}, 0x0)

4.415994092s ago: executing program 1 (id=3088):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)={0x114, 0x21, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid}, @generic="0cd49bc47f8feb792262f5b8a9cfb2bf43d28529a07f012cd18fd209d18616f56f55562f1c1d16705e0ffcc7e13e3ff81586773d305785a9af1f47e56426598b0b4ee4885b844efb4fae8d58e5c885977b72104e95a6fbabea4eea4ef0ea75636d754d7bd8d95e15a1", @generic="5bd36f37b0deed566550bfaeee3253dc51bbba0b57facdfb2415db12bcd0d33377c2e409a145c3670afc2d489876ef684b37d17f7ae8120a9ac5d9cb171f69f9c9134d6bbe1d76abe2d9b43290391b0fed30", @typed={0x8, 0x0, 0x0, 0x0, @uid}, @generic="8e754d70e8ba897ee08a798d381817d1bf03f2f9b11441dfd23244be0e3bc7030a2bb08d8d9d16cd6ca90c69724646fcefb2"]}]}, 0x114}], 0x1}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000140)=ANY=[@ANYRES32=0x0, @ANYBLOB="42c18f7e67b0a259dbf9c1c786edd85183d8345f9f6fb9e12ed9"], 0x9)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
r4 = socket(0x10, 0x3, 0x0)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'lo\x00', @multicast})
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000280)={0xfffffffc}, 0x9)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, &(0x7f0000000000)=[{{0x1, 0x0, 0x1}, {0x1, 0x0, 0x1, 0x1}}, {{0x4}, {0x3, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x0, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x4, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}}], 0x30)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r7, &(0x7f0000000000)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r7, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r8, 0x84, 0x10, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x54)
bind$can_raw(r6, &(0x7f0000000100), 0x10)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}}], 0x8)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001200010a000000000000009c4914"], 0x26}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_PRIORITY={0x8}]}, 0x24}}, 0x0)
sendto$inet6(r2, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000200000/0x2000)=nil, 0x2000, 0x0, 0x80010, r0, 0x0)

3.066470257s ago: executing program 1 (id=3110):
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={0x0, 0x70}}, 0x0)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[], 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002240)=@newtfilter={0x24}, 0x24}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0xf00000000000000)

2.937064166s ago: executing program 1 (id=3113):
ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x2, 'wlan1\x00'})
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x75, &(0x7f0000000080)={r2}, &(0x7f0000000100)=0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100766c616e000000000400028014003500766c616e30000000000000000000000010001a"], 0x58}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r4)

2.750443403s ago: executing program 1 (id=3119):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="181100000000000800"/20, @ANYRES32=r1, @ANYBLOB="000000000000000087080000010100007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0xff9, &(0x7f0000002300)=""/4089}, 0x90)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={<r2=>0x0, 0x2}, &(0x7f00000002c0)=0x8)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300), 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0xb, 0x42, 0x40}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000001080), 0x20101, r3}, 0x38)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000240)={r3, &(0x7f0000000100), 0x0}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f00000000c0)={r2, 0x9, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000100), 0x8)
sendmsg$nl_route(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001300010526bd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB], 0x44}}, 0x0)
sendmsg$802154_dgram(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vlan1\x00'})
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000006c0)={'vcan0\x00', <r8=>0x0})
sendto$packet(r7, &(0x7f0000000080)="b0", 0x10, 0x0, &(0x7f0000000100)={0x11, 0xc, r8}, 0x14)
setsockopt$WPAN_WANTLQI(r4, 0x0, 0x3, &(0x7f0000001780)=0x1, 0x4)
recvmmsg(r4, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000000, 0x0)

1.852766488s ago: executing program 0 (id=3131):
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00'})
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x48}}, 0x0)
sendmsg$can_bcm(r0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, 0x0, 0xfef7)
connect$inet6(r1, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xc, 0x0, 0x0, 0x0, 0x10], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x9}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7ff}]}]}]}}]}, 0xac}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x24004800)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x12, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="d032b6e49f54f7585859dee7140ef91800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={<r6=>0xffffffffffffffff, 0x3, 0x6, 0xffffffffffffffaf})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\a\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="17090000000000000000010000000500070000000000080009000000000008000a0000000000060002000000000006001a0000000000"], 0x3c}, 0x1, 0x620b}, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r6, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'batadv_slave_0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040040}, 0x4000)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000340)={0x0, 0x2c, &(0x7f0000000080)={&(0x7f0000000000)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}}, 0x0)
socket$inet_sctp(0x2, 0x0, 0x84)
unshare(0x20000400)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149}, 0x90)

1.661744819s ago: executing program 4 (id=3133):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b40)=@newtclass={0xcb4, 0x28, 0x4, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {0xa, 0xd}, {0xb, 0xc}}, [@TCA_RATE={0x6, 0x5, {0x3f, 0x5}}, @tclass_kind_options=@c_multiq={0xb}, @TCA_RATE={0x6, 0x5, {0x3, 0x80}}, @TCA_RATE={0x6, 0x5, {0xe1, 0x3f}}, @TCA_RATE={0x6, 0x5, {0x7, 0x8}}, @tclass_kind_options=@c_mqprio={0xb}, @tclass_kind_options=@c_htb={{0x8}, {0xc50, 0x2, [@TCA_HTB_CTAB={0x404, 0x3, [0x1f, 0x7fff, 0x8001, 0xde, 0xc361358, 0x100, 0x5, 0xffffffff, 0x100, 0x1, 0x4, 0x0, 0x0, 0x5437f641, 0x0, 0x400, 0xc877, 0x60000000, 0xffffffff, 0x10001, 0x5, 0x8, 0x5, 0x87c, 0x101, 0x3f, 0x0, 0x5, 0x101, 0xaeaf, 0x2, 0x2, 0x0, 0x3, 0xffffffff, 0xc76a, 0x92, 0x8000, 0x8, 0xa6, 0x80000000, 0x89, 0x7ff, 0x81, 0x0, 0x40, 0x5, 0x80, 0x4, 0x4, 0x7f, 0x5, 0x7, 0x5af1e980, 0x2, 0x8000, 0xd867, 0x2, 0x1, 0x1, 0x7, 0x200, 0x649d, 0x0, 0x4995, 0x4, 0x6, 0x8, 0x1, 0x1, 0x1, 0x100, 0x4, 0x9, 0xffffffae, 0x3, 0x7, 0x5, 0xcf, 0x80000001, 0x9, 0x81, 0x9, 0x51d, 0x4, 0x10001, 0xffffffff, 0x3, 0x401, 0x81, 0x5, 0x1, 0xfffffff7, 0x639, 0x8, 0x7ff, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x1ff, 0x8, 0x9, 0x6, 0x6, 0x40, 0x6, 0x400, 0x380000, 0x9, 0x0, 0x8001, 0x8, 0x8, 0x0, 0x7ff, 0x7, 0x9, 0x7, 0x1f, 0x7, 0x1ff, 0x0, 0x0, 0x40, 0x1, 0x0, 0x1, 0x3ff, 0x0, 0x1f, 0x40, 0x1, 0xffff, 0xffff, 0x30, 0x7, 0x9, 0x8, 0x7181, 0xab4, 0x8, 0x836, 0x401, 0x1, 0x101, 0x80000000, 0x0, 0x800, 0x100, 0x0, 0x2, 0x6, 0x2f3, 0x8, 0x1, 0x100, 0x8, 0x4, 0xcd, 0x4, 0x5, 0x2, 0x47c, 0x5, 0x10000, 0xfffffffa, 0x2, 0x101, 0x4, 0x4, 0x7ff, 0x1000, 0x100, 0x1, 0xff, 0x5, 0x4, 0x101, 0x2, 0x3, 0xc406, 0x0, 0x5, 0x5, 0x3ff, 0x6, 0x0, 0xfff, 0x7, 0x3, 0x0, 0x3, 0x8, 0x6, 0xfff, 0x0, 0x0, 0x1000, 0x3, 0x1ca6005e, 0x5, 0x0, 0x2, 0x8001, 0x4, 0xa0, 0x7, 0x9, 0x1000, 0x295d, 0xffffffd2, 0x3ff, 0x9, 0x80000000, 0x5, 0x10001, 0x800, 0x10001, 0x7, 0x80, 0x2, 0x0, 0x7fffffff, 0xfffffffd, 0x7f, 0x8, 0x2, 0x3ff, 0x6, 0x8, 0x27975d2b, 0x80000000, 0x6, 0x6, 0x4, 0x3, 0x94e, 0x100, 0x5, 0x0, 0x6, 0x2, 0x5, 0x80000001, 0x6, 0x1, 0x6, 0x1, 0x1f, 0x1ff, 0x6, 0xfffff82c, 0xedf, 0x7fffffff]}, @TCA_HTB_RTAB={0x404, 0x4, [0x5, 0x80000001, 0x3, 0x110dced3, 0x4, 0x8000, 0x0, 0x0, 0x1000, 0x8, 0x3, 0x100, 0x8, 0x4, 0x9, 0x4, 0x7, 0x100, 0x1, 0x18c, 0x1, 0x0, 0x9, 0x6, 0x4, 0x8, 0x0, 0xb8, 0x0, 0xc25, 0x8, 0x2, 0x2, 0x105, 0x6, 0x4, 0x10001, 0x4, 0x80000001, 0x8, 0xffffffce, 0x3, 0x3, 0x2, 0x10000, 0x3ff, 0xf0f, 0x3, 0x2, 0x1, 0x3, 0xaf, 0x3, 0x700f, 0x8, 0x9, 0x3f, 0x8, 0x3405f2c3, 0x200, 0x75, 0xffffff7f, 0x81, 0x9, 0x5, 0x3, 0xfffffff9, 0x80000001, 0x7, 0x10000, 0x2, 0xff, 0x86d, 0x4, 0x8, 0xa16, 0x9, 0xed0d, 0x3, 0x8, 0x3a, 0x9, 0x4, 0x2, 0x705, 0x0, 0x6, 0x5, 0xffffff80, 0x7, 0xfca, 0xe8f3384, 0x0, 0x8001, 0x1f, 0xffffffc4, 0x4, 0x8, 0x6, 0x7, 0x2, 0x5, 0x1, 0x4, 0x7f, 0x3, 0x6, 0x4, 0x1, 0x40, 0x1000, 0x200, 0xc1d, 0xffffffff, 0x6, 0x758, 0x101, 0x5, 0x4, 0x3, 0x9213, 0x80000000, 0x4, 0x4, 0x7fff, 0x7, 0x9, 0x5, 0x401, 0x6, 0x4, 0x4, 0x5, 0x800, 0x100, 0x401, 0x7fffffff, 0x0, 0x5, 0x1, 0x0, 0x20, 0x6, 0x100, 0x6, 0x5, 0x2, 0x800, 0x1, 0x8, 0x40, 0x79, 0xffffffff, 0x2f53249f, 0x10000, 0xffffffff, 0x80000000, 0xffffff81, 0x3, 0x1, 0x8, 0xffff, 0x3d7, 0x1, 0x3, 0x2, 0x0, 0x4, 0x2, 0x81, 0x3335, 0x2, 0x81, 0xffffff00, 0x5, 0xffff, 0x4, 0x4, 0x2, 0x2c9c, 0x7f, 0x65, 0x1, 0x3, 0x2, 0x0, 0x7fff, 0x1ff, 0x7fffffff, 0x8, 0x80, 0x401, 0x3, 0x5c4, 0xff, 0x6, 0x0, 0x5, 0x4, 0x7, 0x6, 0x4, 0x81, 0x8, 0x10001, 0x2c6, 0x7, 0x10001, 0x8, 0x6, 0xffffd2b0, 0x9, 0x1, 0x7fffffff, 0x1, 0xffff7fff, 0xffffffff, 0xdae6, 0x7fffffff, 0x40, 0x0, 0x8, 0x5, 0x1, 0x7, 0x7, 0x3b, 0x786, 0x6, 0x6, 0x7f, 0x0, 0xfac2, 0x22c000, 0xf2a, 0x8, 0x2, 0x7, 0x2, 0x5, 0x207, 0x8001, 0x8, 0x0, 0x6, 0x10001, 0x4, 0x1, 0x80000001, 0x200, 0x5aaff28c, 0x2, 0x7f, 0x0, 0x57f, 0x3]}, @TCA_HTB_CEIL64={0xc, 0x7, 0x5}, @TCA_HTB_PARMS={0x30, 0x1, {{0x7, 0x0, 0x1, 0x4, 0x1, 0x10000}, {0x3f, 0x0, 0x101, 0x5, 0x9, 0x27b}, 0x1, 0x8, 0x80000001, 0x5b6c, 0x9}}, @TCA_HTB_RTAB={0x404, 0x4, [0x4, 0x0, 0xfffff148, 0x100, 0x7, 0x3, 0x280000, 0x7, 0x7, 0x3, 0x9, 0x8, 0x2, 0x7, 0x5, 0x7, 0x10001, 0x3, 0x10000, 0x1, 0x7, 0x1ff, 0x1, 0x1, 0x0, 0x0, 0x3, 0x80000001, 0x26, 0xfffffffa, 0x766, 0x5, 0x5, 0xf1dd, 0x101, 0xda5b, 0x8, 0x3f, 0x8, 0x3, 0x1000, 0x1, 0x7fffffff, 0x2, 0x2, 0x8, 0x200, 0xffffffff, 0x3c4fd0e4, 0x1, 0x10000, 0x73c5, 0xfffffffe, 0x2, 0xfffffc00, 0x7, 0x8001, 0x7f, 0xd0, 0x3, 0x0, 0xbd, 0x0, 0xff, 0x1, 0x81, 0x3, 0x1, 0x89, 0xfffffffb, 0xffff, 0x7967, 0x9, 0x5, 0x9, 0x1, 0x2, 0x1, 0x1, 0x1, 0x3ff, 0xfff, 0x8, 0x200, 0x2, 0x6, 0x9, 0x8, 0x7fffffff, 0x3, 0x3, 0x40, 0x55e, 0x1, 0x0, 0xfffffffd, 0x20, 0x80000000, 0x44b49834, 0xfffffff7, 0x6, 0x200, 0x8, 0x6, 0x180cbe00, 0x10001, 0x4, 0x10008000, 0xd600, 0x1000, 0xf5b, 0xfffeffff, 0x100, 0xfffffffd, 0x4c, 0x7fff, 0x0, 0xe2, 0x204, 0x0, 0xbc998bc, 0x43, 0x4c38e7fa, 0xb7eb, 0x700, 0x0, 0x58, 0x6, 0x10001, 0x0, 0xa21, 0x3, 0x4, 0x8, 0x0, 0x6, 0x6f235f61, 0x0, 0x7, 0xc684, 0x8ef5, 0x1000, 0x6, 0x2, 0x5, 0x8, 0x3, 0x401, 0x2efe, 0x9, 0x5, 0x5, 0x2, 0x4, 0xeeb3, 0xfffeffff, 0x6, 0x3f, 0x1f, 0xe5e, 0x7, 0x6, 0xfffff801, 0x5, 0x7ff, 0x9, 0x4, 0x1, 0x8001, 0x20, 0x819, 0x80000001, 0x5, 0x44a3, 0x67a, 0x1, 0x4, 0x0, 0x3, 0x1340, 0x80000000, 0x5, 0x0, 0x364, 0x8, 0x9, 0x1f, 0x8000, 0x8, 0xfdd, 0x5, 0xc3, 0x2, 0x6, 0xabe, 0xffff, 0x10001, 0x10000, 0x8, 0x80000001, 0xea, 0x8, 0x1ff, 0x6, 0xe3, 0x9, 0x42ea9b41, 0x1, 0x5, 0x2, 0x5, 0x4e665faa, 0x5, 0x2, 0xffffffff, 0x8, 0x7f, 0x4ca, 0x8, 0x1, 0x5, 0xb10, 0x1, 0xffff, 0x1, 0x8000, 0x4, 0x9, 0x400, 0x5, 0x3, 0x40, 0x3f44, 0x1e4f, 0x200, 0x7f80, 0x0, 0x3, 0x7f, 0x786, 0x7, 0x1, 0xfff, 0xd8, 0x29e, 0x0, 0x81, 0x80000001, 0xfffffff9, 0x2, 0x400, 0x9, 0x88c, 0x4, 0x0, 0x6]}, @TCA_HTB_OFFLOAD={0x4}]}}]}, 0xcb4}, 0x1, 0x0, 0x0, 0x20002000}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007200000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r6, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r7, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r8, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
r9 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r9, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r9, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
r10 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r10, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r10, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
r11 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r11, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
r12 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r12, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r12, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
socket$inet6(0xa, 0x2, 0x0)

1.444158249s ago: executing program 4 (id=3134):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
getsockopt$inet_int(r1, 0x10d, 0xfa, &(0x7f0000000000), &(0x7f0000000080)=0x4)

1.234748699s ago: executing program 2 (id=3136):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000780)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x24, r1, 0x277f826df11ec41b, 0x0, 0xfffffffc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x24}}, 0x0)

1.080314903s ago: executing program 2 (id=3138):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000240)={'wg2\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000ac0)=ANY=[@ANYRESOCT=r4, @ANYRES32, @ANYBLOB="00000000000000002800128008000100687372001c00028008000100", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00', @ANYRES32=r4, @ANYBLOB="0500030000000000c11eb7a0cb2a2a7d292c1d224e3ab0d2328b44aa6adffcbf7d23facd95f7aebbe0ad437824b86b2b57f0363ea615cf87e28441c4dfb82af6702cc2b4c1ad43d09804914d51bcc6529bfda9f6b7c2504b0077f18d2e20cc10"], 0x48}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000640)={'ip6tnl0\x00', &(0x7f00000006c0)={'ip6_vti0\x00', <r5=>0x0, 0x4, 0x0, 0x9, 0x0, 0x0, @private2, @local, 0x40, 0x80, 0x5, 0x1}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000740)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000780)=0x14)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000007c0)={'wg0\x00', <r7=>0x0})
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0})
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x9, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r9, @ANYBLOB="000000000000000010010c80130018800c00058808000000000000000800038030000280050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000088014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f984967500001"], 0x270}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000800)={'vcan0\x00', <r11=>0x0})
r12 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r13=>0x0})
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r13, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000840)={'batadv_slave_0\x00', <r15=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000880)={'wg1\x00', <r16=>0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000940)={'syztnl1\x00', &(0x7f00000008c0)={'syztnl1\x00', <r17=>0x0, 0x29, 0x3f, 0x2, 0xfffffffa, 0x42, @remote, @rand_addr=' \x01\x00', 0x10, 0x7, 0x0, 0x1ff}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000a00)={'ip6gre0\x00', &(0x7f0000000980)={'ip6tnl0\x00', 0x0, 0x2f, 0x1f, 0x81, 0x9, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @loopback, 0x40, 0x1, 0x6, 0x5067}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000a40)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000a80)=0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000c40)={'syztnl1\x00', &(0x7f0000001180)={'gretap0\x00', <r19=>0x0, 0x40, 0x8, 0x2e4416a4, 0xfe, {{0x4d, 0x4, 0x0, 0x5, 0x134, 0x67, 0x0, 0x8, 0x4, 0x0, @rand_addr=0x64010102, @multicast2, {[@ra={0x94, 0x4}, @cipso={0x86, 0x78, 0x1, [{0x6, 0xb, "2f51491c1c558b3482"}, {0x7, 0x10, "37172576b0c63eeb1191929f87a9"}, {0x7, 0x10, "3f66cb1fd22d6d535775c3a5c066"}, {0x0, 0x8, "f6a06ac45807"}, {0x1, 0x10, "09b275d46f6c0db2c791207737d6"}, {0x1, 0x8, "193b8962a393"}, {0x2, 0x11, "0f821045a1968293f4643684f5247f"}, {0x1, 0x4, "04fa"}, {0x7, 0x9, "c81f9e49cc32d5"}, {0x6, 0x9, "a4e48dda36ad02"}]}, @timestamp={0x44, 0x10, 0x4a, 0x0, 0x4, [0x3f, 0xfffffffe, 0x8]}, @ssrr={0x89, 0xf, 0x36, [@remote, @loopback, @multicast2]}, @timestamp={0x44, 0x24, 0xd9, 0x0, 0x9, [0x3f, 0x80000001, 0x767, 0x7e000, 0x7, 0x401, 0x4, 0xd6]}, @ssrr={0x89, 0x1b, 0xa6, [@empty, @empty, @loopback, @multicast2, @dev={0xac, 0x14, 0x14, 0x37}, @empty]}, @timestamp_addr={0x44, 0x1c, 0x92, 0x1, 0x2, [{@remote, 0x10001}, {@initdev={0xac, 0x1e, 0x1, 0x0}}, {@multicast2, 0xffffffff}]}, @timestamp={0x44, 0x18, 0x86, 0x0, 0x9, [0x3, 0x2, 0x708, 0x1f, 0x2b]}, @generic={0x88, 0xd, "c49588a3abd5835aab710f"}, @ra={0x94, 0x4}]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000c80)={0x11, 0x0, <r20=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000cc0)=0x14)
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000f80)={&(0x7f0000001300)=ANY=[@ANYBLOB="80020000", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fcdbdf25090000005000018014000200776731000000000000000000000000001400020065727370616e3000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="1400020076657468305f766c616e00000000000008000100", @ANYRES32=r2, @ANYBLOB="1400018008000100", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="6c000180140002006e72300000000000000000000000000008000300000000000800030002000000080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="14000200766c616e30000000000000000000000008000300020000000800030076764059080003000100000008000300020000004400018008000100", @ANYRES32=0x0, @ANYBLOB="0800030001000000140002006970766c616e310000000000000000001400020076657468305f746f5f7465616d00000008000300010000001400018008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="7000018008000100", @ANYRES32=r11, @ANYBLOB="140002007369743000000000000000000000000008000100", @ANYRES32=r13, @ANYBLOB="08000100", @ANYRES32=r15, @ANYBLOB="08000100", @ANYRES32=r16, @ANYBLOB="1400020070696d3672656731000000000000000008000100", @ANYRES32=r17, @ANYBLOB="08000300030000001400025f310000000030000180080003000000000008000100"/44, @ANYRES8, @ANYRES32=r5, @ANYRES32=0x0, @ANYBLOB="9000018014000200626f6e645f736c6176655f3100000000080003000100000008000100", @ANYRES32=r18, @ANYBLOB="1400020076657468305f746f5f626f6e640000001400020073797a6b616c6c65723000000000000008000300010000001400020062726964676530000000000000000000080003000200000014000200776c616e31000000000000000000000008000100ac95c37befe6f81c542fe53d41a190af015396cc4a24116cff683c98f7693f8a4c8157dda8ff476ad70aabeb280adcc02fbe425e9326749c7766fc312bece463789809617d9da5ae265fe85f62d6f08c32cd8814e0b884c565f92455a8ea6a047363fd8d1129048c09", @ANYRES32=r19, @ANYBLOB="14000180080003000600000008000100", @ANYRES32=r20, @ANYBLOB], 0x280}}, 0x840)
bind$inet(r0, &(0x7f0000000680)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040)=0x5, 0x4)
sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r0, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x0, 0x0, 0x0)

1.066021531s ago: executing program 0 (id=3139):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
unshare(0x20000400)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x0, 0xfffffffd}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x2c}, 0x20)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='pids.current\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ffffffffffff60000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000001000010009081000000000000d040000", 0x58}], 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000780)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr, @multicast1, {[@rr={0x7, 0x3, 0x26}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000300)={0x0, r2})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="8c010000", @ANYRES16=r5, @ANYBLOB="100c27bd5c00fedbdf25120000000a00060008021100000100000c004300ffff0000010000000600ab00ef80000006001000640200001000118004000200040003000400040044008100050001000800000005000100090000000500010068000000050002001800000005000100090000000500010004000000050001009000000005000200bb000000fb00ac000d8b808dd34490143e93b0ea71fde698a0be66a1b785ef8232b80ed7b8e2c4917d0c62b41eb5b12f0034d364dad65ccaa2532616bd8fce2b9dae7c0b115c0075ca72d9d5d96ad8ce4f25d6c32d29235a23a60d36aca041523aff7785605a79835acb86af584a6828ab942f4bc92ba87a725a679639f455e47eefcd05459804f82e87da5e877c3bcdc26be16c21c9605f159542e5e4cc972825fd4e6babd25796ce30814ec515d2c6963efe1c950d1389a0aa84f30ef2eca9ad231960706fd4657e12ceacc6d64a473329a1271f8fe6c6e81b41a7a7cc6864f553bc1fa51b5abded1f13726dddcf0b1076f661c04e6b1d35c796fdae378d00"], 0x18c}, 0x1, 0x0, 0x0, 0x80}, 0x4004082)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x14, 0x9, 0x1, 0x0, [{@multicast2}, {@dev}]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x4, 0x300, 0x5}, 0x48)
accept$ax25(r1, &(0x7f0000000380)={{0x3, @rose}, [@remote, @bcast, @remote, @rose, @rose, @bcast, @netrom, @bcast]}, &(0x7f0000000400)=0x48)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x34, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}]}, 0xffffff1b}}, 0x0)
r8 = socket(0x11, 0xa, 0x0)
bind$alg(r8, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @mcast2={0xff, 0x5}, 0x0, 0x8}})

960.320591ms ago: executing program 3 (id=3140):
r0 = socket(0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r0, &(0x7f0000002100)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000300)="d6", 0x33fe0}], 0x1}}], 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000020240), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r2, 0x0)
recvmmsg(r0, &(0x7f0000006000)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)=""/56, 0x22fe0}], 0x1}}, {{0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000000b40)=""/4096, 0x1000}], 0x1}}], 0x2, 0x0, 0x0)

768.127779ms ago: executing program 3 (id=3141):
socket$kcm(0x10, 0x2, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @local, 0x1}], 0x1c)
socket$inet6(0xa, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0xa, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x24, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x17\x00'}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r1}]}, 0x24}}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f00000000c0), r0) (async)
syz_genetlink_get_family_id$fou(&(0x7f00000000c0), r0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
unshare(0x20000400)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$llc(r2, &(0x7f00000003c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x40, @broadcast}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x90) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r3}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r3}, 0x10)
r4 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0) (async)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) (async)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r5, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newtaction={0x18, 0x30, 0xcac229faa96ee7df, 0x3, 0xffffffff, {}, [{0x4}]}, 0x18}, 0x1, 0x500}, 0x0)
connect$unix(r4, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$unix(0x1, 0x1, 0x0)
close(r5)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x2, 0x0}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x49}}]}, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r8, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="7638300c000000000000e9000000", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)

764.538897ms ago: executing program 0 (id=3142):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000140), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000300000008000b00", @ANYRES32=0x0, @ANYBLOB="050002000a00000014000700fe880000800000000000000000000001060001004e"], 0x40}}, 0x0)

694.629762ms ago: executing program 2 (id=3143):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r2, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16, @ANYRES32=r3], 0x44}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f00000001c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$unix(r6, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r5, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000c00)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
close(r7)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000500)=ANY=[@ANYBLOB="7a0af8ff75257000bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc44bc25fb591cf77b9dfb379a3f611dbc2a364916f098dab10b1a297cf528666d1ddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e9e54687d3c56d7bedb6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0b6dd7356aa79d5fabb5c0d0da6d719d7e0efb2bb713d18242cd5df6ca53307a4cdd9030a46c190e317c8de5e5c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b20"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2e}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

604.86923ms ago: executing program 0 (id=3144):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f00000001c0)={0x2, 0x0, @loopback, 0x1000000}, 0x10)
socket$inet6_sctp(0xa, 0x0, 0x84)
socket$kcm(0x10, 0x0, 0x10)

589.024696ms ago: executing program 2 (id=3145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5, 0x2}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}, 0x50)

584.782738ms ago: executing program 3 (id=3146):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000f00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)=r2}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

484.778988ms ago: executing program 4 (id=3147):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x14}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000340)={0x0, 0xc00e, &(0x7f00000002c0)={&(0x7f00000009c0)={0x2c, 0xd, 0xa, 0xe01, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}]}, 0x2c}}, 0x0)

479.078564ms ago: executing program 3 (id=3148):
r0 = socket(0xa, 0x3, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @mcast2, 0x5}, {0xa, 0x4e20, 0x0, @mcast1}, 0x2000, {[0x691, 0x1f, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x3]}}, 0x5c)

467.297202ms ago: executing program 2 (id=3149):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000008c0)=ANY=[@ANYBLOB="a40006001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000007c00128009000100776c616e000000006c0002800600010000000000580003800c00010009000000ff0f00000c0001002f0000000f0000000c00f5ff03000000050000000c0001004fffffff109f00000c000100000400000104000c000100a509000000000000060001000300000008000500aa56f4e93d8ed81ea1cc43f44d9a7d4b6e59330e6c", @ANYRES32, @ANYBLOB], 0xa4}, 0x1, 0xba01}, 0x0)

320.165502ms ago: executing program 3 (id=3150):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@delchain={0x64, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xa}}, [@TCA_RATE={0x6}, @filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x24, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x20, 0x0, 0x0, 0x0, {{}, [@TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5}]}}]}]}]}}]}, 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb87"], 0x0}, 0x90)
r2 = socket(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x10)
syz_emit_ethernet(0x9a, &(0x7f00000003c0)={@link_local, @local, @void, {@ipv4={0x800, @dccp={{0xd, 0x4, 0x0, 0x1, 0x8c, 0x68, 0x0, 0x40, 0x21, 0x0, @loopback, @rand_addr=0x64010102, {[@generic={0x86, 0xc, "1699afae47909fab4465"}, @lsrr={0x83, 0x7, 0xb2, [@local]}, @ssrr={0x89, 0xb, 0xc3, [@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100]}]}}, {{0x4e20, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x4, 0x3, "f8ea19", 0x3, "8dbf5e"}, "a1e5fd799cf9a5b2cac16b4c8e65756ac792c96dc714de22ce906d06f77cff885811fbc5c29da9fedb8d59b4a648dff71414e1b3e8bb5429c01190b01811347e511464e3a790df68"}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f0000000140))
r4 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r2)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r4, 0x200, 0x70bd29, 0x25dfdbff, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44840}, 0x40040b0)
sendto$inet(r3, 0x0, 0x0, 0x1, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x1c, 0x2, 0x1, 0x301, 0x0, 0x0, {}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x8000000}, 0x40044)

319.838081ms ago: executing program 4 (id=3151):
r0 = socket(0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r0, &(0x7f0000002100)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000300)="d6", 0x33fe0}], 0x1}}], 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000020240), 0x10010)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r2, 0x0)
recvmmsg(r0, &(0x7f0000006000)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)=""/56, 0x22fe0}], 0x1}}, {{0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000000b40)=""/4096, 0x1000}], 0x1}}], 0x2, 0x0, 0x0)

319.590948ms ago: executing program 0 (id=3152):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
unshare(0x20000400)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x0, 0xfffffffd}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x2c}, 0x20)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='pids.current\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0258ffffffffffff60000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd0000001000010009081000000000000d040000", 0x58}], 0x1)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000780)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr, @multicast1, {[@rr={0x7, 0x3, 0x26}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000300)={0x0, r2})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="8c010000", @ANYRES16=r5, @ANYBLOB="100c27bd5c00fedbdf25120000000a00060008021100000100000c004300ffff0000010000000600ab00ef80000006001000640200001000118004000200040003000400040044008100050001000800000005000100090000000500010068000000050002001800000005000100090000000500010004000000050001009000000005000200bb000000fb00ac000d8b808dd34490143e93b0ea71fde698a0be66a1b785ef8232b80ed7b8e2c4917d0c62b41eb5b12f0034d364dad65ccaa2532616bd8fce2b9dae7c0b115c0075ca72d9d5d96ad8ce4f25d6c32d29235a23a60d36aca041523aff7785605a79835acb86af584a6828ab942f4bc92ba87a725a679639f455e47eefcd05459804f82e87da5e877c3bcdc26be16c21c9605f159542e5e4cc972825fd4e6babd25796ce30814ec515d2c6963efe1c950d1389a0aa84f30ef2eca9ad231960706fd4657e12ceacc6d64a473329a1271f8fe6c6e81b41a7a7cc6864f553bc1fa51b5abded1f13726dddcf0b1076f661c04e6b1d35c796fdae378d00"], 0x18c}, 0x1, 0x0, 0x0, 0x80}, 0x4004082)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x14, 0x9, 0x1, 0x0, [{@multicast2}, {@dev}]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x4, 0x300, 0x5}, 0x48)
accept$ax25(r1, &(0x7f0000000380)={{0x3, @rose}, [@remote, @bcast, @remote, @rose, @rose, @bcast, @netrom, @bcast]}, &(0x7f0000000400)=0x48)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x34, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}]}, 0xffffff1b}}, 0x0)
r8 = socket(0x11, 0xa, 0x0)
bind$alg(r8, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @mcast2={0xff, 0x5}, 0x0, 0x8}})

319.36322ms ago: executing program 2 (id=3153):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
socket$inet_dccp(0x2, 0x6, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000020301010000000000000000000010000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000020303005aced4c314a392ec0000ffff0800010001"], 0x1c}}, 0x0)
close(r2)
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmmsg$inet(r3, &(0x7f0000000540)=[{{0x0, 0x7ffff000, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}], 0x5}}, {{0x0, 0x0, &(0x7f0000000440), 0x56}}], 0x2, 0x2004000)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2c00000011000100000000000000000007000000", @ANYRES32=r6, @ANYBLOB="00000000000000000c001a8008000480047e4a77ea2f2ac0456e5ed37548aa00028025d63a1960a26dbb0ccc5a0ff45d9424ab3201eba4a6b0d96deed1c36d605cdb46d5f5c85a6b2ac17cdf1cee9868f36800c2df54925e51ae6fea3e78deb66fc59ae0974b4d1b0647b485db2ad3742686b29ae581b745689bce784ab9accff6592bbd0d6c6936d684b52c7b84b6561eec0228f1901e3940d3a9204899f2f9963a4667e3dcd25e0d6fbcce8f7d9be8951cc173fb7341559737a52f0fe3a42b2fd56858fae9751895c60e2069b2e07fdd4d52b2c6f3d3b2ea6c59d4f1294d4d7d6b97f16508ef17bd6b989e267ea92cda6193bfa21011e1"], 0x2c}}, 0x0)
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
r8 = socket$inet6_dccp(0xa, 0x6, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x0, 0x3, 0x1, 0x0, 0x30}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x0, @local}], 0x10)
r9 = socket$inet(0x2, 0x80001, 0x84)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = getuid()
sendmsg$nl_generic(r10, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x160, 0x40, 0x200, 0x70bd2d, 0x25dfdbfd, {0x1e}, [@nested={0x133, 0x27, 0x0, 0x1, [@generic="adb53ca15e9b880d9fbe639b3faad680c4c9a4ac9b9b50f65dd03eea25eb1952fb5eae3bd33f00b9948920e0cc424946a089d99785942a85d27d0ac9", @generic="63278f7db23301d086837c8047b8ed7abb6cc7e450b7d02f839d70392194cdc23c9ea24ca2954a315b0f81dafafdb53151e0c75d7a899bcd4d0f99c9e446fb898de3e6ebee8bb8b51115c21e70688c07c2a534af8a067d84e807bc6268305968faaf983033032616ec87287e", @typed={0x8, 0xc0, 0x0, 0x0, @uid=r11}, @generic="4f07aaa679ff91c21866f7033065a68dac3d111bad5c9a18bc6e3c0b3d7dc4bf4d5925b7b65f14844d01d70d7e3978bf095e167aa7cb84f013dec698f884e0330434b7eb52ab25cfd5169335e6d2fcf3a687d5f2acea3607ff916021ac193ed3fe0923f78c6e9c22b38396247cb4ff", @typed={0x4, 0x73}, @typed={0x8, 0x13a, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x28}}, @generic="fa57ad13"]}, @nested={0x4, 0x67}, @typed={0x14, 0x7a, 0x0, 0x0, @ipv6=@local}]}, 0x160}, 0x1, 0x0, 0x0, 0x48004}, 0x10080)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@rand_addr=' \x01\x00', @in6=@mcast1, 0x4e24, 0x0, 0x4e20, 0x0, 0x2, 0x20, 0x0, 0x33, r6, r11}, {0x3, 0x0, 0x4, 0x5, 0x9, 0x8, 0xffffffff, 0x1}, {0x80, 0x9, 0x2, 0x8}, 0x0, 0x6e6bb2, 0x1, 0x0, 0x2, 0x3}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d3, 0x32}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x81, 0x7, 0x55}}, 0xe8)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

216.392169ms ago: executing program 4 (id=3154):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, &(0x7f0000000d00)) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8) (async)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) (async)
listen(r4, 0x0) (async)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random}]]}, 0x24}}, 0x0)

185.618037ms ago: executing program 0 (id=3155):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77)
r2 = accept$alg(r1, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f0000001d00)={0x0, 0x0, 0x0}, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r2, 0xc0046686, &(0x7f0000000b80)={0x0, 0x136, "4c0facf9d19ba0f12d1cdef0592c37b927ea4aff1e20a35b78421070a0cdf1a77b1d93a2ce7f1f8d21c4f5db4dd0c52e99101708001770aaefd2f49303f41384d76ae42906cebb3093848c95e9a6bca0ccf590e23b4e90adb19a1bc1b6f289bcd67c962f9fed5cff345753d687c140c39cc52d7ace493a81367c26fe4e59319aa9b8772b39127873e772e696bdcfdfcaf2459d289046f5107a76c17564f396c52bc644dbfd1fca66f1100857ff047cf9249b71c2688127aef203d188ccbea6d37cf61d456ef96aac315b94dd1c79d61b6384f33f06d82b98540f705c7e98beb1461af04b51433837f865517c158000a962eff7575e026a8df814aeede9cf8bd0d2d7ece41e982c14fcd8940cceb738c66b3e71c7f30b55c16ff9f5017f665f82be40b772b78462f0fe0fcc946f61fb93817bcebda10f"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x402, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r3, &(0x7f0000000080)="ce", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r3, 0x84, 0x1c, 0x0, &(0x7f0000007240))
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740), 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001040)={{}, 0x0, 0x0}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000240), 0x8)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, 0x0, 0x0)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r5, 0x1, 0x8000000}, 0x1c}}, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, 0x0, 0x40800)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

48.822137ms ago: executing program 4 (id=3156):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x40}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x40}}, 0x0) (async)
socket$inet6_sctp(0xa, 0x0, 0x84) (async)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000000), &(0x7f00000000c0)=0x4) (async)

20.938631ms ago: executing program 3 (id=3157):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x80080400)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
getsockopt$inet_int(r1, 0x10d, 0xfa, &(0x7f0000000000), &(0x7f0000000080)=0x4)

0s ago: executing program 1 (id=3158):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r2 = accept$alg(r1, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x74, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x54, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x44, 0x2, 0x0, 0x1, [@IFLA_GRE_FLOWINFO={0x8, 0xc, 0x8cc}, @IFLA_GRE_IKEY={0x8, 0x4, 0x400}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x9}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x3}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x8}, @IFLA_GRE_ENCAP_TYPE={0x6}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x1000}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e20}]}}}]}, 0x74}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000080), 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f00000002c0)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x33, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6}]}, {0x4, 0x6, "7e10368d7bfbc355745f3e74e34fda51878a5458b03e3a1eb4dddf0a8470f9cdfdd294092d8776d7b8dfe3e14f47c0825bd1ead48d8a20846f12ceca4370e9c75472fdda51fcf0f2abbb4667d538fc97c30b878b5c251bf38f"}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)

kernel console output (not intermixed with test programs):

T9526] bridge1: entered allmulticast mode
[  147.377648][ T9526] bridge0: port 1(team0) entered blocking state
[  147.383994][ T9526] bridge0: port 1(team0) entered forwarding state
[  147.396046][ T9525] netlink: 'syz.2.1509': attribute type 21 has an invalid length.
[  147.403986][ T9525] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1509'.
[  147.656409][ T9546] FAULT_INJECTION: forcing a failure.
[  147.656409][ T9546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.684462][ T9546] CPU: 1 PID: 9546 Comm: syz.0.1518 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  147.694578][ T9546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  147.704653][ T9546] Call Trace:
[  147.707926][ T9546]  <TASK>
[  147.710853][ T9546]  dump_stack_lvl+0x241/0x360
[  147.715552][ T9546]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.720774][ T9546]  ? __pfx__printk+0x10/0x10
[  147.725382][ T9546]  ? snprintf+0xda/0x120
[  147.729617][ T9546]  should_fail_ex+0x3b0/0x4e0
[  147.734298][ T9546]  _copy_to_user+0x2f/0xb0
[  147.738729][ T9546]  simple_read_from_buffer+0xca/0x150
[  147.744307][ T9546]  proc_fail_nth_read+0x1e9/0x250
[  147.749420][ T9546]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  147.754978][ T9546]  ? rw_verify_area+0x514/0x6b0
[  147.759843][ T9546]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  147.765394][ T9546]  vfs_read+0x204/0xbd0
[  147.769539][ T9546]  ? __pfx_lock_release+0x10/0x10
[  147.774569][ T9546]  ? __pfx_vfs_read+0x10/0x10
[  147.779690][ T9546]  ? __fget_files+0x29/0x470
[  147.784281][ T9546]  ? __fget_files+0x3f6/0x470
[  147.788971][ T9546]  ksys_read+0x1a0/0x2c0
[  147.793236][ T9546]  ? __pfx_ksys_read+0x10/0x10
[  147.798019][ T9546]  ? do_syscall_64+0x100/0x230
[  147.802799][ T9546]  ? do_syscall_64+0xb6/0x230
[  147.807481][ T9546]  do_syscall_64+0xf3/0x230
[  147.811982][ T9546]  ? clear_bhb_loop+0x35/0x90
[  147.816653][ T9546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.822546][ T9546] RIP: 0033:0x7f69057746bc
[  147.826959][ T9546] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  147.846568][ T9546] RSP: 002b:00007f69065e0040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  147.854986][ T9546] RAX: ffffffffffffffda RBX: 00007f6905903f60 RCX: 00007f69057746bc
[  147.862949][ T9546] RDX: 000000000000000f RSI: 00007f69065e00b0 RDI: 0000000000000009
[  147.870911][ T9546] RBP: 00007f69065e00a0 R08: 0000000000000000 R09: 0000000000000000
[  147.878874][ T9546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.886836][ T9546] R13: 000000000000000b R14: 00007f6905903f60 R15: 00007ffe56fbc4b8
[  147.894811][ T9546]  </TASK>
[  147.917195][ T9555] FAULT_INJECTION: forcing a failure.
[  147.917195][ T9555] name failslab, interval 1, probability 0, space 0, times 0
[  147.931356][ T9555] CPU: 0 PID: 9555 Comm: syz.2.1521 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  147.941461][ T9555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  147.951544][ T9555] Call Trace:
[  147.954852][ T9555]  <TASK>
[  147.957807][ T9555]  dump_stack_lvl+0x241/0x360
[  147.962524][ T9555]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.967749][ T9555]  ? __pfx__printk+0x10/0x10
[  147.972352][ T9555]  should_fail_ex+0x3b0/0x4e0
[  147.977029][ T9555]  ? __alloc_skb+0x1c3/0x440
[  147.981620][ T9555]  should_failslab+0x9/0x20
[  147.986140][ T9555]  kmem_cache_alloc_node_noprof+0x71/0x320
[  147.991971][ T9555]  __alloc_skb+0x1c3/0x440
[  147.996382][ T9555]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  148.002718][ T9555]  ? __pfx___alloc_skb+0x10/0x10
[  148.007682][ T9555]  ? __pfx_lockdep_hardirqs_on+0x10/0x10
[  148.013353][ T9555]  inet_netconf_notify_devconf+0x15a/0x220
[  148.019200][ T9555]  inetdev_event+0x839/0x15c0
[  148.023925][ T9555]  ? __pfx_inetdev_event+0x10/0x10
[  148.029164][ T9555]  ? cfg802154_netdev_notifier_call+0xde/0x8f0
[  148.035362][ T9555]  notifier_call_chain+0x19f/0x3e0
[  148.040508][ T9555]  unregister_netdevice_many_notify+0xd75/0x16b0
[  148.046857][ T9555]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  148.053641][ T9555]  ? __mutex_lock+0x9a5/0xd70
[  148.058321][ T9555]  ? __mutex_lock+0x527/0xd70
[  148.062998][ T9555]  unregister_netdevice_queue+0x303/0x370
[  148.068719][ T9555]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  148.074967][ T9555]  ? do_raw_spin_lock+0x14f/0x370
[  148.079993][ T9555]  ppp_release+0xf0/0x1f0
[  148.084321][ T9555]  ? __pfx_ppp_release+0x10/0x10
[  148.089266][ T9555]  __fput+0x406/0x8b0
[  148.093253][ T9555]  __x64_sys_close+0x7f/0x110
[  148.097923][ T9555]  do_syscall_64+0xf3/0x230
[  148.102514][ T9555]  ? clear_bhb_loop+0x35/0x90
[  148.107188][ T9555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.113089][ T9555] RIP: 0033:0x7fcacc175bd9
[  148.117505][ T9555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.137109][ T9555] RSP: 002b:00007fcaccfc4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  148.145605][ T9555] RAX: ffffffffffffffda RBX: 00007fcacc303f60 RCX: 00007fcacc175bd9
[  148.153576][ T9555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  148.161536][ T9555] RBP: 00007fcaccfc40a0 R08: 0000000000000000 R09: 0000000000000000
[  148.169519][ T9555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.177482][ T9555] R13: 000000000000000b R14: 00007fcacc303f60 R15: 00007fffdb6e8878
[  148.185462][ T9555]  </TASK>
[  148.540083][ T9574] syzkaller0: entered promiscuous mode
[  148.548655][ T9574] syzkaller0: entered allmulticast mode
[  149.004963][ T9600] netlink: 'syz.0.1538': attribute type 9 has an invalid length.
[  149.013146][ T9600] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1538'.
[  149.206478][   T63] net_ratelimit: 56 callbacks suppressed
[  149.206506][   T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.221062][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.285680][ T5140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.837054][ T6012] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  149.845799][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.330491][ T5140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.576451][ T9607] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.610064][ T9607] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.615798][ T9620] veth0_to_hsr: entered promiscuous mode
[  150.641506][ T9607] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.643532][ T9618] veth0_to_hsr: left promiscuous mode
[  150.684546][ T9607] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  150.821124][ T9631] batadv_slave_1: entered promiscuous mode
[  150.845955][ T9631] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1549'.
[  151.375445][ T9674] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1564'.
[  151.461401][ T9680] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1567'.
[  151.564777][ T9685] netem: incorrect ge model size
[  151.569976][ T9685] netem: change failed
[  151.592405][ T9687] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1569'.
[  151.636943][ T9624] batadv_slave_1: left promiscuous mode
[  151.797320][ T9701] netlink: 'syz.1.1575': attribute type 8 has an invalid length.
[  151.826013][ T9704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1576'.
[  151.901719][ T9706] FAULT_INJECTION: forcing a failure.
[  151.901719][ T9706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.926136][ T9706] CPU: 1 PID: 9706 Comm: syz.3.1577 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  151.936345][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  151.946430][ T9706] Call Trace:
[  151.949735][ T9706]  <TASK>
[  151.952680][ T9706]  dump_stack_lvl+0x241/0x360
[  151.957391][ T9706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.962630][ T9706]  ? __pfx__printk+0x10/0x10
[  151.967251][ T9706]  ? __pfx_lock_release+0x10/0x10
[  151.972303][ T9706]  should_fail_ex+0x3b0/0x4e0
[  151.977016][ T9706]  _copy_from_user+0x2f/0xe0
[  151.981636][ T9706]  copy_msghdr_from_user+0xae/0x680
[  151.986869][ T9706]  ? __pfx___might_resched+0x10/0x10
[  151.992186][ T9706]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  151.998030][ T9706]  ? __might_fault+0xaa/0x120
[  152.002747][ T9706]  do_recvmmsg+0x40f/0xae0
[  152.007202][ T9706]  ? __pfx_lock_release+0x10/0x10
[  152.012252][ T9706]  ? __pfx_do_recvmmsg+0x10/0x10
[  152.017236][ T9706]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  152.023155][ T9706]  ? ksys_write+0x23e/0x2c0
[  152.027677][ T9706]  ? __pfx_lock_release+0x10/0x10
[  152.032731][ T9706]  ? vfs_write+0x7c4/0xc90
[  152.037187][ T9706]  ? __mutex_unlock_slowpath+0x21d/0x750
[  152.042850][ T9706]  ? __fget_files+0x3f6/0x470
[  152.047554][ T9706]  __x64_sys_recvmmsg+0x199/0x250
[  152.052595][ T9706]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  152.058151][ T9706]  ? do_syscall_64+0x100/0x230
[  152.062938][ T9706]  ? do_syscall_64+0xb6/0x230
[  152.067627][ T9706]  do_syscall_64+0xf3/0x230
[  152.072146][ T9706]  ? clear_bhb_loop+0x35/0x90
[  152.076848][ T9706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.082747][ T9706] RIP: 0033:0x7f7065775bd9
[  152.087165][ T9706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.106792][ T9706] RSP: 002b:00007f70665e3048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  152.115229][ T9706] RAX: ffffffffffffffda RBX: 00007f7065903f60 RCX: 00007f7065775bd9
[  152.123214][ T9706] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000003
[  152.131181][ T9706] RBP: 00007f70665e30a0 R08: 0000000000000000 R09: 0000000000000000
[  152.139158][ T9706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  152.147152][ T9706] R13: 000000000000000b R14: 00007f7065903f60 R15: 00007ffd5c806a08
[  152.155166][ T9706]  </TASK>
[  152.462159][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1588'.
[  152.621839][ T9745] syzkaller1: entered promiscuous mode
[  152.633616][ T9745] syzkaller1: entered allmulticast mode
[  153.487132][ T9796] netlink: 'syz.3.1607': attribute type 3 has an invalid length.
[  153.508736][ T9796] netlink: 'syz.3.1607': attribute type 4 has an invalid length.
[  153.526194][ T9796] netlink: 'syz.3.1607': attribute type 7 has an invalid length.
[  153.540543][ T9796] netlink: 'syz.3.1607': attribute type 8 has an invalid length.
[  153.550837][ T9796] netlink: 'syz.3.1607': attribute type 7 has an invalid length.
[  153.566137][ T9796] netlink: 198200 bytes leftover after parsing attributes in process `syz.3.1607'.
[  153.725517][ T9815] FAULT_INJECTION: forcing a failure.
[  153.725517][ T9815] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  153.728190][ T9816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1612'.
[  153.744189][ T9815] CPU: 0 PID: 9815 Comm: syz.0.1611 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  153.758232][ T9815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  153.768301][ T9815] Call Trace:
[  153.771576][ T9815]  <TASK>
[  153.774504][ T9815]  dump_stack_lvl+0x241/0x360
[  153.779265][ T9815]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.784491][ T9815]  ? __pfx__printk+0x10/0x10
[  153.789112][ T9815]  should_fail_ex+0x3b0/0x4e0
[  153.793815][ T9815]  prepare_alloc_pages+0x1da/0x5d0
[  153.798934][ T9815]  __alloc_pages_noprof+0x166/0x6c0
[  153.804137][ T9815]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  153.809888][ T9815]  alloc_pages_mpol_noprof+0x3e8/0x680
[  153.815391][ T9815]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  153.821380][ T9815]  ? xas_load+0x59b/0x5c0
[  153.825839][ T9815]  ? mpol_shared_policy_lookup+0x148/0x1f0
[  153.831764][ T9815]  shmem_alloc_and_add_folio+0x24d/0xdb0
[  153.837410][ T9815]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  153.843601][ T9815]  shmem_get_folio_gfp+0x82d/0x1f50
[  153.848812][ T9815]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  153.854444][ T9815]  shmem_fallocate+0x9b2/0x11f0
[  153.859392][ T9815]  ? __pfx_shmem_fallocate+0x10/0x10
[  153.864686][ T9815]  ? rcu_read_lock_any_held+0xb7/0x160
[  153.870160][ T9815]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  153.876057][ T9815]  vfs_fallocate+0x564/0x6c0
[  153.880659][ T9815]  do_vfs_ioctl+0x2592/0x2e50
[  153.885349][ T9815]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  153.890377][ T9815]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  153.896698][ T9815]  ? tomoyo_path_number_perm+0x208/0x880
[  153.902327][ T9815]  ? __pfx_lock_release+0x10/0x10
[  153.907367][ T9815]  ? kfree+0x149/0x360
[  153.911471][ T9815]  ? tomoyo_path_number_perm+0x71a/0x880
[  153.917110][ T9815]  ? tomoyo_path_number_perm+0x208/0x880
[  153.922736][ T9815]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  153.928820][ T9815]  ? __fget_files+0x29/0x470
[  153.933404][ T9815]  ? __fget_files+0x3f6/0x470
[  153.938078][ T9815]  ? __fget_files+0x29/0x470
[  153.942663][ T9815]  ? bpf_lsm_file_ioctl+0x9/0x10
[  153.947593][ T9815]  ? security_file_ioctl+0x87/0xb0
[  153.952702][ T9815]  __se_sys_ioctl+0x81/0x170
[  153.957291][ T9815]  do_syscall_64+0xf3/0x230
[  153.961794][ T9815]  ? clear_bhb_loop+0x35/0x90
[  153.966462][ T9815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.972356][ T9815] RIP: 0033:0x7f6905775bd9
[  153.976898][ T9815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.996513][ T9815] RSP: 002b:00007f69065e0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.005024][ T9815] RAX: ffffffffffffffda RBX: 00007f6905903f60 RCX: 00007f6905775bd9
[  154.012988][ T9815] RDX: 0000000020000000 RSI: 0000000040305828 RDI: 0000000000000005
[  154.020956][ T9815] RBP: 00007f69065e00a0 R08: 0000000000000000 R09: 0000000000000000
[  154.028938][ T9815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.036924][ T9815] R13: 000000000000000b R14: 00007f6905903f60 R15: 00007ffe56fbc4b8
[  154.044929][ T9815]  </TASK>
[  154.256033][ T9830] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1617'.
[  154.279723][ T9830] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1617'.
[  154.474768][ T5140] net_ratelimit: 37 callbacks suppressed
[  154.474786][ T5140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  154.853840][ T9866] netlink: 'syz.1.1631': attribute type 3 has an invalid length.
[  154.956050][ T6012] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  154.964498][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.337600][ T9895] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.392848][ T9903] netlink: 'syz.1.1641': attribute type 1 has an invalid length.
[  155.422842][ T9903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.448788][ T9901] syzkaller1: entered promiscuous mode
[  155.456744][ T9903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.465932][ T9901] syzkaller1: entered allmulticast mode
[  155.478485][ T9903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.520124][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.553671][ T9903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.569174][ T9903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.701872][ T9916] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  155.711800][ T9916] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  155.720985][ T9916] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[  155.734576][ T9916] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[  155.754868][ T9916] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 20000 - 0
[  155.768199][ T9916] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 20000 - 0
[  155.778202][ T9916] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 20000 - 0
[  155.801748][ T9916] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 20000 - 0
[  155.825308][ T9916] geneve2: entered promiscuous mode
[  155.841210][ T9916] geneve2: entered allmulticast mode
[  156.440477][ T9961] vlan0: entered promiscuous mode
[  156.473764][ T9968] FAULT_INJECTION: forcing a failure.
[  156.473764][ T9968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.496971][ T9968] CPU: 0 PID: 9968 Comm: syz.1.1671 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  156.507336][ T9968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  156.517420][ T9968] Call Trace:
[  156.520723][ T9968]  <TASK>
[  156.523670][ T9968]  dump_stack_lvl+0x241/0x360
[  156.528388][ T9968]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.533620][ T9968]  ? __pfx__printk+0x10/0x10
[  156.538257][ T9968]  ? __pfx_lock_release+0x10/0x10
[  156.543315][ T9968]  should_fail_ex+0x3b0/0x4e0
[  156.548033][ T9968]  _copy_from_user+0x2f/0xe0
[  156.552651][ T9968]  copy_msghdr_from_user+0xae/0x680
[  156.557882][ T9968]  ? __pfx___might_resched+0x10/0x10
[  156.563172][ T9968]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  156.568985][ T9968]  ? __might_fault+0xaa/0x120
[  156.573683][ T9968]  __sys_sendmmsg+0x374/0x740
[  156.578377][ T9968]  ? __pfx___sys_sendmmsg+0x10/0x10
[  156.583602][ T9968]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  156.589487][ T9968]  ? ksys_write+0x23e/0x2c0
[  156.594104][ T9968]  ? __pfx_lock_release+0x10/0x10
[  156.599140][ T9968]  ? vfs_write+0x7c4/0xc90
[  156.603568][ T9968]  ? __mutex_unlock_slowpath+0x21d/0x750
[  156.609207][ T9968]  ? __pfx_vfs_write+0x10/0x10
[  156.613989][ T9968]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  156.619962][ T9968]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  156.626281][ T9968]  ? do_syscall_64+0x100/0x230
[  156.631040][ T9968]  __x64_sys_sendmmsg+0xa0/0xb0
[  156.635888][ T9968]  do_syscall_64+0xf3/0x230
[  156.640388][ T9968]  ? clear_bhb_loop+0x35/0x90
[  156.645066][ T9968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.650961][ T9968] RIP: 0033:0x7fe990f75bd9
[  156.655376][ T9968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.674990][ T9968] RSP: 002b:00007fe991c60048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  156.683430][ T9968] RAX: ffffffffffffffda RBX: 00007fe991103f60 RCX: 00007fe990f75bd9
[  156.691396][ T9968] RDX: 00000000040000b2 RSI: 00000000200057c0 RDI: 0000000000000004
[  156.699358][ T9968] RBP: 00007fe991c600a0 R08: 0000000000000000 R09: 0000000000000000
[  156.707319][ T9968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  156.715285][ T9968] R13: 000000000000000b R14: 00007fe991103f60 R15: 00007ffff0a4c318
[  156.723263][ T9968]  </TASK>
[  157.032208][ T9993] netlink: 'syz.1.1681': attribute type 11 has an invalid length.
[  157.271591][T10006] __nla_validate_parse: 5 callbacks suppressed
[  157.271611][T10006] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1686'.
[  157.465699][T10013] tc_dump_action: action bad kind
[  157.487863][T10013] netlink: 'syz.1.1690': attribute type 15 has an invalid length.
[  157.521077][T10017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1692'.
[  157.847538][T10032] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1699'.
[  157.916118][T10036] FAULT_INJECTION: forcing a failure.
[  157.916118][T10036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.931300][T10036] CPU: 1 PID: 10036 Comm: syz.0.1701 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  157.941504][T10036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  157.951582][T10036] Call Trace:
[  157.955318][T10036]  <TASK>
[  157.958260][T10036]  dump_stack_lvl+0x241/0x360
[  157.962966][T10036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.968193][T10036]  ? __pfx__printk+0x10/0x10
[  157.972806][T10036]  ? __pfx_lock_release+0x10/0x10
[  157.977841][T10036]  should_fail_ex+0x3b0/0x4e0
[  157.982523][T10036]  _copy_from_user+0x2f/0xe0
[  157.987109][T10036]  copy_msghdr_from_user+0xae/0x680
[  157.992319][T10036]  ? _parse_integer_limit+0x1b5/0x200
[  157.997689][T10036]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  158.003507][T10036]  __sys_sendmmsg+0x374/0x740
[  158.008190][T10036]  ? __pfx___sys_sendmmsg+0x10/0x10
[  158.013410][T10036]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  158.019298][T10036]  ? ksys_write+0x23e/0x2c0
[  158.023794][T10036]  ? __pfx_lock_release+0x10/0x10
[  158.028817][T10036]  ? vfs_write+0x7c4/0xc90
[  158.033231][T10036]  ? __mutex_unlock_slowpath+0x21d/0x750
[  158.038861][T10036]  ? __pfx_vfs_write+0x10/0x10
[  158.043633][T10036]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  158.049609][T10036]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  158.055934][T10036]  ? do_syscall_64+0x100/0x230
[  158.060698][T10036]  __x64_sys_sendmmsg+0xa0/0xb0
[  158.065555][T10036]  do_syscall_64+0xf3/0x230
[  158.070059][T10036]  ? clear_bhb_loop+0x35/0x90
[  158.074739][T10036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.080629][T10036] RIP: 0033:0x7f6905775bd9
[  158.085033][T10036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.105068][T10036] RSP: 002b:00007f69065e0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  158.113479][T10036] RAX: ffffffffffffffda RBX: 00007f6905903f60 RCX: 00007f6905775bd9
[  158.121443][T10036] RDX: 0000000000000001 RSI: 0000000020001840 RDI: 0000000000000003
[  158.129408][T10036] RBP: 00007f69065e00a0 R08: 0000000000000000 R09: 0000000000000000
[  158.137381][T10036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.145431][T10036] R13: 000000000000000b R14: 00007f6905903f60 R15: 00007ffe56fbc4b8
[  158.153409][T10036]  </TASK>
[  158.165917][T10038] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1702'.
[  158.221783][T10040] tipc: Started in network mode
[  158.228000][T10040] tipc: Node identity ac1414aa, cluster identity 4711
[  158.238678][T10040] tipc: Enabled bearer <udp:syz2>, priority 0
[  159.232124][T10086] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  159.294836][T10090] x_tables: ip_tables: icmp match: only valid for protocol 1
[  159.355111][ T5146] tipc: Node number set to 2886997162
[  159.418543][T10090] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1724'.
[  159.428758][T10090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1724'.
[  159.494482][    C0] net_ratelimit: 29 callbacks suppressed
[  159.494498][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.683355][T10109] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.691564][ T5140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.699712][T10109] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.715029][T10109] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.735361][T10109] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.748396][T10109] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.760379][T10108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.768976][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.917105][T10119] netlink: 'syz.4.1733': attribute type 10 has an invalid length.
[  159.972939][T10125] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.976986][T10119] mac80211_hwsim hwsim18 wlan1: entered promiscuous mode
[  159.999605][T10119] mac80211_hwsim hwsim18 wlan1: entered allmulticast mode
[  160.026093][T10119] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  160.145609][T10133] x_tables: ip_tables: icmp match: only valid for protocol 1
[  160.356784][T10133] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1738'.
[  160.385266][T10133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1738'.
[  160.593244][T10172] netlink: 'syz.0.1748': attribute type 7 has an invalid length.
[  160.624932][T10172] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1748'.
[  160.659935][T10176] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1751'.
[  161.906453][T10249] tipc: Started in network mode
[  161.935580][T10249] tipc: Node identity , cluster identity 4711
[  161.972335][T10249] tipc: Failed to set node id, please configure manually
[  161.997256][T10249] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  162.086396][T10258] netlink: 'syz.3.1781': attribute type 21 has an invalid length.
[  162.936979][T10278] netlink: 'syz.4.1789': attribute type 1 has an invalid length.
[  162.949243][T10278] __nla_validate_parse: 5 callbacks suppressed
[  162.949256][T10278] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1789'.
[  162.966334][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1789'.
[  163.264911][T10295] netlink: 'syz.4.1796': attribute type 1 has an invalid length.
[  163.348383][T10300] bond2 (unregistering): Released all slaves
[  163.641526][T10314] netlink: 'syz.4.1799': attribute type 10 has an invalid length.
[  163.666888][T10314] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1799'.
[  163.727818][T10314] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  163.737143][T10314] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  163.745991][T10314] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  163.755036][T10314] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  163.774732][T10322] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1799'.
[  164.724157][T10349] net_ratelimit: 20 callbacks suppressed
[  164.724178][T10349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.738996][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.757133][T10349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.780661][T10349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.794802][T10349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.805038][T10349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.813643][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.876456][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.897370][T10356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.053298][T10368] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.520988][T10404] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1833'.
[  165.670568][T10409] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1836'.
[  165.696839][T10409] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1836'.
[  166.224596][T10453] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1855'.
[  166.230422][T10449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1852'.
[  166.291369][T10449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1852'.
[  166.291397][T10455] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  166.362079][T10458] netlink: 'syz.4.1856': attribute type 11 has an invalid length.
[  166.423484][T10460] netlink: 'syz.3.1858': attribute type 10 has an invalid length.
[  166.456860][T10460] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  166.840780][T10497] ieee802154 phy1 wpan1: encryption failed: -22
[  166.848982][T10498] xt_limit: Overflow, try lower: 16384/524288
[  166.923090][T10503] xt_HMARK: proto mask must be zero with L3 mode
[  166.977589][T10501] bond1: entered promiscuous mode
[  166.996263][T10507] netlink: 'syz.2.1875': attribute type 1 has an invalid length.
[  167.033942][T10507] sctp: [Deprecated]: syz.2.1875 (pid 10507) Use of int in max_burst socket option deprecated.
[  167.033942][T10507] Use struct sctp_assoc_value instead
[  167.101189][T10513] sctp: [Deprecated]: syz.1.1877 (pid 10513) Use of struct sctp_assoc_value in delayed_ack socket option.
[  167.101189][T10513] Use struct sctp_sack_info instead
[  167.408234][T10529] FAULT_INJECTION: forcing a failure.
[  167.408234][T10529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.429092][T10529] CPU: 1 PID: 10529 Comm: syz.0.1885 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  167.439308][T10529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  167.449390][T10529] Call Trace:
[  167.452689][T10529]  <TASK>
[  167.455640][T10529]  dump_stack_lvl+0x241/0x360
[  167.460344][T10529]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.465569][T10529]  ? __pfx__printk+0x10/0x10
[  167.470185][T10529]  ? bpf_cgroup_storage_free+0x8f/0xb0
[  167.475671][T10529]  ? __pfx_lock_release+0x10/0x10
[  167.480717][T10529]  ? bpf_test_run+0x840/0x910
[  167.485425][T10529]  should_fail_ex+0x3b0/0x4e0
[  167.490133][T10529]  _copy_to_user+0x2f/0xb0
[  167.494573][T10529]  bpf_test_finish+0x22c/0x8b0
[  167.499378][T10529]  ? __pfx_bpf_test_finish+0x10/0x10
[  167.504687][T10529]  ? __might_fault+0xc6/0x120
[  167.509396][T10529]  bpf_prog_test_run_xdp+0x905/0x11b0
[  167.514811][T10529]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  167.520644][T10529]  ? __fget_files+0x29/0x470
[  167.525268][T10529]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  167.531097][T10529]  bpf_prog_test_run+0x33a/0x3b0
[  167.536065][T10529]  __sys_bpf+0x48d/0x810
[  167.540342][T10529]  ? __pfx___sys_bpf+0x10/0x10
[  167.545145][T10529]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  167.551138][T10529]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  167.557471][T10529]  ? do_syscall_64+0x100/0x230
[  167.562310][T10529]  __x64_sys_bpf+0x7c/0x90
[  167.566734][T10529]  do_syscall_64+0xf3/0x230
[  167.571280][T10529]  ? clear_bhb_loop+0x35/0x90
[  167.575958][T10529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.581863][T10529] RIP: 0033:0x7f6905775bd9
[  167.586292][T10529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.605916][T10529] RSP: 002b:00007f69065e0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  167.614355][T10529] RAX: ffffffffffffffda RBX: 00007f6905903f60 RCX: 00007f6905775bd9
[  167.622335][T10529] RDX: 0000000000000048 RSI: 0000000020000000 RDI: 000000000000000a
[  167.630333][T10529] RBP: 00007f69065e00a0 R08: 0000000000000000 R09: 0000000000000000
[  167.638408][T10529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  167.646394][T10529] R13: 000000000000000b R14: 00007f6905903f60 R15: 00007ffe56fbc4b8
[  167.654403][T10529]  </TASK>
[  167.740458][T10542] xt_limit: Overflow, try lower: 16384/524288
[  167.764119][T10546] netlink: 'syz.0.1891': attribute type 11 has an invalid length.
[  167.830648][T10551] xt_HMARK: proto mask must be zero with L3 mode
[  167.991202][T10562] __nla_validate_parse: 10 callbacks suppressed
[  167.991222][T10562] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1894'.
[  168.147311][T10566] macvlan4: entered allmulticast mode
[  168.153237][T10566] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  168.171929][T10566] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  168.185447][T10566] team0: Port device macvlan4 added
[  168.307180][T10582] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1898'.
[  168.393333][T10585] netlink: 'syz.1.1903': attribute type 4 has an invalid length.
[  168.427981][T10588] netlink: 'syz.4.1904': attribute type 11 has an invalid length.
[  168.447727][T10588] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1904'.
[  168.483254][T10594] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1906'.
[  168.552383][T10601] netlink: 'syz.1.1909': attribute type 10 has an invalid length.
[  168.581424][T10603] netlink: 'syz.1.1909': attribute type 10 has an invalid length.
[  168.714140][T10612] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1912'.
[  168.724722][T10611] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1912'.
[  168.889879][T10620] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1914'.
[  169.208746][T10636] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1917'.
[  169.724893][T10669] netlink: 'syz.1.1928': attribute type 11 has an invalid length.
[  169.732798][T10669] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1928'.
[  170.704774][T10717] netlink: 'syz.4.1943': attribute type 11 has an invalid length.
[  170.713325][T10717] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1943'.
[  170.714363][    C0] net_ratelimit: 20 callbacks suppressed
[  170.714378][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.341167][T10738] tipc: Started in network mode
[  171.352670][T10738] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[  171.384373][T10738] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  171.403512][T10734] sctp: [Deprecated]: syz.0.1948 (pid 10734) Use of struct sctp_assoc_value in delayed_ack socket option.
[  171.403512][T10734] Use struct sctp_sack_info instead
[  171.694106][T10759] xt_time: invalid argument - start or stop time greater than 23:59:59
[  171.754512][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.902495][T10774] syz_tun: entered allmulticast mode
[  171.931646][T10766] syz_tun: left allmulticast mode
[  171.940975][T10776] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  172.371830][T10810] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  172.381733][T10810] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.794342][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.103489][T10852] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  173.312497][T10867] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  173.322380][T10867] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.434758][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.460505][T10877] netlink: 'syz.2.2002': attribute type 1 has an invalid length.
[  173.482783][T10877] __nla_validate_parse: 8 callbacks suppressed
[  173.482801][T10877] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2002'.
[  173.723231][T10897] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2005'.
[  173.796370][T10897] ��: entered promiscuous mode
[  173.890687][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.121578][T10917] netlink: 'syz.1.2017': attribute type 10 has an invalid length.
[  174.153187][T10917] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  174.293522][T10927] netlink: 'syz.1.2017': attribute type 10 has an invalid length.
[  174.607900][T10927] dummy0: entered promiscuous mode
[  174.620000][T10927] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  174.632846][T10927] team0: Failed to send options change via netlink (err -105)
[  174.640534][T10927] team0: Port device dummy0 added
[  175.146811][T10962] syz_tun: entered allmulticast mode
[  175.153857][T10961] syz_tun: left allmulticast mode
[  175.414867][T10977] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2037'.
[  175.424063][T10977] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2037'.
[  175.515579][T10982] netlink: 'syz.3.2037': attribute type 2 has an invalid length.
[  175.567721][T10977] SET target dimension over the limit!
[  175.695060][T10992] netlink: 'syz.2.2042': attribute type 3 has an invalid length.
[  175.783510][T10992] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2042'.
[  175.905478][T11007] netlink: 'syz.2.2047': attribute type 1 has an invalid length.
[  175.914552][    C0] net_ratelimit: 5 callbacks suppressed
[  175.914571][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  175.934745][T11007] netlink: 'syz.2.2047': attribute type 4 has an invalid length.
[  175.942518][T11007] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.2047'.
[  176.038936][T11020] netlink: 'syz.0.2051': attribute type 21 has an invalid length.
[  176.060425][T11020] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2051'.
[  176.457413][T11048] netlink: 'syz.1.2062': attribute type 21 has an invalid length.
[  176.954452][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.376933][T11092] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2080'.
[  177.391608][T11092] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2080'.
[  177.423578][T11092] netlink: 'syz.2.2080': attribute type 29 has an invalid length.
[  177.439322][T11092] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2080'.
[  177.511062][T11100] FAULT_INJECTION: forcing a failure.
[  177.511062][T11100] name failslab, interval 1, probability 0, space 0, times 0
[  177.524736][T11100] CPU: 0 PID: 11100 Comm: syz.0.2083 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  177.534921][T11100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  177.544974][T11100] Call Trace:
[  177.548245][T11100]  <TASK>
[  177.551171][T11100]  dump_stack_lvl+0x241/0x360
[  177.555852][T11100]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.561051][T11100]  ? __pfx__printk+0x10/0x10
[  177.565639][T11100]  ? __pfx___might_resched+0x10/0x10
[  177.570923][T11100]  should_fail_ex+0x3b0/0x4e0
[  177.575600][T11100]  ? __kernfs_new_node+0xd8/0x870
[  177.580613][T11100]  should_failslab+0x9/0x20
[  177.585111][T11100]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  177.590486][T11100]  __kernfs_new_node+0xd8/0x870
[  177.595422][T11100]  ? __pfx_lock_acquire+0x10/0x10
[  177.600440][T11100]  ? up_write+0x1a9/0x590
[  177.604761][T11100]  ? __pfx___kernfs_new_node+0x10/0x10
[  177.610216][T11100]  ? __pfx_up_write+0x10/0x10
[  177.614898][T11100]  kernfs_new_node+0x137/0x240
[  177.619658][T11100]  __kernfs_create_file+0x49/0x2e0
[  177.624767][T11100]  sysfs_add_file_mode_ns+0x24a/0x310
[  177.630179][T11100]  internal_create_group+0x7a7/0x11d0
[  177.635564][T11100]  ? __pfx_internal_create_group+0x10/0x10
[  177.641382][T11100]  sysfs_create_groups+0x56/0x120
[  177.646432][T11100]  device_add_attrs+0xe5/0x600
[  177.651248][T11100]  ? __pfx_device_add_attrs+0x10/0x10
[  177.656723][T11100]  device_add+0x576/0xbf0
[  177.661052][T11100]  ? device_initialize+0x266/0x460
[  177.666162][T11100]  netdev_register_kobject+0x17e/0x320
[  177.671628][T11100]  register_netdevice+0x11d5/0x19e0
[  177.676832][T11100]  ? __pfx_register_netdevice+0x10/0x10
[  177.682372][T11100]  ? kmalloc_trace_noprof+0x19c/0x2c0
[  177.687755][T11100]  ? hsr_add_port+0x4a1/0x790
[  177.692436][T11100]  hsr_dev_finalize+0x561/0x950
[  177.697292][T11100]  hsr_newlink+0x7ee/0x970
[  177.701707][T11100]  ? __pfx_hsr_newlink+0x10/0x10
[  177.706639][T11100]  ? rtnl_create_link+0x91c/0xc20
[  177.711664][T11100]  ? __pfx_hsr_newlink+0x10/0x10
[  177.716599][T11100]  rtnl_newlink+0x158f/0x20a0
[  177.721273][T11100]  ? __kernel_text_address+0xd/0x40
[  177.726492][T11100]  ? __pfx_rtnl_newlink+0x10/0x10
[  177.731516][T11100]  ? __pfx___mutex_trylock_common+0x10/0x10
[  177.737427][T11100]  ? rcu_is_watching+0x15/0xb0
[  177.742191][T11100]  ? trace_contention_end+0x3c/0x120
[  177.747473][T11100]  ? __mutex_lock+0x2ef/0xd70
[  177.752152][T11100]  ? __pfx_lock_release+0x10/0x10
[  177.757202][T11100]  ? __pfx_rtnl_newlink+0x10/0x10
[  177.762223][T11100]  rtnetlink_rcv_msg+0x89b/0x1180
[  177.767251][T11100]  ? rtnetlink_rcv_msg+0x208/0x1180
[  177.772471][T11100]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  177.777934][T11100]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  177.783928][T11100]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  177.790255][T11100]  ? __local_bh_enable_ip+0x168/0x200
[  177.795663][T11100]  ? lockdep_hardirqs_on+0x99/0x150
[  177.800861][T11100]  ? __local_bh_enable_ip+0x168/0x200
[  177.806223][T11100]  ? dev_hard_start_xmit+0x773/0x7e0
[  177.811503][T11100]  ? __dev_queue_xmit+0x2d2/0x3d30
[  177.816610][T11100]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  177.822330][T11100]  ? __dev_queue_xmit+0x2d2/0x3d30
[  177.827436][T11100]  ? __dev_queue_xmit+0x16c9/0x3d30
[  177.832639][T11100]  ? __dev_queue_xmit+0x2d2/0x3d30
[  177.837757][T11100]  ? ref_tracker_free+0x643/0x7e0
[  177.842786][T11100]  netlink_rcv_skb+0x1e3/0x430
[  177.847552][T11100]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  177.853013][T11100]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  177.858314][T11100]  ? netlink_deliver_tap+0x2e/0x1b0
[  177.863509][T11100]  netlink_unicast+0x7ea/0x980
[  177.868276][T11100]  ? __pfx_netlink_unicast+0x10/0x10
[  177.873562][T11100]  ? __virt_addr_valid+0x183/0x520
[  177.878759][T11100]  ? __check_object_size+0x49c/0x900
[  177.884045][T11100]  ? bpf_lsm_netlink_send+0x9/0x10
[  177.889167][T11100]  netlink_sendmsg+0x8db/0xcb0
[  177.893939][T11100]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.899225][T11100]  ? __import_iovec+0x536/0x820
[  177.904072][T11100]  ? aa_sock_msg_perm+0x91/0x160
[  177.909010][T11100]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  177.914286][T11100]  ? security_socket_sendmsg+0x87/0xb0
[  177.919747][T11100]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.925033][T11100]  __sock_sendmsg+0x221/0x270
[  177.929740][T11100]  ____sys_sendmsg+0x525/0x7d0
[  177.934510][T11100]  ? __pfx_____sys_sendmsg+0x10/0x10
[  177.939813][T11100]  __sys_sendmsg+0x2b0/0x3a0
[  177.944403][T11100]  ? __pfx___sys_sendmsg+0x10/0x10
[  177.949596][T11100]  ? vfs_write+0x7c4/0xc90
[  177.954035][T11100]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  177.960359][T11100]  ? do_syscall_64+0x100/0x230
[  177.965122][T11100]  ? do_syscall_64+0xb6/0x230
[  177.969802][T11100]  do_syscall_64+0xf3/0x230
[  177.974304][T11100]  ? clear_bhb_loop+0x35/0x90
[  177.978973][T11100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.984866][T11100] RIP: 0033:0x7f6905775bd9
[  177.989277][T11100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.008875][T11100] RSP: 002b:00007f69065e0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  178.017286][T11100] RAX: ffffffffffffffda RBX: 00007f6905903f60 RCX: 00007f6905775bd9
[  178.025255][T11100] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  178.033216][T11100] RBP: 00007f69065e00a0 R08: 0000000000000000 R09: 0000000000000000
[  178.041179][T11100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  178.049142][T11100] R13: 000000000000000b R14: 00007f6905903f60 R15: 00007ffe56fbc4b8
[  178.057133][T11100]  </TASK>
[  178.062422][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.114367][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.158833][T11160] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  179.216891][T11160] validate_nla: 1 callbacks suppressed
[  179.216911][T11160] netlink: 'syz.2.2107': attribute type 1 has an invalid length.
[  179.241871][T11160] __nla_validate_parse: 3 callbacks suppressed
[  179.241890][T11160] netlink: 9352 bytes leftover after parsing attributes in process `syz.2.2107'.
[  179.270094][T11160] netlink: 'syz.2.2107': attribute type 1 has an invalid length.
[  179.288078][T11162] x_tables: ip_tables: icmp match: only valid for protocol 1
[  179.322985][T11160] netlink: 'syz.2.2107': attribute type 2 has an invalid length.
[  179.386584][T11162] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2108'.
[  179.414593][T11162] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2108'.
[  179.755464][T11185] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  179.857512][T11194] netlink: 'syz.1.2121': attribute type 21 has an invalid length.
[  179.893998][T11197] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2122'.
[  180.108863][T11209] x_tables: ip_tables: icmp match: only valid for protocol 1
[  180.145152][T11209] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2126'.
[  180.154453][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.173987][T11209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2126'.
[  180.189741][T11214] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2130'.
[  180.255826][T11217] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.339769][T11220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.800803][T11246] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2141'.
[  180.867512][T11250] x_tables: ip_tables: icmp match: only valid for protocol 1
[  180.890060][T11250] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2143'.
[  180.908431][T11250] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2143'.
[  181.194702][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.362767][ T4495] Bluetooth: hci1: command 0x0406 tx timeout
[  181.362799][ T5094] Bluetooth: hci3: command 0x1407 tx timeout
[  181.376536][ T5104] Bluetooth: hci2: command 0x0406 tx timeout
[  181.495609][T11284] x_tables: ip_tables: icmp match: only valid for protocol 1
[  182.234506][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.516936][T11365] netlink: 'syz.4.2178': attribute type 9 has an invalid length.
[  182.808617][T11381] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  183.241690][T11411] netlink: 'syz.4.2193': attribute type 9 has an invalid length.
[  183.274408][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.314699][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.445909][T11433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  184.887766][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  185.181843][T11477] netlink: 'syz.2.2216': attribute type 1 has an invalid length.
[  185.326919][T11486] netlink: 'syz.3.2221': attribute type 11 has an invalid length.
[  185.337799][T11486] __nla_validate_parse: 6 callbacks suppressed
[  185.337816][T11486] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2221'.
[  185.354343][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.363006][T11492] x_tables: ip_tables: icmp match: only valid for protocol 1
[  185.472085][T11492] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2224'.
[  185.490300][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2224'.
[  185.576006][T11501] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2225'.
[  185.831977][T11514] netlink: 'syz.1.2231': attribute type 21 has an invalid length.
[  185.845752][T11516] netlink: 'syz.0.2232': attribute type 1 has an invalid length.
[  185.933212][T11522] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2234'.
[  186.020936][T11526] team0: left allmulticast mode
[  186.031552][T11526] bond0: left allmulticast mode
[  186.043051][T11526] batadv0: left allmulticast mode
[  186.049780][T11526] mac80211_hwsim hwsim18 wlan1: left allmulticast mode
[  186.061032][T11526] bridge1: left allmulticast mode
[  186.070564][T11529] x_tables: ip_tables: icmp match: only valid for protocol 1
[  186.085608][T11526] bridge0: port 1(team0) entered disabled state
[  186.094069][T11526] team0: Cannot enslave team device to itself
[  186.102900][T11526] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  186.127116][T11529] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2237'.
[  186.148770][T11529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2237'.
[  186.328734][T11541] FAULT_INJECTION: forcing a failure.
[  186.328734][T11541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.374391][T11541] CPU: 1 PID: 11541 Comm: syz.1.2241 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  186.384596][T11541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  186.394530][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.394651][T11541] Call Trace:
[  186.394663][T11541]  <TASK>
[  186.408965][T11541]  dump_stack_lvl+0x241/0x360
[  186.413692][T11541]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.418934][T11541]  ? __pfx__printk+0x10/0x10
[  186.423558][T11541]  ? bpf_cgroup_storage_free+0x8f/0xb0
[  186.429052][T11541]  ? __pfx_lock_release+0x10/0x10
[  186.434161][T11541]  ? bpf_test_run+0x840/0x910
[  186.438881][T11541]  should_fail_ex+0x3b0/0x4e0
[  186.443588][T11541]  _copy_to_user+0x2f/0xb0
[  186.448018][T11541]  bpf_test_finish+0x593/0x8b0
[  186.452800][T11541]  ? __might_fault+0xaa/0x120
[  186.457486][T11541]  ? __pfx_bpf_test_finish+0x10/0x10
[  186.462776][T11541]  ? _copy_from_user+0xa6/0xe0
[  186.467539][T11541]  ? bpf_test_init+0x15a/0x180
[  186.472324][T11541]  bpf_prog_test_run_xdp+0x905/0x11b0
[  186.477754][T11541]  ? __pfx_lock_release+0x10/0x10
[  186.482795][T11541]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  186.488640][T11541]  ? __fget_files+0x29/0x470
[  186.493245][T11541]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  186.499055][T11541]  bpf_prog_test_run+0x33a/0x3b0
[  186.503998][T11541]  __sys_bpf+0x48d/0x810
[  186.508277][T11541]  ? __pfx___sys_bpf+0x10/0x10
[  186.513052][T11541]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  186.519030][T11541]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  186.525355][T11541]  ? do_syscall_64+0x100/0x230
[  186.530125][T11541]  __x64_sys_bpf+0x7c/0x90
[  186.534542][T11541]  do_syscall_64+0xf3/0x230
[  186.539048][T11541]  ? clear_bhb_loop+0x35/0x90
[  186.543720][T11541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.549611][T11541] RIP: 0033:0x7fe990f75bd9
[  186.554108][T11541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.573712][T11541] RSP: 002b:00007fe991c60048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  186.582127][T11541] RAX: ffffffffffffffda RBX: 00007fe991103f60 RCX: 00007fe990f75bd9
[  186.590092][T11541] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a
[  186.598054][T11541] RBP: 00007fe991c600a0 R08: 0000000000000000 R09: 0000000000000000
[  186.606038][T11541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.614017][T11541] R13: 000000000000000b R14: 00007fe991103f60 R15: 00007ffff0a4c318
[  186.622004][T11541]  </TASK>
[  186.662992][T11551] netlink: 'syz.0.2245': attribute type 4 has an invalid length.
[  186.726078][T11547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2246'.
[  186.785628][T11557] FAULT_INJECTION: forcing a failure.
[  186.785628][T11557] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.799233][T11557] CPU: 1 PID: 11557 Comm: syz.2.2247 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  186.809423][T11557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  186.819499][T11557] Call Trace:
[  186.822977][T11557]  <TASK>
[  186.825933][T11557]  dump_stack_lvl+0x241/0x360
[  186.830657][T11557]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.833365][T11563] x_tables: ip_tables: icmp match: only valid for protocol 1
[  186.835875][T11557]  ? __pfx__printk+0x10/0x10
[  186.835912][T11557]  ? snprintf+0xda/0x120
[  186.835934][T11557]  should_fail_ex+0x3b0/0x4e0
[  186.835964][T11557]  _copy_to_user+0x2f/0xb0
[  186.835986][T11557]  simple_read_from_buffer+0xca/0x150
[  186.836012][T11557]  proc_fail_nth_read+0x1e9/0x250
[  186.836036][T11557]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  186.836058][T11557]  ? rw_verify_area+0x514/0x6b0
[  186.836078][T11557]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  186.836100][T11557]  vfs_read+0x204/0xbd0
[  186.836120][T11557]  ? __pfx_lock_release+0x10/0x10
[  186.836143][T11557]  ? do_sock_setsockopt+0x3e2/0x720
[  186.836169][T11557]  ? __pfx_vfs_read+0x10/0x10
[  186.836194][T11557]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  186.836218][T11557]  ? __fget_files+0x29/0x470
[  186.836244][T11557]  ? __fget_files+0x3f6/0x470
[  186.836281][T11557]  ksys_read+0x1a0/0x2c0
[  186.836307][T11557]  ? __pfx_ksys_read+0x10/0x10
[  186.930439][T11557]  ? do_syscall_64+0x100/0x230
[  186.935212][T11557]  ? do_syscall_64+0xb6/0x230
[  186.939887][T11557]  do_syscall_64+0xf3/0x230
[  186.944391][T11557]  ? clear_bhb_loop+0x35/0x90
[  186.949068][T11557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.954967][T11557] RIP: 0033:0x7fcacc1746bc
[  186.959375][T11557] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  186.978976][T11557] RSP: 002b:00007fcaccfc4040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  186.987394][T11557] RAX: ffffffffffffffda RBX: 00007fcacc303f60 RCX: 00007fcacc1746bc
[  186.995360][T11557] RDX: 000000000000000f RSI: 00007fcaccfc40b0 RDI: 0000000000000003
[  187.003346][T11557] RBP: 00007fcaccfc40a0 R08: 0000000000000000 R09: 0000000000000000
[  187.011318][T11557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.019280][T11557] R13: 000000000000000b R14: 00007fcacc303f60 R15: 00007fffdb6e8878
[  187.027259][T11557]  </TASK>
[  187.044152][T11563] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2251'.
[  187.053725][T11563] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2251'.
[  187.131470][T11561] netlink: 'syz.4.2250': attribute type 11 has an invalid length.
[  187.142883][T11559] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.246992][T11575] FAULT_INJECTION: forcing a failure.
[  187.246992][T11575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.287829][T11575] CPU: 1 PID: 11575 Comm: syz.3.2255 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  187.298037][T11575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  187.308124][T11575] Call Trace:
[  187.311428][T11575]  <TASK>
[  187.314378][T11575]  dump_stack_lvl+0x241/0x360
[  187.319093][T11575]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.324329][T11575]  ? __pfx__printk+0x10/0x10
[  187.328959][T11575]  ? snprintf+0xda/0x120
[  187.333245][T11575]  should_fail_ex+0x3b0/0x4e0
[  187.337965][T11575]  _copy_to_user+0x2f/0xb0
[  187.342418][T11575]  simple_read_from_buffer+0xca/0x150
[  187.347911][T11575]  proc_fail_nth_read+0x1e9/0x250
[  187.352965][T11575]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.358540][T11575]  ? rw_verify_area+0x514/0x6b0
[  187.363415][T11575]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.368988][T11575]  vfs_read+0x204/0xbd0
[  187.373273][T11575]  ? __pfx_lock_release+0x10/0x10
[  187.378364][T11575]  ? do_sock_setsockopt+0x3e2/0x720
[  187.383606][T11575]  ? __pfx_vfs_read+0x10/0x10
[  187.388314][T11575]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  187.393933][T11575]  ? __fget_files+0x29/0x470
[  187.398575][T11575]  ? __fget_files+0x3f6/0x470
[  187.403311][T11575]  ksys_read+0x1a0/0x2c0
[  187.407592][T11575]  ? __pfx_ksys_read+0x10/0x10
[  187.412390][T11575]  ? do_syscall_64+0x100/0x230
[  187.417282][T11575]  ? do_syscall_64+0xb6/0x230
[  187.421970][T11575]  do_syscall_64+0xf3/0x230
[  187.426475][T11575]  ? clear_bhb_loop+0x35/0x90
[  187.431171][T11575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.434357][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.437090][T11575] RIP: 0033:0x7f70657746bc
[  187.449578][T11575] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  187.469282][T11575] RSP: 002b:00007f70665e3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  187.477698][T11575] RAX: ffffffffffffffda RBX: 00007f7065903f60 RCX: 00007f70657746bc
[  187.485683][T11575] RDX: 000000000000000f RSI: 00007f70665e30b0 RDI: 0000000000000006
[  187.493669][T11575] RBP: 00007f70665e30a0 R08: 0000000000000000 R09: 0000000000000000
[  187.501733][T11575] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  187.509705][T11575] R13: 000000000000000b R14: 00007f7065903f60 R15: 00007ffd5c806a08
[  187.517690][T11575]  </TASK>
[  187.849837][T11607] x_tables: ip_tables: icmp match: only valid for protocol 1
[  188.004716][T11618] dccp_invalid_packet: P.Data Offset(4) too small
[  188.164481][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.169550][T11627] netlink: 'syz.0.2271': attribute type 2 has an invalid length.
[  188.312371][T11638] macvlan5: entered promiscuous mode
[  188.360845][T11639] FAULT_INJECTION: forcing a failure.
[  188.360845][T11639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.379269][T11639] CPU: 0 PID: 11639 Comm: syz.0.2275 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  188.389463][T11639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  188.399600][T11639] Call Trace:
[  188.402872][T11639]  <TASK>
[  188.405796][T11639]  dump_stack_lvl+0x241/0x360
[  188.410474][T11639]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.415677][T11639]  ? __pfx__printk+0x10/0x10
[  188.420338][T11639]  ? __pfx_lock_release+0x10/0x10
[  188.425373][T11639]  should_fail_ex+0x3b0/0x4e0
[  188.430099][T11639]  _copy_from_user+0x2f/0xe0
[  188.434697][T11639]  copy_msghdr_from_user+0xae/0x680
[  188.439936][T11639]  ? __pfx___might_resched+0x10/0x10
[  188.445256][T11639]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  188.451086][T11639]  ? __might_fault+0xaa/0x120
[  188.455760][T11639]  do_recvmmsg+0x40f/0xae0
[  188.460176][T11639]  ? __pfx_lock_release+0x10/0x10
[  188.465198][T11639]  ? __pfx_do_recvmmsg+0x10/0x10
[  188.470162][T11639]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  188.476072][T11639]  ? ksys_write+0x23e/0x2c0
[  188.480577][T11639]  ? __pfx_lock_release+0x10/0x10
[  188.485808][T11639]  ? vfs_write+0x7c4/0xc90
[  188.490236][T11639]  ? __mutex_unlock_slowpath+0x21d/0x750
[  188.495978][T11639]  ? __fget_files+0x3f6/0x470
[  188.500677][T11639]  __x64_sys_recvmmsg+0x199/0x250
[  188.505712][T11639]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  188.511345][T11639]  ? do_syscall_64+0x100/0x230
[  188.516112][T11639]  ? do_syscall_64+0xb6/0x230
[  188.520802][T11639]  do_syscall_64+0xf3/0x230
[  188.525405][T11639]  ? clear_bhb_loop+0x35/0x90
[  188.530097][T11639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.536002][T11639] RIP: 0033:0x7f6905775bd9
[  188.540428][T11639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.560127][T11639] RSP: 002b:00007f69065e0048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  188.568542][T11639] RAX: ffffffffffffffda RBX: 00007f6905903f60 RCX: 00007f6905775bd9
[  188.576594][T11639] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 000000000000000a
[  188.584561][T11639] RBP: 00007f69065e00a0 R08: 0000000000000000 R09: 0000000000000000
[  188.592554][T11639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  188.600530][T11639] R13: 000000000000000b R14: 00007f6905903f60 R15: 00007ffe56fbc4b8
[  188.608516][T11639]  </TASK>
[  188.613295][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.622504][    T9] IPVS: starting estimator thread 0...
[  188.724518][T11642] IPVS: using max 21 ests per chain, 50400 per kthread
[  188.747465][T11649] netlink: 'syz.1.2277': attribute type 10 has an invalid length.
[  188.926022][T11656] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[  189.194528][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.328644][T11682] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  189.485185][T11690] tc_dump_action: action bad kind
[  189.674584][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.819005][T11707] netlink: 'syz.2.2301': attribute type 3 has an invalid length.
[  189.950018][T11712] xt_TCPMSS: Only works on TCP SYN packets
[  189.950402][T11713] netlink: 'syz.1.2303': attribute type 2 has an invalid length.
[  190.661218][T11749] netlink: 'syz.4.2318': attribute type 1 has an invalid length.
[  190.669576][T11749] __nla_validate_parse: 8 callbacks suppressed
[  190.669590][T11749] netlink: 9348 bytes leftover after parsing attributes in process `syz.4.2318'.
[  190.690394][T11749] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2318'.
[  190.714393][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.302320][ T5100] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  191.313127][ T5100] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  191.325302][ T5100] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  191.353260][ T5100] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  191.366317][ T5100] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  191.375463][ T5100] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  191.421818][T11778] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2326'.
[  191.452580][T11778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2326'.
[  191.471383][T11782] bridge0: entered allmulticast mode
[  191.531694][T11782] pim6reg: entered allmulticast mode
[  191.621592][ T2907] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.655414][T11794] netlink: 'syz.4.2330': attribute type 29 has an invalid length.
[  191.672173][T11794] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2330'.
[  191.702909][T11794] netlink: 'syz.4.2330': attribute type 29 has an invalid length.
[  191.722528][T11794] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2330'.
[  191.743249][T11802] netlink: 'syz.4.2330': attribute type 21 has an invalid length.
[  191.754492][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.782527][T11802] netlink: 100 bytes leftover after parsing attributes in process `syz.4.2330'.
[  191.839292][ T2907] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.966440][ T2907] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.069187][ T2907] bond0: (slave netdevsim0): Releasing backup interface
[  192.083417][ T2907] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.260117][T11775] chnl_net:caif_netlink_parms(): no params data found
[  192.536159][T11850] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2349'.
[  192.554211][T11850] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2349'.
[  192.671689][T11775] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.693972][T11775] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.715718][T11775] bridge_slave_0: entered allmulticast mode
[  192.735644][T11775] bridge_slave_0: entered promiscuous mode
[  192.757149][ T2907] bridge_slave_0: left allmulticast mode
[  192.763100][ T2907] bridge_slave_0: left promiscuous mode
[  192.783625][ T2907] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.794387][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.822655][ T2907] bridge_slave_1: left allmulticast mode
[  192.837421][ T2907] bridge_slave_1: left promiscuous mode
[  192.848571][ T2907] bridge2: port 1(bridge_slave_1) entered disabled state
[  193.323666][T11890] netlink: 'syz.1.2363': attribute type 2 has an invalid length.
[  193.380427][T11894] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  193.390121][T11894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.434599][   T53] Bluetooth: hci0: command tx timeout
[  193.714605][ T2907] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.726087][ T2907] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  193.745925][ T2907] bond0 (unregistering): Released all slaves
[  193.759308][T11775] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.766965][T11775] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.774209][T11775] bridge_slave_1: entered allmulticast mode
[  193.782445][T11775] bridge_slave_1: entered promiscuous mode
[  193.834379][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.892366][T11775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  193.910287][T11887] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2361'.
[  193.933596][ T2907] IPVS: stopping backup sync thread 7297 ...
[  193.973041][T11775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.132760][T11775] team0: Port device team_slave_0 added
[  194.160332][T11775] team0: Port device team_slave_1 added
[  194.160614][T11914] netlink: 'syz.1.2372': attribute type 9 has an invalid length.
[  194.269824][T11775] batman_adv: batadv0: Adding interface: batadv_slave_0
[  194.284313][T11775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  194.317928][T11775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  194.352705][T11775] batman_adv: batadv0: Adding interface: batadv_slave_1
[  194.366127][T11775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  194.394380][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.401688][T11775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  194.548300][T11926] vcan0: tx drop: invalid da for name 0x0000000000000008
[  194.580009][T11775] hsr_slave_0: entered promiscuous mode
[  194.594301][T11775] hsr_slave_1: entered promiscuous mode
[  194.612134][T11775] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  194.627043][T11775] Cannot create hsr debugfs directory
[  194.642085][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  194.769744][ T2907] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.783914][ T2907] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.792701][ T2907] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.801463][ T2907] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.821349][ T2907] veth1_macvtap: left promiscuous mode
[  194.827358][ T2907] veth0_macvtap: left promiscuous mode
[  194.833011][ T2907] veth1_vlan: left promiscuous mode
[  194.838450][ T2907] 
@�: left promiscuous mode
[  194.874391][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.280645][ T7755] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.430681][ T2907] team0 (unregistering): Port device team_slave_1 removed
[  195.438094][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.477528][ T2907] team0 (unregistering): Port device team_slave_0 removed
[  195.514736][   T53] Bluetooth: hci0: command tx timeout
[  195.817899][T11943] pimreg: left allmulticast mode
[  195.866279][T11958] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  196.012954][T11964] __nla_validate_parse: 1 callbacks suppressed
[  196.012972][T11964] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2388'.
[  196.229488][T11980] FAULT_INJECTION: forcing a failure.
[  196.229488][T11980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.292517][T11980] CPU: 0 PID: 11980 Comm: syz.0.2393 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  196.302809][T11980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  196.312900][T11980] Call Trace:
[  196.316182][T11980]  <TASK>
[  196.319114][T11980]  dump_stack_lvl+0x241/0x360
[  196.323795][T11980]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.328990][T11980]  ? __pfx__printk+0x10/0x10
[  196.333596][T11980]  ? __pfx_lock_release+0x10/0x10
[  196.338728][T11980]  should_fail_ex+0x3b0/0x4e0
[  196.343432][T11980]  _copy_from_user+0x2f/0xe0
[  196.348026][T11980]  copy_msghdr_from_user+0xae/0x680
[  196.353230][T11980]  ? __pfx___might_resched+0x10/0x10
[  196.358520][T11980]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  196.364329][T11980]  ? __might_fault+0xaa/0x120
[  196.369007][T11980]  __sys_sendmmsg+0x374/0x740
[  196.373684][T11980]  ? __pfx___sys_sendmmsg+0x10/0x10
[  196.378904][T11980]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  196.384792][T11980]  ? ksys_write+0x23e/0x2c0
[  196.389289][T11980]  ? __pfx_lock_release+0x10/0x10
[  196.394316][T11980]  ? vfs_write+0x7c4/0xc90
[  196.398754][T11980]  ? __mutex_unlock_slowpath+0x21d/0x750
[  196.404395][T11980]  ? __pfx_vfs_write+0x10/0x10
[  196.409182][T11980]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  196.415159][T11980]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  196.421479][T11980]  ? do_syscall_64+0x100/0x230
[  196.426241][T11980]  __x64_sys_sendmmsg+0xa0/0xb0
[  196.431097][T11980]  do_syscall_64+0xf3/0x230
[  196.435606][T11980]  ? clear_bhb_loop+0x35/0x90
[  196.440279][T11980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.446168][T11980] RIP: 0033:0x7f6905775bd9
[  196.450576][T11980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.470178][T11980] RSP: 002b:00007f69065e0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  196.478585][T11980] RAX: ffffffffffffffda RBX: 00007f6905903f60 RCX: 00007f6905775bd9
[  196.486551][T11980] RDX: 0000000004000095 RSI: 0000000020005240 RDI: 0000000000000004
[  196.494517][T11980] RBP: 00007f69065e00a0 R08: 0000000000000000 R09: 0000000000000000
[  196.502483][T11980] R10: 000000000000ea60 R11: 0000000000000246 R12: 0000000000000002
[  196.510442][T11980] R13: 000000000000000b R14: 00007f6905903f60 R15: 00007ffe56fbc4b8
[  196.518418][T11980]  </TASK>
[  196.607682][T11983] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2395'.
[  196.705932][T11987] syzkaller0: entered promiscuous mode
[  196.711670][T11987] syzkaller0: entered allmulticast mode
[  196.778848][T11995] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2399'.
[  196.884618][T11995] netlink: 'syz.1.2399': attribute type 3 has an invalid length.
[  196.958402][    C0] net_ratelimit: 2 callbacks suppressed
[  196.958424][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.604756][   T53] Bluetooth: hci0: command tx timeout
[  197.995043][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.477269][T12029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2409'.
[  198.491578][T12029] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2409'.
[  198.514012][T12029] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2409'.
[  198.559847][T11775] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  198.590525][T11775] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  198.629363][T11775] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  198.663118][T12040] netlink: 'syz.0.2415': attribute type 2 has an invalid length.
[  198.690331][T11775] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  198.749298][T12041] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2414'.
[  198.939158][T11775] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.002263][T11775] 8021q: adding VLAN 0 to HW filter on device team0
[  199.030193][ T5140] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.034467][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.038246][ T5140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.095104][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.102303][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.257351][T11775] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  199.313670][T11775] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  199.553054][T12089] xt_TCPMSS: Only works on TCP SYN packets
[  199.688405][   T53] Bluetooth: hci0: command tx timeout
[  199.702945][T11775] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.867040][T11775] veth0_vlan: entered promiscuous mode
[  199.893233][T11775] veth1_vlan: entered promiscuous mode
[  199.984045][T11775] veth0_macvtap: entered promiscuous mode
[  200.019543][T11775] veth1_macvtap: entered promiscuous mode
[  200.074392][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.138217][T11775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.160905][T12125] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2445'.
[  200.181931][T11775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.196886][T12125] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2445'.
[  200.217390][T11775] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.248368][T11775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.264054][T12127] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2443'.
[  200.288101][T11775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.324283][T11775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.354300][T11775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.381052][T11775] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.408538][T11775] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.453376][T11775] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.470900][T11775] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.487172][T11775] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.794714][ T6014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.802568][ T6014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.900394][ T2836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.942830][ T2836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.114556][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.217950][T12171] netlink: 'syz.0.2460': attribute type 12 has an invalid length.
[  201.792638][T12192] netlink: 'syz.1.2470': attribute type 3 has an invalid length.
[  201.801402][T12193] netlink: 'syz.1.2470': attribute type 3 has an invalid length.
[  201.985678][T12200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2467'.
[  202.080043][T12207] netlink: 'syz.2.2474': attribute type 10 has an invalid length.
[  202.093776][T12207] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2474'.
[  202.108065][T12207] bridge0: port 3(dummy0) entered blocking state
[  202.117664][T12207] bridge0: port 3(dummy0) entered disabled state
[  202.126987][T12207] dummy0: entered allmulticast mode
[  202.136365][T12207] dummy0: entered promiscuous mode
[  202.142422][T12207] bridge0: port 3(dummy0) entered blocking state
[  202.149008][T12207] bridge0: port 3(dummy0) entered forwarding state
[  202.154485][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.199961][T12213] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  202.846571][T12239] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2486'.
[  202.903199][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2487'.
[  203.193710][T12264] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2495'.
[  203.194395][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.318417][T12272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2500'.
[  203.497003][T12287] netlink: 'syz.0.2504': attribute type 1 has an invalid length.
[  203.903454][T12313] netlink: 'syz.1.2511': attribute type 1 has an invalid length.
[  203.941725][T12313] bridge5: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  203.971854][T12313] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2511'.
[  203.985008][T12318] netlink: 'syz.3.2515': attribute type 10 has an invalid length.
[  203.997593][T12318] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2515'.
[  204.027318][T12318] bridge0: port 2(dummy0) entered blocking state
[  204.037285][T12318] bridge0: port 2(dummy0) entered disabled state
[  204.043855][T12324] netlink: 'syz.0.2516': attribute type 4 has an invalid length.
[  204.044087][T12318] dummy0: entered allmulticast mode
[  204.062127][T12318] dummy0: entered promiscuous mode
[  204.142745][T12326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2516'.
[  204.234446][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.461269][T12342] --map-set only usable from mangle table
[  204.631438][T12361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2529'.
[  204.849667][T12372] FAULT_INJECTION: forcing a failure.
[  204.849667][T12372] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.894665][T12372] CPU: 0 PID: 12372 Comm: syz.2.2533 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  204.904874][T12372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  204.915127][T12372] Call Trace:
[  204.918425][T12372]  <TASK>
[  204.921372][T12372]  dump_stack_lvl+0x241/0x360
[  204.926123][T12372]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.931354][T12372]  ? __pfx__printk+0x10/0x10
[  204.935973][T12372]  ? __pfx_lock_release+0x10/0x10
[  204.941026][T12372]  should_fail_ex+0x3b0/0x4e0
[  204.945735][T12372]  _copy_from_user+0x2f/0xe0
[  204.950346][T12372]  copy_msghdr_from_user+0xae/0x680
[  204.955578][T12372]  ? __pfx___might_resched+0x10/0x10
[  204.960884][T12372]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  204.966695][T12372]  ? __might_fault+0xaa/0x120
[  204.971368][T12372]  do_recvmmsg+0x40f/0xae0
[  204.975785][T12372]  ? __pfx_lock_release+0x10/0x10
[  204.980803][T12372]  ? __pfx_do_recvmmsg+0x10/0x10
[  204.985748][T12372]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  204.991662][T12372]  ? ksys_write+0x23e/0x2c0
[  204.996165][T12372]  ? __pfx_lock_release+0x10/0x10
[  205.001186][T12372]  ? vfs_write+0x7c4/0xc90
[  205.005596][T12372]  ? __mutex_unlock_slowpath+0x21d/0x750
[  205.011224][T12372]  ? __fget_files+0x3f6/0x470
[  205.015987][T12372]  __x64_sys_recvmmsg+0x199/0x250
[  205.021008][T12372]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  205.026547][T12372]  ? do_syscall_64+0x100/0x230
[  205.031306][T12372]  ? do_syscall_64+0xb6/0x230
[  205.035977][T12372]  do_syscall_64+0xf3/0x230
[  205.040479][T12372]  ? clear_bhb_loop+0x35/0x90
[  205.045143][T12372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.051054][T12372] RIP: 0033:0x7f4c80575bd9
[  205.055463][T12372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.075155][T12372] RSP: 002b:00007f4c81340048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  205.083567][T12372] RAX: ffffffffffffffda RBX: 00007f4c80703f60 RCX: 00007f4c80575bd9
[  205.091530][T12372] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000005
[  205.099511][T12372] RBP: 00007f4c813400a0 R08: 0000000000000000 R09: 0000000000000000
[  205.107473][T12372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  205.115433][T12372] R13: 000000000000000b R14: 00007f4c80703f60 R15: 00007ffd8355cd08
[  205.123407][T12372]  </TASK>
[  205.256184][T12384] syzkaller1: entered promiscuous mode
[  205.261701][T12384] syzkaller1: entered allmulticast mode
[  205.274489][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.751951][T12405] dccp_invalid_packet: P.Data Offset(0) too small
[  205.869718][T12408] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[  206.314394][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.393015][T12421] netlink: 'syz.3.2551': attribute type 2 has an invalid length.
[  206.401555][T12421] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  206.518683][T12431] ɶƣ0GCTw
�: entered promiscuous mode
[  206.649154][T12441] netlink: 'syz.2.2559': attribute type 3 has an invalid length.
[  206.830724][T12461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.999510][T12465] vlan2: entered promiscuous mode
[  207.015759][T12465] team0: Device vlan2 is already an upper device of the team interface
[  207.080035][T12470] __nla_validate_parse: 4 callbacks suppressed
[  207.080056][T12470] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2565'.
[  207.350002][T12488] netlink: 'syz.4.2574': attribute type 10 has an invalid length.
[  207.358217][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.368666][T12491] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2575'.
[  207.374090][T12488] netem: change failed
[  207.682467][T12505] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2581'.
[  207.785575][T12509] netlink: 'syz.2.2582': attribute type 1 has an invalid length.
[  207.828169][T12509] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  207.838992][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.903486][T12509] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.2582'.
[  208.273414][T12540] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2592'.
[  208.394445][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.643919][T12549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2595'.
[  208.708999][T12559] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2599'.
[  208.772902][T12559] 8021q: adding VLAN 0 to HW filter on device batadv1
[  208.826507][T12559] team0: Port device batadv1 added
[  208.874428][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.978424][T12571] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2603'.
[  209.119404][T12581] veth0_to_hsr: entered promiscuous mode
[  209.132806][T12577] netlink: 'syz.2.2605': attribute type 21 has an invalid length.
[  209.175046][T12579] veth0_to_hsr: left promiscuous mode
[  209.417157][T12599] 
@�: left promiscuous mode
[  209.434381][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.504022][T12606] bridge0: entered promiscuous mode
[  209.511166][T12606] bridge0: left promiscuous mode
[  209.556232][T12591] delete_channel: no stack
[  209.685322][T12614] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2620'.
[  209.702079][T12614] netlink: 43 bytes leftover after parsing attributes in process `syz.3.2620'.
[  209.711253][T12614] netlink: 'syz.3.2620': attribute type 5 has an invalid length.
[  209.780020][T12623] openvswitch: netlink: Message has 4 unknown bytes.
[  209.825160][T12623] ieee802154 phy1 wpan1: encryption failed: -90
[  210.113985][T12635] mac80211_hwsim hwsim4 wlan0 (unregistering): left allmulticast mode
[  210.168343][T12635] team0: Port device macvlan4 removed
[  210.433961][T12649] netlink: 'syz.2.2634': attribute type 9 has an invalid length.
[  210.445621][T12645] veth0_to_hsr: entered promiscuous mode
[  210.453492][T12651] FAULT_INJECTION: forcing a failure.
[  210.453492][T12651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.467409][T12651] CPU: 0 PID: 12651 Comm: syz.0.2632 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  210.477602][T12651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  210.484438][T12652] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  210.487663][T12651] Call Trace:
[  210.487681][T12651]  <TASK>
[  210.502327][T12651]  dump_stack_lvl+0x241/0x360
[  210.507043][T12651]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.512444][T12651]  ? __pfx__printk+0x10/0x10
[  210.517081][T12651]  ? snprintf+0xda/0x120
[  210.521345][T12651]  should_fail_ex+0x3b0/0x4e0
[  210.526069][T12651]  _copy_to_user+0x2f/0xb0
[  210.530696][T12651]  simple_read_from_buffer+0xca/0x150
[  210.536101][T12651]  proc_fail_nth_read+0x1e9/0x250
[  210.541155][T12651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.546732][T12651]  ? rw_verify_area+0x514/0x6b0
[  210.551612][T12651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  210.557189][T12651]  vfs_read+0x204/0xbd0
[  210.561375][T12651]  ? __pfx_lock_release+0x10/0x10
[  210.566460][T12651]  ? do_sock_setsockopt+0x3e2/0x720
[  210.571709][T12651]  ? __pfx_vfs_read+0x10/0x10
[  210.576414][T12651]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  210.581997][T12651]  ? __fget_files+0x29/0x470
[  210.586620][T12651]  ? __fget_files+0x3f6/0x470
[  210.591336][T12651]  ksys_read+0x1a0/0x2c0
[  210.595613][T12651]  ? __pfx_ksys_read+0x10/0x10
[  210.600396][T12651]  ? do_syscall_64+0x100/0x230
[  210.605200][T12651]  ? do_syscall_64+0xb6/0x230
[  210.609917][T12651]  do_syscall_64+0xf3/0x230
[  210.614454][T12651]  ? clear_bhb_loop+0x35/0x90
[  210.619182][T12651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.625104][T12651] RIP: 0033:0x7f69057746bc
[  210.629546][T12651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  210.649180][T12651] RSP: 002b:00007f69065bf040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  210.657630][T12651] RAX: ffffffffffffffda RBX: 00007f6905904038 RCX: 00007f69057746bc
[  210.665625][T12651] RDX: 000000000000000f RSI: 00007f69065bf0b0 RDI: 0000000000000006
[  210.673625][T12651] RBP: 00007f69065bf0a0 R08: 0000000000000000 R09: 0000000000000000
[  210.681711][T12651] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  210.689709][T12651] R13: 000000000000006e R14: 00007f6905904038 R15: 00007ffe56fbc4b8
[  210.697373][T12658] syzkaller0: entered promiscuous mode
[  210.697696][T12651]  </TASK>
[  210.703206][T12658] syzkaller0: entered allmulticast mode
[  210.706460][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.779402][T12644] veth0_to_hsr: left promiscuous mode
[  211.105948][T12672] netlink: 'syz.0.2640': attribute type 4 has an invalid length.
[  211.111456][T12677] xt_CT: You must specify a L4 protocol and not use inversions on it
[  211.114090][T12672] netlink: 'syz.0.2640': attribute type 1 has an invalid length.
[  211.756948][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.699258][T12695] vlan3: entered promiscuous mode
[  212.742575][T12700] __nla_validate_parse: 7 callbacks suppressed
[  212.742596][T12700] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2650'.
[  212.794607][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.066990][T12729] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2661'.
[  213.077713][T12726] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2660'.
[  213.166246][T12737] netlink: 158264 bytes leftover after parsing attributes in process `syz.0.2661'.
[  213.211212][T12737] sysfs: cannot create duplicate filename '/class/ieee80211/!!�'
[  213.231630][T12737] CPU: 1 PID: 12737 Comm: syz.0.2661 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  213.241842][T12737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  213.251924][T12737] Call Trace:
[  213.255223][T12737]  <TASK>
[  213.258178][T12737]  dump_stack_lvl+0x241/0x360
[  213.262880][T12737]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.268089][T12737]  ? __pfx__printk+0x10/0x10
[  213.272682][T12737]  ? sysfs_warn_dup+0x51/0xa0
[  213.277370][T12737]  ? kmalloc_trace_noprof+0x19c/0x2c0
[  213.282767][T12737]  sysfs_warn_dup+0x8e/0xa0
[  213.287300][T12737]  sysfs_do_create_link_sd+0xbe/0x110
[  213.292692][T12737]  device_add_class_symlinks+0x1c5/0x250
[  213.298343][T12737]  device_add+0x553/0xbf0
[  213.302703][T12737]  wiphy_register+0x1d3f/0x2b30
[  213.307570][T12737]  ? __pfx_wiphy_register+0x10/0x10
[  213.312766][T12737]  ? minstrel_ht_alloc+0x72b/0x860
[  213.317881][T12737]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  213.323962][T12737]  ieee80211_register_hw+0x3098/0x3d80
[  213.329697][T12737]  ? ieee80211_register_hw+0x10e1/0x3d80
[  213.335344][T12737]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  213.341181][T12737]  ? __asan_memset+0x23/0x50
[  213.345779][T12737]  ? __hrtimer_init+0x170/0x250
[  213.350656][T12737]  mac80211_hwsim_new_radio+0x2597/0x44c0
[  213.356427][T12737]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  213.356901][T12747] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.362498][T12737]  ? kmalloc_node_track_caller_noprof+0x242/0x440
[  213.362576][T12737]  ? kstrndup+0x5c/0xb0
[  213.362603][T12737]  ? __asan_memcpy+0x40/0x70
[  213.362626][T12737]  hwsim_new_radio_nl+0xe4c/0x21d0
[  213.391166][T12737]  ? __pfx___nla_validate_parse+0x10/0x10
[  213.396889][T12737]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  213.402481][T12737]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  213.408825][T12737]  genl_rcv_msg+0xb14/0xec0
[  213.413333][T12737]  ? mark_lock+0x9a/0x350
[  213.417683][T12737]  ? __pfx_genl_rcv_msg+0x10/0x10
[  213.422741][T12737]  ? __pfx_lock_acquire+0x10/0x10
[  213.427776][T12737]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  213.433350][T12737]  ? __pfx___might_resched+0x10/0x10
[  213.438668][T12737]  netlink_rcv_skb+0x1e3/0x430
[  213.443486][T12737]  ? __pfx_genl_rcv_msg+0x10/0x10
[  213.448525][T12737]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  213.453830][T12737]  ? __netlink_deliver_tap+0x77e/0x7c0
[  213.459301][T12737]  genl_rcv+0x28/0x40
[  213.463287][T12737]  netlink_unicast+0x7ea/0x980
[  213.468066][T12737]  ? __pfx_netlink_unicast+0x10/0x10
[  213.473359][T12737]  ? __virt_addr_valid+0x183/0x520
[  213.478467][T12737]  ? __check_object_size+0x49c/0x900
[  213.483751][T12737]  ? bpf_lsm_netlink_send+0x9/0x10
[  213.488872][T12737]  netlink_sendmsg+0x8db/0xcb0
[  213.493675][T12737]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.498964][T12737]  ? __import_iovec+0x536/0x820
[  213.503821][T12737]  ? aa_sock_msg_perm+0x91/0x160
[  213.508777][T12737]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  213.514098][T12737]  ? security_socket_sendmsg+0x87/0xb0
[  213.519573][T12737]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.524878][T12737]  __sock_sendmsg+0x221/0x270
[  213.529578][T12737]  ____sys_sendmsg+0x525/0x7d0
[  213.534448][T12737]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.539762][T12737]  __sys_sendmsg+0x2b0/0x3a0
[  213.544367][T12737]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.549555][T12737]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  213.556001][T12737]  ? do_syscall_64+0x100/0x230
[  213.560794][T12737]  ? do_syscall_64+0xb6/0x230
[  213.565503][T12737]  do_syscall_64+0xf3/0x230
[  213.570023][T12737]  ? clear_bhb_loop+0x35/0x90
[  213.574716][T12737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.580623][T12737] RIP: 0033:0x7f6905775bd9
[  213.585080][T12737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.604709][T12737] RSP: 002b:00007f69065bf048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.613167][T12737] RAX: ffffffffffffffda RBX: 00007f6905904038 RCX: 00007f6905775bd9
[  213.621155][T12737] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  213.629138][T12737] RBP: 00007f69057e4aa1 R08: 0000000000000000 R09: 0000000000000000
[  213.637140][T12737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.645127][T12737] R13: 000000000000006e R14: 00007f6905904038 R15: 00007ffe56fbc4b8
[  213.653129][T12737]  </TASK>
[  213.836056][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.896871][T12761] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2671'.
[  214.096952][T12774] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2676'.
[  214.123743][T12774] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2676'.
[  214.394371][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.409350][T12805] netlink: 'syz.3.2687': attribute type 5 has an invalid length.
[  214.544093][T12814] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2691'.
[  214.554447][T12814] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2691'.
[  214.874595][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.434361][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.826314][T12902] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  215.844786][T12902] xt_NFQUEUE: number of total queues is 0
[  215.914471][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.206451][T12925] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2722'.
[  216.381306][T12925] Bluetooth: MGMT ver 1.22
[  216.601435][T12943] TCP: Unexpected MD5 Hash found for [fe80::bb].0->[ff02::1].20002 [F.]
[  216.954367][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  217.994462][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.034454][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.074574][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.114419][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.154414][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  223.194441][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.234428][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.274595][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.871424][T12982] __nla_validate_parse: 3 callbacks suppressed
[  225.871445][T12982] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2739'.
[  226.042118][T12991] IPVS: stopping backup sync thread 10455 ...
[  226.314370][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  226.568091][T13031] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  226.835249][T13041] dvmrp1: entered allmulticast mode
[  227.334341][T13091] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2781'.
[  227.354471][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  227.395122][T13091] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2781'.
[  227.440781][T13091] xt_hashlimit: max too large, truncated to 1048576
[  227.455579][T13091] xt_hashlimit: overflow, try lower: 0/0
[  227.472671][T13091] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  227.617542][T13111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2784'.
[  227.711743][T13117] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2788'.
[  227.742129][T13118] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2788'.
[  228.050357][T13136] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2794'.
[  228.244571][T13148] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2800'.
[  228.394554][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  228.403222][T13157] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2804'.
[  228.602237][T13171] FAULT_INJECTION: forcing a failure.
[  228.602237][T13171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.646519][T13171] CPU: 0 PID: 13171 Comm: syz.3.2808 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  228.656728][T13171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  228.666805][T13171] Call Trace:
[  228.670101][T13171]  <TASK>
[  228.673043][T13171]  dump_stack_lvl+0x241/0x360
[  228.677756][T13171]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.682984][T13171]  ? __pfx__printk+0x10/0x10
[  228.686318][T13176] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  228.687592][T13171]  should_fail_ex+0x3b0/0x4e0
[  228.687632][T13171]  _copy_from_user+0x2f/0xe0
[  228.704520][T13171]  move_addr_to_kernel+0x82/0x150
[  228.709574][T13171]  copy_msghdr_from_user+0x43e/0x680
[  228.714862][T13171]  ? _parse_integer_limit+0x1b5/0x200
[  228.720229][T13171]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  228.726046][T13171]  __sys_sendmmsg+0x374/0x740
[  228.730721][T13171]  ? __pfx___sys_sendmmsg+0x10/0x10
[  228.735935][T13171]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  228.741823][T13171]  ? ksys_write+0x23e/0x2c0
[  228.746321][T13171]  ? __pfx_lock_release+0x10/0x10
[  228.751343][T13171]  ? vfs_write+0x7c4/0xc90
[  228.755758][T13171]  ? __mutex_unlock_slowpath+0x21d/0x750
[  228.761381][T13171]  ? __pfx_vfs_write+0x10/0x10
[  228.766152][T13171]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  228.772125][T13171]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  228.778444][T13171]  ? do_syscall_64+0x100/0x230
[  228.783212][T13171]  __x64_sys_sendmmsg+0xa0/0xb0
[  228.788060][T13171]  do_syscall_64+0xf3/0x230
[  228.792557][T13171]  ? clear_bhb_loop+0x35/0x90
[  228.797225][T13171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.803130][T13171] RIP: 0033:0x7f7065775bd9
[  228.807540][T13171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.827142][T13171] RSP: 002b:00007f70665e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  228.835551][T13171] RAX: ffffffffffffffda RBX: 00007f7065903f60 RCX: 00007f7065775bd9
[  228.843512][T13171] RDX: 0000000000000001 RSI: 0000000020001840 RDI: 0000000000000003
[  228.851475][T13171] RBP: 00007f70665e30a0 R08: 0000000000000000 R09: 0000000000000000
[  228.859439][T13171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.867403][T13171] R13: 000000000000000b R14: 00007f7065903f60 R15: 00007ffd5c806a08
[  228.875377][T13171]  </TASK>
[  228.974762][T13180] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2812'.
[  229.251301][T13199] xt_NFQUEUE: number of total queues is 0
[  229.278984][T13199] IPVS: Error joining to the multicast group
[  229.434465][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.632863][T13227] ipt_REJECT: ECHOREPLY no longer supported.
[  229.743983][T13233] netlink: 'syz.0.2828': attribute type 3 has an invalid length.
[  230.477497][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.709345][T13294] netlink: 'syz.3.2853': attribute type 1 has an invalid length.
[  230.755262][T13294] sctp: [Deprecated]: syz.3.2853 (pid 13294) Use of int in max_burst socket option deprecated.
[  230.755262][T13294] Use struct sctp_assoc_value instead
[  231.060089][T13318] veth0_vlan: entered allmulticast mode
[  231.514361][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.850890][T13351] FAULT_INJECTION: forcing a failure.
[  231.850890][T13351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.866829][T13351] CPU: 0 PID: 13351 Comm: syz.3.2869 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  231.877030][T13351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  231.887120][T13351] Call Trace:
[  231.890425][T13351]  <TASK>
[  231.893372][T13351]  dump_stack_lvl+0x241/0x360
[  231.898118][T13351]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.903346][T13351]  ? __pfx__printk+0x10/0x10
[  231.907974][T13351]  ? __pfx_lock_release+0x10/0x10
[  231.913036][T13351]  should_fail_ex+0x3b0/0x4e0
[  231.917757][T13351]  _copy_from_user+0x2f/0xe0
[  231.922375][T13351]  copy_msghdr_from_user+0xae/0x680
[  231.927610][T13351]  ? __pfx___might_resched+0x10/0x10
[  231.932918][T13351]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  231.938735][T13351]  ? __might_fault+0xaa/0x120
[  231.943420][T13351]  __sys_sendmmsg+0x374/0x740
[  231.948452][T13351]  ? __pfx___sys_sendmmsg+0x10/0x10
[  231.953675][T13351]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  231.959565][T13351]  ? ksys_write+0x23e/0x2c0
[  231.964170][T13351]  ? __pfx_lock_release+0x10/0x10
[  231.969191][T13351]  ? vfs_write+0x7c4/0xc90
[  231.973603][T13351]  ? __mutex_unlock_slowpath+0x21d/0x750
[  231.979245][T13351]  ? __pfx_vfs_write+0x10/0x10
[  231.984021][T13351]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  231.989994][T13351]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  231.996314][T13351]  ? do_syscall_64+0x100/0x230
[  232.001079][T13351]  __x64_sys_sendmmsg+0xa0/0xb0
[  232.005928][T13351]  do_syscall_64+0xf3/0x230
[  232.010426][T13351]  ? clear_bhb_loop+0x35/0x90
[  232.015098][T13351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.020985][T13351] RIP: 0033:0x7f7065775bd9
[  232.025399][T13351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.045010][T13351] RSP: 002b:00007f70665e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  232.053427][T13351] RAX: ffffffffffffffda RBX: 00007f7065903f60 RCX: 00007f7065775bd9
[  232.061391][T13351] RDX: 00000000040000b2 RSI: 00000000200057c0 RDI: 0000000000000004
[  232.069352][T13351] RBP: 00007f70665e30a0 R08: 0000000000000000 R09: 0000000000000000
[  232.077317][T13351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  232.085291][T13351] R13: 000000000000000b R14: 00007f7065903f60 R15: 00007ffd5c806a08
[  232.093277][T13351]  </TASK>
[  232.554383][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.701612][T13398] FAULT_INJECTION: forcing a failure.
[  232.701612][T13398] name failslab, interval 1, probability 0, space 0, times 0
[  232.716196][T13398] CPU: 1 PID: 13398 Comm: syz.2.2887 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  232.726465][T13398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  232.736517][T13398] Call Trace:
[  232.739788][T13398]  <TASK>
[  232.742711][T13398]  dump_stack_lvl+0x241/0x360
[  232.747424][T13398]  ? __pfx_dump_stack_lvl+0x10/0x10
[  232.752617][T13398]  ? __pfx__printk+0x10/0x10
[  232.757203][T13398]  ? ref_tracker_alloc+0x332/0x490
[  232.762316][T13398]  should_fail_ex+0x3b0/0x4e0
[  232.766993][T13398]  ? skb_clone+0x20c/0x390
[  232.771401][T13398]  should_failslab+0x9/0x20
[  232.775898][T13398]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  232.781272][T13398]  skb_clone+0x20c/0x390
[  232.785512][T13398]  __netlink_deliver_tap+0x3cc/0x7c0
[  232.790810][T13398]  ? netlink_deliver_tap+0x2e/0x1b0
[  232.796000][T13398]  netlink_deliver_tap+0x19d/0x1b0
[  232.801109][T13398]  netlink_unicast+0x7b8/0x980
[  232.805874][T13398]  ? __pfx_netlink_unicast+0x10/0x10
[  232.811147][T13398]  ? __virt_addr_valid+0x183/0x520
[  232.816256][T13398]  ? __check_object_size+0x49c/0x900
[  232.821536][T13398]  ? bpf_lsm_netlink_send+0x9/0x10
[  232.826651][T13398]  netlink_sendmsg+0x8db/0xcb0
[  232.831424][T13398]  ? __pfx_netlink_sendmsg+0x10/0x10
[  232.836706][T13398]  ? aa_sock_msg_perm+0x91/0x160
[  232.841641][T13398]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  232.846917][T13398]  ? security_socket_sendmsg+0x87/0xb0
[  232.852376][T13398]  ? __pfx_netlink_sendmsg+0x10/0x10
[  232.857658][T13398]  __sock_sendmsg+0x221/0x270
[  232.862370][T13398]  sock_write_iter+0x2dd/0x400
[  232.867140][T13398]  ? __pfx_sock_write_iter+0x10/0x10
[  232.872465][T13398]  ? bpf_lsm_file_permission+0x9/0x10
[  232.877832][T13398]  ? security_file_permission+0x7f/0xa0
[  232.883391][T13398]  vfs_write+0xa72/0xc90
[  232.887635][T13398]  ? __pfx_sock_write_iter+0x10/0x10
[  232.892916][T13398]  ? __pfx_vfs_write+0x10/0x10
[  232.897695][T13398]  ksys_write+0x1a0/0x2c0
[  232.902018][T13398]  ? __pfx_ksys_write+0x10/0x10
[  232.906900][T13398]  ? do_syscall_64+0x100/0x230
[  232.911663][T13398]  ? do_syscall_64+0xb6/0x230
[  232.916336][T13398]  do_syscall_64+0xf3/0x230
[  232.920845][T13398]  ? clear_bhb_loop+0x35/0x90
[  232.925517][T13398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.931406][T13398] RIP: 0033:0x7f4c80575bd9
[  232.935812][T13398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.955762][T13398] RSP: 002b:00007f4c81340048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  232.964166][T13398] RAX: ffffffffffffffda RBX: 00007f4c80703f60 RCX: 00007f4c80575bd9
[  232.972130][T13398] RDX: 000000000000002c RSI: 0000000020000280 RDI: 0000000000000003
[  232.980442][T13398] RBP: 00007f4c813400a0 R08: 0000000000000000 R09: 0000000000000000
[  232.988488][T13398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.996536][T13398] R13: 000000000000000b R14: 00007f4c80703f60 R15: 00007ffd8355cd08
[  233.004510][T13398]  </TASK>
[  233.219795][T13415] __nla_validate_parse: 4 callbacks suppressed
[  233.219814][T13415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2892'.
[  233.336740][T13421] openvswitch: netlink: Flow actions attr not present in new flow.
[  233.594388][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.992270][T13459] vlan2: entered promiscuous mode
[  234.008345][T13459] bond_slave_0: entered promiscuous mode
[  234.019751][T13459] bond_slave_0: left promiscuous mode
[  234.087005][T13471] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2914'.
[  234.096604][T13471] netlink: 652 bytes leftover after parsing attributes in process `syz.0.2914'.
[  234.098414][T13472] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2913'.
[  234.116024][T13472] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2913'.
[  234.125102][T13472] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2913'.
[  234.634389][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.700319][ T5100] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  234.711738][ T5100] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  234.720734][ T5100] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  234.730412][ T5100] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  234.739417][ T5100] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  234.747019][ T5100] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  234.866125][T13506] netlink: 'syz.2.2928': attribute type 3 has an invalid length.
[  234.873898][T13506] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2928'.
[  235.218837][T13520] syzkaller0: mtu greater than device maximum
[  235.309386][T13494] chnl_net:caif_netlink_parms(): no params data found
[  235.652575][T13563] netlink: 'syz.1.2947': attribute type 21 has an invalid length.
[  235.674362][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.703129][T13494] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.725304][T13494] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.732582][T13494] bridge_slave_0: entered allmulticast mode
[  235.751690][T13494] bridge_slave_0: entered promiscuous mode
[  235.761988][T13494] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.771886][T13494] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.780276][T13494] bridge_slave_1: entered allmulticast mode
[  235.788128][T13494] bridge_slave_1: entered promiscuous mode
[  235.913235][T13494] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.941990][T13581] tipc: Started in network mode
[  235.956308][T13581] tipc: Node identity , cluster identity 4711
[  235.958127][T13589] openvswitch: netlink: Missing key (keys=20040, expected=100)
[  235.964989][T13587] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2954'.
[  235.981611][T13581] tipc: Failed to set node id, please configure manually
[  235.990122][T13581] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  236.012499][T13494] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.109080][T13494] team0: Port device team_slave_0 added
[  236.152741][T13494] team0: Port device team_slave_1 added
[  236.259058][T13600] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2959'.
[  236.271114][T13494] batman_adv: batadv0: Adding interface: batadv_slave_0
[  236.299543][T13494] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.355747][T13494] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  236.394683][T13494] batman_adv: batadv0: Adding interface: batadv_slave_1
[  236.404217][T13494] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.439001][T13494] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.579374][T13494] hsr_slave_0: entered promiscuous mode
[  236.595566][T13494] hsr_slave_1: entered promiscuous mode
[  236.612326][T13494] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  236.635250][T13494] Cannot create hsr debugfs directory
[  236.714465][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.804700][   T53] Bluetooth: hci2: command tx timeout
[  236.983834][T13494] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.107575][T13494] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.239486][T13494] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.383364][T13494] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.410403][T13664] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2981'.
[  237.673062][T13494] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  237.715307][T13494] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  237.736549][T13494] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  237.754374][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  237.764640][T13494] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  237.951719][T13494] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.966644][T13702] dummy0: left allmulticast mode
[  237.971775][T13702] dummy0: left promiscuous mode
[  237.977861][T13702] bridge0: port 3(dummy0) entered disabled state
[  237.990670][T13702] bridge_slave_0: left allmulticast mode
[  237.996899][T13702] bridge_slave_0: left promiscuous mode
[  238.002692][T13702] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.016760][T13702] bridge_slave_1: left allmulticast mode
[  238.022522][T13702] bridge_slave_1: left promiscuous mode
[  238.029330][T13702] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.041989][T13702] bond0: (slave bond_slave_0): Releasing backup interface
[  238.057962][T13702] bond0: (slave bond_slave_1): Releasing backup interface
[  238.101200][T13702] team0: Port device team_slave_0 removed
[  238.127402][T13702] team0: Port device team_slave_1 removed
[  238.136300][T13702] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.143859][T13702] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.155498][T13702] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.172013][T13702] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.219973][T13702] team0: Port device batadv1 removed
[  238.244895][T13703] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.257239][T13703] team0: Port device bond0 added
[  238.341660][T13494] 8021q: adding VLAN 0 to HW filter on device team0
[  238.366894][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.374091][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.405549][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.412786][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.794664][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  238.828926][T13494] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.874596][   T53] Bluetooth: hci2: command tx timeout
[  238.978367][T13494] veth0_vlan: entered promiscuous mode
[  239.016732][T13494] veth1_vlan: entered promiscuous mode
[  239.019025][T13742] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  239.105326][T13744] dummy0: left promiscuous mode
[  239.128572][T13744] team0: Port device dummy0 removed
[  239.142528][ T5140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.146509][T13744] bridge_slave_0: left allmulticast mode
[  239.158888][T13744] bridge_slave_0: left promiscuous mode
[  239.165753][T13744] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.177005][T13744] bridge_slave_1: left allmulticast mode
[  239.182920][T13744] bridge_slave_1: left promiscuous mode
[  239.189807][T13744] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.202693][T13744] bond0: (slave bond_slave_0): Releasing backup interface
[  239.224363][T13744] team_slave_0: left promiscuous mode
[  239.251980][T13744] team0: Port device team_slave_0 removed
[  239.259895][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.274356][T13744] team_slave_1: left promiscuous mode
[  239.295245][T13744] team0: Port device team_slave_1 removed
[  239.310292][T13744] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  239.318166][T13744] batman_adv: batadv0: Removing interface: batadv_slave_0
[  239.328784][T13744] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  239.337058][T13744] batman_adv: batadv0: Removing interface: batadv_slave_1
[  239.391012][T13744] team0: Port device macvlan1 removed
[  239.427524][T13744] bond0: (slave netdevsim0): Releasing backup interface
[  239.471343][T13744] bond0: (slave vlan2): Releasing backup interface
[  239.485849][T13744] bridge1: left promiscuous mode
[  239.491288][T13744] bridge2: left promiscuous mode
[  239.547195][T13744] team0: Port device bridge1 removed
[  239.572154][T13744] team0: Port device bridge2 removed
[  239.591925][T13494] veth0_macvtap: entered promiscuous mode
[  239.642414][T13745] 8021q: adding VLAN 0 to HW filter on device bond0
[  239.657241][T13745] team0: Port device bond0 added
[  239.792614][T13494] veth1_macvtap: entered promiscuous mode
[  239.834555][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.859866][T13494] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.879411][T13494] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.903443][T13494] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.917357][T13494] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.953085][T13494] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.972278][T13494] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.991255][T13494] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.018471][T13494] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.226695][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.256318][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.303246][ T2907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.312222][ T2907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.345499][T13780] netlink: 'syz.1.3021': attribute type 1 has an invalid length.
[  240.363963][T13780] __nla_validate_parse: 1 callbacks suppressed
[  240.363982][T13780] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.3021'.
[  240.398030][T13780] netlink: 'syz.1.3021': attribute type 1 has an invalid length.
[  240.426713][T13780] netlink: 'syz.1.3021': attribute type 2 has an invalid length.
[  240.443232][T13790] x_tables: ip6_tables: mh match: only valid for protocol 135
[  240.696089][T13798] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  240.732912][T13798] batman_adv: batadv0: Adding interface: gretap1
[  240.756804][T13798] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.840773][T13798] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  240.874613][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.955521][   T53] Bluetooth: hci2: command tx timeout
[  241.035848][T13819] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.075071][T13819] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.245498][T13836] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  241.421100][T13855] ipip0: entered promiscuous mode
[  241.760896][T13880] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  241.914527][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.974020][T13896] netlink: 'syz.2.3059': attribute type 1 has an invalid length.
[  242.115987][T13909] team0: left allmulticast mode
[  242.126603][T13909] team_slave_0: left allmulticast mode
[  242.139236][T13909] team_slave_1: left allmulticast mode
[  242.156042][T13909] bridge0: port 3(team0) entered disabled state
[  242.215132][T13909] dummy0: left allmulticast mode
[  242.220147][T13909] dummy0: left promiscuous mode
[  242.226725][T13909] bridge0: port 2(dummy0) entered disabled state
[  242.253306][T13909] bridge_slave_0: left allmulticast mode
[  242.261320][T13909] bridge_slave_0: left promiscuous mode
[  242.267603][T13909] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.279739][T13909] bond0: (slave bond_slave_0): Releasing backup interface
[  242.288468][T13909] team_slave_0: left promiscuous mode
[  242.302327][T13909] team0: Port device team_slave_0 removed
[  242.308852][T13909] team_slave_1: left promiscuous mode
[  242.329664][T13909] team0: Port device team_slave_1 removed
[  242.342132][T13909] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.363439][T13909] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.383711][T13909] bond0: (slave wlan1): Releasing backup interface
[  242.413652][T13912] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.421842][T13912] bond0: entered promiscuous mode
[  242.430704][T13912] team0: Port device bond0 added
[  242.446605][T13896] veth0_to_team: entered promiscuous mode
[  242.456224][T13896] bond1: (slave macvlan4): Enslaving as a backup interface with a down link
[  242.474502][T13917] tipc: Started in network mode
[  242.479398][T13917] tipc: Node identity ac14140f, cluster identity 4711
[  242.493105][T13917] tipc: Enabled bearer <udp:syz2>, priority 0
[  242.635232][T13934] netlink: 'syz.0.3070': attribute type 17 has an invalid length.
[  242.651956][T13934] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3070'.
[  242.677043][T13929] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  242.688760][T13935] netlink: 'syz.0.3070': attribute type 17 has an invalid length.
[  242.725233][T13935] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3070'.
[  242.896282][T13947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3075'.
[  243.045136][   T53] Bluetooth: hci2: command tx timeout
[  243.517341][T13975] ieee802154 phy1 wpan1: encryption failed: -22
[  243.620602][ T5146] tipc: Node number set to 2886997007
[  243.830984][T13982] net_ratelimit: 1 callbacks suppressed
[  243.831004][T13982] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  243.861834][T13984] netlink: 248 bytes leftover after parsing attributes in process `syz.1.3088'.
[  243.994522][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  244.387057][T14005] netlink: 'syz.2.3096': attribute type 1 has an invalid length.
[  244.486486][T14011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3098'.
[  244.513527][T14011] macvtap1: entered promiscuous mode
[  244.522397][T14011] macvtap1: entered allmulticast mode
[  244.539234][T14011] team0: entered allmulticast mode
[  244.544903][T14011] bond0: entered allmulticast mode
[  244.562585][T14011] batadv0: entered allmulticast mode
[  244.576933][T14011] mac80211_hwsim hwsim18 wlan1: entered allmulticast mode
[  244.589291][T14011] bridge1: entered allmulticast mode
[  244.593924][T14015] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  244.600115][T14011] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  244.625446][T14005] bond2: (slave macvlan5): Enslaving as a backup interface with a down link
[  244.707352][T13984] lo: entered promiscuous mode
[  244.734179][T13984] lo: entered allmulticast mode
[  245.034483][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.095767][T14037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3107'.
[  245.134367][T14037] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3107'.
[  245.265483][T14050] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  245.552646][T14069] netlink: 248 bytes leftover after parsing attributes in process `syz.3.3120'.
[  245.718449][T14076] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3119'.
[  246.035256][T14088] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  246.074598][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  246.234677][   T53] Bluetooth: hci2: command tx timeout
[  246.490192][T14101] lo speed is unknown, defaulting to 1000
[  246.520293][T14101] lo speed is unknown, defaulting to 1000
[  246.570790][T14101] lo speed is unknown, defaulting to 1000
[  246.592853][T14101] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  246.619176][T14069] lo: entered promiscuous mode
[  246.637922][T14069] lo: entered allmulticast mode
[  246.694984][T14101] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  246.811371][T14101] lo speed is unknown, defaulting to 1000
[  246.842489][T14101] lo speed is unknown, defaulting to 1000
[  246.958218][T14101] lo speed is unknown, defaulting to 1000
[  246.988927][T14101] lo speed is unknown, defaulting to 1000
[  247.006345][T14101] lo speed is unknown, defaulting to 1000
[  247.036204][T14101] lo speed is unknown, defaulting to 1000
[  247.059982][T14101] lo speed is unknown, defaulting to 1000
[  247.114686][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.239865][T14122] vlan2: entered allmulticast mode
[  247.255280][T14122] bridge_slave_0: entered allmulticast mode
[  247.280478][T14126] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  247.331226][T14122] bridge_slave_0: left allmulticast mode
[  247.987484][T14157] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  248.283711][T14186] netlink: 'syz.1.3158': attribute type 10 has an invalid length.
[  248.293653][T14186] 
[  248.296010][T14186] ======================================================
[  248.303034][T14186] WARNING: possible circular locking dependency detected
[  248.310066][T14186] 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0 Not tainted
[  248.317187][T14186] ------------------------------------------------------
[  248.324217][T14186] syz.1.3158/14186 is trying to acquire lock:
[  248.330291][T14186] ffff88802e7d8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_open+0xe7/0x200
[  248.339477][T14186] 
[  248.339477][T14186] but task is already holding lock:
[  248.346854][T14186] ffff888064858d20 (team->team_lock_key){+.+.}-{3:3}, at: team_add_slave+0xad/0x2750
[  248.356380][T14186] 
[  248.356380][T14186] which lock already depends on the new lock.
[  248.356380][T14186] 
[  248.366780][T14186] 
[  248.366780][T14186] the existing dependency chain (in reverse order) is:
[  248.375784][T14186] 
[  248.375784][T14186] -> #1 (team->team_lock_key){+.+.}-{3:3}:
[  248.383768][T14186]        lock_acquire+0x1ed/0x550
[  248.388783][T14186]        __mutex_lock+0x136/0xd70
[  248.393795][T14186]        team_port_change_check+0x51/0x1e0
[  248.399591][T14186]        team_device_event+0x161/0x5b0
[  248.405040][T14186]        notifier_call_chain+0x19f/0x3e0
[  248.410667][T14186]        dev_close_many+0x33c/0x4c0
[  248.415858][T14186]        unregister_netdevice_many_notify+0x544/0x16b0
[  248.422694][T14186]        macvlan_device_event+0x7e0/0x870
[  248.428403][T14186]        notifier_call_chain+0x19f/0x3e0
[  248.434024][T14186]        unregister_netdevice_many_notify+0xd75/0x16b0
[  248.440860][T14186]        unregister_netdevice_queue+0x303/0x370
[  248.447092][T14186]        _cfg80211_unregister_wdev+0x162/0x560
[  248.453246][T14186]        ieee80211_if_remove+0x25d/0x3a0
[  248.458869][T14186]        ieee80211_del_iface+0x19/0x30
[  248.464315][T14186]        cfg80211_remove_virtual_intf+0x23f/0x410
[  248.470717][T14186]        genl_rcv_msg+0xb14/0xec0
[  248.475727][T14186]        netlink_rcv_skb+0x1e3/0x430
[  248.481000][T14186]        genl_rcv+0x28/0x40
[  248.485487][T14186]        netlink_unicast+0x7ea/0x980
[  248.490771][T14186]        netlink_sendmsg+0x8db/0xcb0
[  248.496047][T14186]        __sock_sendmsg+0x221/0x270
[  248.501239][T14186]        ____sys_sendmsg+0x525/0x7d0
[  248.506515][T14186]        __sys_sendmsg+0x2b0/0x3a0
[  248.511616][T14186]        do_syscall_64+0xf3/0x230
[  248.516629][T14186]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.523037][T14186] 
[  248.523037][T14186] -> #0 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  248.530757][T14186]        validate_chain+0x18e0/0x5900
[  248.536120][T14186]        __lock_acquire+0x1346/0x1fd0
[  248.541477][T14186]        lock_acquire+0x1ed/0x550
[  248.546490][T14186]        __mutex_lock+0x136/0xd70
[  248.551519][T14186]        ieee80211_open+0xe7/0x200
[  248.556638][T14186]        __dev_open+0x2d3/0x450
[  248.561491][T14186]        dev_open+0xae/0x1b0
[  248.566080][T14186]        team_add_slave+0x9b3/0x2750
[  248.571361][T14186]        do_setlink+0xe70/0x41f0
[  248.576289][T14186]        rtnl_newlink+0x180b/0x20a0
[  248.581476][T14186]        rtnetlink_rcv_msg+0x89b/0x1180
[  248.587012][T14186]        netlink_rcv_skb+0x1e3/0x430
[  248.592284][T14186]        netlink_unicast+0x7ea/0x980
[  248.597557][T14186]        netlink_sendmsg+0x8db/0xcb0
[  248.602834][T14186]        __sock_sendmsg+0x221/0x270
[  248.608025][T14186]        ____sys_sendmsg+0x525/0x7d0
[  248.613296][T14186]        __sys_sendmsg+0x2b0/0x3a0
[  248.618393][T14186]        do_syscall_64+0xf3/0x230
[  248.623408][T14186]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.629814][T14186] 
[  248.629814][T14186] other info that might help us debug this:
[  248.629814][T14186] 
[  248.640111][T14186]  Possible unsafe locking scenario:
[  248.640111][T14186] 
[  248.647546][T14186]        CPU0                    CPU1
[  248.652893][T14186]        ----                    ----
[  248.658246][T14186]   lock(team->team_lock_key);
[  248.663087][T14186]                                lock(&rdev->wiphy.mtx);
[  248.670121][T14186]                                lock(team->team_lock_key);
[  248.677392][T14186]   lock(&rdev->wiphy.mtx);
[  248.681881][T14186] 
[  248.681881][T14186]  *** DEADLOCK ***
[  248.681881][T14186] 
[  248.690003][T14186] 2 locks held by syz.1.3158/14186:
[  248.695182][T14186]  #0: ffffffff8f5e7108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  248.704672][T14186]  #1: ffff888064858d20 (team->team_lock_key){+.+.}-{3:3}, at: team_add_slave+0xad/0x2750
[  248.714588][T14186] 
[  248.714588][T14186] stack backtrace:
[  248.720458][T14186] CPU: 0 PID: 14186 Comm: syz.1.3158 Not tainted 6.10.0-rc5-syzkaller-00213-ge367197166a0 #0
[  248.730682][T14186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  248.740722][T14186] Call Trace:
[  248.743987][T14186]  <TASK>
[  248.746910][T14186]  dump_stack_lvl+0x241/0x360
[  248.751585][T14186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.756779][T14186]  ? print_circular_bug+0x130/0x1a0
[  248.761967][T14186]  check_noncircular+0x36a/0x4a0
[  248.766913][T14186]  ? __pfx_check_noncircular+0x10/0x10
[  248.772366][T14186]  ? lockdep_lock+0x123/0x2b0
[  248.777032][T14186]  ? validate_chain+0x11e/0x5900
[  248.781959][T14186]  ? mark_lock+0x9a/0x350
[  248.786291][T14186]  validate_chain+0x18e0/0x5900
[  248.791142][T14186]  ? __pfx_validate_chain+0x10/0x10
[  248.796339][T14186]  ? mark_lock+0x9a/0x350
[  248.800662][T14186]  ? __pfx_validate_chain+0x10/0x10
[  248.805942][T14186]  ? __pfx_validate_chain+0x10/0x10
[  248.811159][T14186]  ? mark_lock+0x9a/0x350
[  248.815481][T14186]  ? __lock_acquire+0x1346/0x1fd0
[  248.820498][T14186]  ? mark_lock+0x9a/0x350
[  248.824820][T14186]  __lock_acquire+0x1346/0x1fd0
[  248.829669][T14186]  lock_acquire+0x1ed/0x550
[  248.834159][T14186]  ? ieee80211_open+0xe7/0x200
[  248.838921][T14186]  ? __pfx_lock_acquire+0x10/0x10
[  248.843934][T14186]  ? __pfx___might_resched+0x10/0x10
[  248.849214][T14186]  ? ib_device_get_by_netdev+0x595/0x5e0
[  248.854842][T14186]  ? ib_device_get_by_netdev+0x85/0x5e0
[  248.860379][T14186]  ? __pfx_ib_device_get_by_netdev+0x10/0x10
[  248.866352][T14186]  ? net_generic+0x1f/0x240
[  248.870851][T14186]  ? net_generic+0x1f0/0x240
[  248.875439][T14186]  __mutex_lock+0x136/0xd70
[  248.879939][T14186]  ? ieee80211_open+0xe7/0x200
[  248.884698][T14186]  ? rxe_notify+0xef/0x4c0
[  248.889107][T14186]  ? __pfx_vxlan_netdevice_event+0x10/0x10
[  248.894908][T14186]  ? __pfx_rxe_notify+0x10/0x10
[  248.899842][T14186]  ? is_hsr_master+0x19/0x70
[  248.904427][T14186]  ? ieee80211_open+0xe7/0x200
[  248.909190][T14186]  ? __pfx___mutex_lock+0x10/0x10
[  248.914208][T14186]  ? ip6_route_dev_notify+0x99/0x600
[  248.919492][T14186]  ieee80211_open+0xe7/0x200
[  248.924078][T14186]  __dev_open+0x2d3/0x450
[  248.928415][T14186]  ? __pfx___dev_open+0x10/0x10
[  248.933258][T14186]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  248.938714][T14186]  dev_open+0xae/0x1b0
[  248.942777][T14186]  ? __pfx_dev_open+0x10/0x10
[  248.947451][T14186]  ? rcu_is_watching+0x15/0xb0
[  248.952213][T14186]  ? team_add_slave+0x686/0x2750
[  248.957142][T14186]  ? team_add_slave+0x8a0/0x2750
[  248.962081][T14186]  team_add_slave+0x9b3/0x2750
[  248.966846][T14186]  ? __pfx___dev_notify_flags+0x10/0x10
[  248.972382][T14186]  ? __dev_change_flags+0x515/0x6f0
[  248.977571][T14186]  ? __pfx_team_add_slave+0x10/0x10
[  248.982764][T14186]  ? __pfx___dev_change_flags+0x10/0x10
[  248.988301][T14186]  ? vprintk_emit+0x631/0x770
[  248.992972][T14186]  ? mutex_is_locked+0x12/0x50
[  248.997732][T14186]  do_setlink+0xe70/0x41f0
[  249.002147][T14186]  ? _printk+0xd5/0x120
[  249.006297][T14186]  ? __nla_validate_parse+0x4f4/0x3090
[  249.011746][T14186]  ? __pfx__printk+0x10/0x10
[  249.016333][T14186]  ? __pfx_do_setlink+0x10/0x10
[  249.021182][T14186]  ? __nla_validate_parse+0x26ce/0x3090
[  249.026729][T14186]  ? kmalloc_trace_noprof+0x19c/0x2c0
[  249.032118][T14186]  ? rtnl_newlink+0xf2/0x20a0
[  249.036811][T14186]  ? __pfx___nla_validate_parse+0x10/0x10
[  249.042539][T14186]  ? validate_linkmsg+0x71e/0x900
[  249.047736][T14186]  rtnl_newlink+0x180b/0x20a0
[  249.052414][T14186]  ? rtnl_newlink+0x4b1/0x20a0
[  249.057175][T14186]  ? __pfx_rtnl_newlink+0x10/0x10
[  249.062190][T14186]  ? __pfx___mutex_trylock_common+0x10/0x10
[  249.068081][T14186]  ? rcu_is_watching+0x15/0xb0
[  249.072832][T14186]  ? trace_contention_end+0x3c/0x120
[  249.078113][T14186]  ? __mutex_lock+0x2ef/0xd70
[  249.082786][T14186]  ? __pfx_lock_release+0x10/0x10
[  249.087805][T14186]  ? __pfx_rtnl_newlink+0x10/0x10
[  249.092821][T14186]  rtnetlink_rcv_msg+0x89b/0x1180
[  249.097843][T14186]  ? rtnetlink_rcv_msg+0x208/0x1180
[  249.103065][T14186]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  249.108525][T14186]  ? is_bpf_text_address+0x285/0x2a0
[  249.113811][T14186]  ? __pfx_validate_chain+0x10/0x10
[  249.119003][T14186]  ? __pfx_validate_chain+0x10/0x10
[  249.124192][T14186]  ? arch_stack_walk+0x16d/0x1b0
[  249.129219][T14186]  ? mark_lock+0x9a/0x350
[  249.133544][T14186]  ? __pfx_validate_chain+0x10/0x10
[  249.138734][T14186]  ? __lock_acquire+0x1346/0x1fd0
[  249.143754][T14186]  ? mark_lock+0x9a/0x350
[  249.148078][T14186]  ? __lock_acquire+0x1346/0x1fd0
[  249.153100][T14186]  netlink_rcv_skb+0x1e3/0x430
[  249.157860][T14186]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  249.163316][T14186]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  249.168621][T14186]  ? netlink_deliver_tap+0x2e/0x1b0
[  249.173810][T14186]  netlink_unicast+0x7ea/0x980
[  249.178569][T14186]  ? __pfx_netlink_unicast+0x10/0x10
[  249.183843][T14186]  ? __virt_addr_valid+0x183/0x520
[  249.188948][T14186]  ? __check_object_size+0x49c/0x900
[  249.194231][T14186]  ? bpf_lsm_netlink_send+0x9/0x10
[  249.199365][T14186]  netlink_sendmsg+0x8db/0xcb0
[  249.204137][T14186]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.209416][T14186]  ? __import_iovec+0x536/0x820
[  249.214256][T14186]  ? aa_sock_msg_perm+0x91/0x160
[  249.219198][T14186]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  249.224468][T14186]  ? security_socket_sendmsg+0x87/0xb0
[  249.229914][T14186]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.235207][T14186]  __sock_sendmsg+0x221/0x270
[  249.239904][T14186]  ____sys_sendmsg+0x525/0x7d0
[  249.244676][T14186]  ? __pfx_____sys_sendmsg+0x10/0x10
[  249.249968][T14186]  __sys_sendmsg+0x2b0/0x3a0
[  249.254555][T14186]  ? __pfx___sys_sendmsg+0x10/0x10
[  249.259676][T14186]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  249.265998][T14186]  ? do_syscall_64+0x100/0x230
[  249.270756][T14186]  ? do_syscall_64+0xb6/0x230
[  249.275431][T14186]  do_syscall_64+0xf3/0x230
[  249.279940][T14186]  ? clear_bhb_loop+0x35/0x90
[  249.284606][T14186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.290501][T14186] RIP: 0033:0x7fe990f75bd9
[  249.294911][T14186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.314516][T14186] RSP: 002b:00007fe991c60048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  249.322921][T14186] RAX: ffffffffffffffda RBX: 00007fe991103f60 RCX: 00007fe990f75bd9
[  249.330884][T14186] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000007
[  249.338846][T14186] RBP: 00007fe990fe4aa1 R08: 0000000000000000 R09: 0000000000000000
[  249.346806][T14186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  249.354763][T14186] R13: 000000000000000b R14: 00007fe991103f60 R15: 00007ffff0a4c318
[  249.362729][T14186]  </TASK>
[  249.368239][    C0] net_ratelimit: 1 callbacks suppressed
[  249.368257][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.389185][T14186] team0: Port device wlan1 added
[  249.399424][T14188] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  249.441731][T14186] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3158'.
[  249.459545][T14186] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3158'.
[  249.469541][T14186] netlink: 'syz.1.3158': attribute type 6 has an invalid length.
[  250.394696][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.434858][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  252.474556][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  253.515348][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.554587][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.594716][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.076207][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  256.634555][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.674697][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog