last executing test programs:

21.463660175s ago: executing program 1 (id=1354):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) (async)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000a00000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4, 0x3032, 0xffffffffffffffff, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x3)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000100)=0xba1, 0x4)
setsockopt$inet6_int(r4, 0x29, 0x8, &(0x7f0000000000)=0xffffff80, 0x4)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x6)
bind$ax25(r5, &(0x7f0000000000)={{0x3, @default}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) (async)
bind$ax25(r5, &(0x7f0000000000)={{0x3, @default}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
writev(r5, &(0x7f00000005c0)=[{0x0}, {&(0x7f00000004c0)="973fcb363fedfa6d0ea7323ef0cdc944826021b1c53fb96d4c638331423a55260f551fa0ea2508b77d2d56dd82c7599f6d52748970123475c7472cee6e8312c7eaadf26b9e484a6d72b6f9a424ce36581be3a5108f07bd4f838519e9a22320ccc78091bd572ca25e3018da495582d9806ca50292392cf8bbd6642572e9a2ae6ed6620b24d7a5f4f3f7d2e644c8d8b8be74aab57f7593dcf10de4e30ac218703588bb066209e14b5536b292b6220e4701fb5d0ba753f1765ad947ab2f0ad9cc07195f2e50ffb1d6f1676a236fa9b027ada583ab8574d2ad606ee574305ff5034dfd85f071fe28990c9f9b", 0xea}, {&(0x7f0000000bc0)="076abc50595d38b1c405989f377a35aaf06dafb74501f2d92dc0d44422daa6c6f6121427cdb73044615c3a9ab0b0a2f28610b5937c4b5aea0830d9b337e438d5de1cf909b8f04bed710d15196fb156e7aefa56697d4f74250a8d64f31235cbac6f6706d494d3d812abffcfa50c142ff97d7e7a8b0a02da4e0fb986b1071c8d005100b80867fef9a8e8f7281536a8650d38a5a7c9f6efbfa8f20614f8b07761f1210adefda0e614748c349cea09f2e7334b7427f33f3832f44f7e2f5553664518b5ae3252fd7329b30b966c6f3bcb49820a98852e8dcd843221db2944e7bade38df20202e0ae12c771812b032ad01bf4112cdd93873edfb5ddb5cee7941c6d267a6ca352503746c139727a07d0a788e417a25d182dba536e85298c91521fe99ae687c568c3e20a4f9a5d2c45d64c1a19286669bc8b32a1c036a71ae6af1dd49ca661bcadc025d73c81229d653858a002da6521d3b7b32305628473e6ba109d4101ae077804381c368bd49599a33003039ba169a44c5629c1d950c20806a4bcd9c46e001acce4558015d65d8279c2d24457d7f56958b2e5799163b6bb18648dcdbd47fd295387a018792a0f97f97f9c1cf63d80483226f1c6c8f6fd9ad7911b036b6d08e11956358febcd010ecad8008a449ce887ba8804ca91fb098fea867c404586fbef7182f7bf30984e64d1c8dafd22fb20764f7e39aebecc2c72fa841ddb04ff6b1e4fa8b5e30e5966250822312279d585deb4811bc6e0ff53347d0fbefe91bc2d1008cb4713d01b1c61914d2d58b15d3a0c635ef47529f297d49d2366e01006cdbcb28a82d6900ef6120681976566902cca1e750eead6860347dc87150089762a27699b3e4f55cc0e675e5d7b3c47eca98bd82365bf028918e7b74d9c6264bcf3e67fcf5a6fe79cfa7d1310c3d54adfb747df7283060313618100bd403026176890f86d61cc8a62c55db62dc308bd52be84fe5aca00b15f7940bb562a5313669ad9856fa81c86c5f14e5c1a80a2db4305c981470b168b7428118083a805aa401d6ef7aa22835a147c6cea70e74fcaaff39b5e7d8d86efa1e7c97c47d7ed1dd0db0a84a0b57261f89add1228f74282476e9f01c2c7faeaf15ecb6b7c73bc7d5d0ab5b5f71c5c7047b646e12197efa82a1f05fce11e793192af6aed4f30ab4ab3602aaa8626760644f5c2b4b917881cfdaa44eb9230608c6ee69a2e73b811d209f27d015546485d508dd3ef657b3ca2e69e57d1ccf9c368d25d608747f851c40d557d7dd263000c3edeef33d166c4d8de797f19118f9106f283a98ae7ad7a37078d776db6bf1428a088a9d9b0c02a9547eb20442b72d4410e597f7e437ed4a6c4dac2cd1a8145d556e91c70ce69c5f48d0ae72faf31716d48ce07f318f45500eb6dc2ade6c710fcd8f6a1d462d7ffed9fb97611ed23b3f710cf94d1784ea497c7c94712fe95f6b0ef39e1390864ce2aae191d2176778e796f93626e3d2c62af9b2887f54752a3b7ebf019937bf6b84955e4c53dbac1be4789d7a0dd5d61ed7694199098f4a04f117ff77123c83c53a66b39afa8d424d53232b7e046d2941c87780be9fd91753ec9f283febc5f9631f757d8b6fe2d2c3737a0850ae3ae540ce8d006a71328e0d9de8543febda490a9befe09b8dc72578cf2a4137c02aab186db968b2bf9abe82fa00d049a3b225d041a63d19bfc7c91859a3be85520feb15990cf7f54bb826ac8905f75b7dce97fb6c14040a2e632c993deee4ea06a1d20ce82f8638aa68a1f291e67c5e118c6ee4f34c8234d4530ecda345e6a076f2492fe175630b1e383a9be26bc6e75c294710c07465cc7a1dcff47562a3ff547635b8834c5779e7cd982fe446abdef8cfee007b5b554b9cf005dde27e00d80ad4b81a10866c4dc6f504e1bc2c3f6c221c4ad2c8d6a2f680e167b8fe0f94963c8fba55a348165be505e5696cdcd0fca194e151663e6171dbcc59c503018cdff6b301c139ef21d8eae1a79ac7efdf7662c8b8dfc26f7e5f39831a2127c7de0214dfe5feb6d1f18b43ef2e85dc1e866c8251a22ce7475eb76ce3a0c748e9697330de3342f1e0cd0d2f132b4fed6280fc7caac2b64303f175111b545d39aedbffcffd54b33c416bdce755942d5c2addd7271d0d1f99cfc777c9c261b161b921140d8c6312546b23f90f3f455057abcf833b82f4f3846027674ed5657eabc703bdcc9317917c0d20919d22322d4ae3f36a0b3a12950054fac974dbe5af0471272a1087153f0e31388029086214ab72e81e1e3754b6f30c1ece6b98314452c9268c83a606934e456b13266941d2c7f2aea726c3dc9dff84d9e9734d7ecdff6613f6e0745a0c4b19c7e0c550f79544c3022516b61e8656973c75b496fd8c12656aed4c39e68f49040987ee83880c39263ff03e97a520656a6ceb19863d82a8089d8adaab936aa46706fd9183368c66712955392a4252b86e6b3def02d69fcaf5b22f3662eb9143446d63a8a029f1458deec7da1908efa31ddcf8a30ccd63579d619d01d3357ad90282871188455cb23203c4c7325da4b89185e3c0d9589ff31531229326978e007c55731f7481ee84a223818c638f83a681174ff5c9bc701b2fcdfa0cdd47fbc4868ca43115cd769680cf39b67e6c088b91660cd438d5055a91125e116867352b56183c06a63413af19b183b6cab6c708b411e531f65eb6356af1021d5c7b60e956fdc1b60c7c6214ab440bc5ce74d567a16463d1cb2ed913459b0dfaced02f0dc2e4026bb878bab952d18c0a970bae66ecfa8969563c871bcdbc7c80f9ed48697cc552f1feefaa5e78053f1ebbfdfaa905d8e1c9ea483a8df3501f083aeb7b42d947561f979c9e8eaa6c15f7ef41ae01c1a3a6e7c3c250b9239002a6c018bfc095a820e8d291aa82dd0ae4efa4001cc237b9ee6ab24f8e451ca634a3fa754e85869fb5f6eb2845017412adcd56dcdb92f1f1678f73d1bb9d60a2f27fe017cbc4125dfea489f6189af806f5171afde0ca8cfe566793c72f30b795dcc51a91c074af8a764c19892cb02a154de1065beb9553be66116c25dfdbb3d77d16cd5c33d42845ae086423a99a28d5fc3c30f27bb5e31f729d9bbb81d43bd55593db0d8306a0228e6b33e0da4bfc63b9444e85c43b2b90509b9cfccb83dfde5532112b5af3d20021f3aa280379c975e33f5d96eccc4365389f6fccef10726fe5b379c7491370e69e32c07f8dfd901867d626c142127e4ffced1c23af04f897b84edd7e8bb20a49922a6fcffb77f814cf9a4be07d292c81c2a625543ab22068e490830fa484c8344a71a13eb6ff6f71df5ee54d2ebdf0c48fb7cd8bf33bb4a3490fb8e7201f00559a07b96517498c277c0c87d0bbe9a10a010b71ed4db6fc9608c84c95d7e34d1310deadf07a62347b5c0f23be4a52fa924a50a4b87c42e24ca87479955c68ebc6dddb935aa982fe3563e1a65002b4eb773b78c5d43fd86823e1da832cb702428851876b125202a3748cd3ffe398146dadf6c740383a6c5d5b7522ac84b11b536897f6cfb0ace43463941fe9d8330e05b7311751615d6e6acb9240babe8042ca041c441bd2e09b557e35b3284e2fea78d4b769619993d2999d1336a755ce05f781bab466d6dc01d584a14f5a8ce477ac94b2e866f6eac9347494c887934af9ee7e73c196d0b2b2b76087a08e7db9aa5daafe35badbcca9508e791a4a608f080547e326546c199da7ca9a385166e9e1c3a73c5dc9091e3ada8ece3c2446905092c1f3d39c1c6f2bc0e085acc869570e9d3b7dc22e3b369608681e57857244d0f1af893678eabaf1548f1aff5154274d59525551ac4ff80924f1b444f972151412ea1bc46edd6f37df5d3afbd764f6430099f0e54f9b430997803aa765c058479fe3f910506de96481ab3c7b7d971904d9b97a031caf8c60bcb17a617c1cac5c54b4c0963afafc86446708c332357364623ca2b8009da61b71aa1210c0ab55cf0d073feb493ce58f3653e261bb6b91fa96481c56b1315abcdf2ab7b37ab580b777ce875d116a70b43e18b4f25f735f8d5f271de28d86e025229c130067d7902a90fbddbeb548d95dc2b765a0db8d730d570134004a03701234601877b7dc18f42b56d1ab2cc581174ea928191da270bdd254681927d6ce9094a57108bc6cee2043e8ad1e01e43ba507e8c603a4b4303495806757c16c256e949e9fd2e7717427a3f45a0eb7c4998531a1fe3c14b45bb61f13f58db1bc946bcee7258790af48445610779dd5c9fd7785f4905d66af1252dae9339dc8cdafcbb12a1fb511daff05cbb7940d5ec5318b95209220b27ed098d3902c856a79d364a925418cefe937b6ecb4c40dcb539f4a90fd7e11f458c0c27c03ce802484a842eaab758ee66d87e5622d3fec075e168e1f744aa18baec4856fa8e5d9be6fd9db80d1586eb0dfb629927c6c39b56d2136a357503b4f97c208fe48643f58481a72fad5ed0cf5a9926a8e11b69ad727044697d6af72049c54c588dd3f37a2178eb58ce371b0ad679c5f3c4515ffe9da8986f01b45ff8575164bcb421d68facd8e8b348002116434bc357c79a7bbc3db09cc382fd6f138d05338cedf512318d5fe7313ffde2383a505ed7813e792a921e7544c5394eef1e8bde580d3d2a6d90b5f06dfa44c16cfaa7f04026320ac8782be045bcb29700a382759572109415d57cf567d4a648c92c793e382ef549a63d9b1b2c2e42119f0e62c374fdd9913a80e5c37cbcaa4e3d24ca05fa676131eed0ee829ed2727f3260072609edc305b9b93bed2409ad5c6bd380a19392f3f20d3baf51d4289948ba42343196634346dd65c8992e0b56710e7a467cf0f3d33ae7b3dd850c5dd37a97787a428b3ab6867cc31e3e4714e8a2a288453cb930f3a50a213cbcccd40d5d0230cf5fb865928a385ca00ab23041cadd7169fa746a900d3b0d32a50429920de9ed7411337b179f1bf34ee3e2c51a78ece51c47e8e9f8b7ee99aec4d1c3c18fbc5f362d741e02c0f6878b27cfabd5c505adf0901cd2ef2d38a14b067eea6a8f0caffdf148569bbe219adf153a2fb9e10e27f5fcb4d", 0xe01}], 0x3) (async)
writev(r5, &(0x7f00000005c0)=[{0x0}, {&(0x7f00000004c0)="973fcb363fedfa6d0ea7323ef0cdc944826021b1c53fb96d4c638331423a55260f551fa0ea2508b77d2d56dd82c7599f6d52748970123475c7472cee6e8312c7eaadf26b9e484a6d72b6f9a424ce36581be3a5108f07bd4f838519e9a22320ccc78091bd572ca25e3018da495582d9806ca50292392cf8bbd6642572e9a2ae6ed6620b24d7a5f4f3f7d2e644c8d8b8be74aab57f7593dcf10de4e30ac218703588bb066209e14b5536b292b6220e4701fb5d0ba753f1765ad947ab2f0ad9cc07195f2e50ffb1d6f1676a236fa9b027ada583ab8574d2ad606ee574305ff5034dfd85f071fe28990c9f9b", 0xea}, {&(0x7f0000000bc0)="076abc50595d38b1c405989f377a35aaf06dafb74501f2d92dc0d44422daa6c6f6121427cdb73044615c3a9ab0b0a2f28610b5937c4b5aea0830d9b337e438d5de1cf909b8f04bed710d15196fb156e7aefa56697d4f74250a8d64f31235cbac6f6706d494d3d812abffcfa50c142ff97d7e7a8b0a02da4e0fb986b1071c8d005100b80867fef9a8e8f7281536a8650d38a5a7c9f6efbfa8f20614f8b07761f1210adefda0e614748c349cea09f2e7334b7427f33f3832f44f7e2f5553664518b5ae3252fd7329b30b966c6f3bcb49820a98852e8dcd843221db2944e7bade38df20202e0ae12c771812b032ad01bf4112cdd93873edfb5ddb5cee7941c6d267a6ca352503746c139727a07d0a788e417a25d182dba536e85298c91521fe99ae687c568c3e20a4f9a5d2c45d64c1a19286669bc8b32a1c036a71ae6af1dd49ca661bcadc025d73c81229d653858a002da6521d3b7b32305628473e6ba109d4101ae077804381c368bd49599a33003039ba169a44c5629c1d950c20806a4bcd9c46e001acce4558015d65d8279c2d24457d7f56958b2e5799163b6bb18648dcdbd47fd295387a018792a0f97f97f9c1cf63d80483226f1c6c8f6fd9ad7911b036b6d08e11956358febcd010ecad8008a449ce887ba8804ca91fb098fea867c404586fbef7182f7bf30984e64d1c8dafd22fb20764f7e39aebecc2c72fa841ddb04ff6b1e4fa8b5e30e5966250822312279d585deb4811bc6e0ff53347d0fbefe91bc2d1008cb4713d01b1c61914d2d58b15d3a0c635ef47529f297d49d2366e01006cdbcb28a82d6900ef6120681976566902cca1e750eead6860347dc87150089762a27699b3e4f55cc0e675e5d7b3c47eca98bd82365bf028918e7b74d9c6264bcf3e67fcf5a6fe79cfa7d1310c3d54adfb747df7283060313618100bd403026176890f86d61cc8a62c55db62dc308bd52be84fe5aca00b15f7940bb562a5313669ad9856fa81c86c5f14e5c1a80a2db4305c981470b168b7428118083a805aa401d6ef7aa22835a147c6cea70e74fcaaff39b5e7d8d86efa1e7c97c47d7ed1dd0db0a84a0b57261f89add1228f74282476e9f01c2c7faeaf15ecb6b7c73bc7d5d0ab5b5f71c5c7047b646e12197efa82a1f05fce11e793192af6aed4f30ab4ab3602aaa8626760644f5c2b4b917881cfdaa44eb9230608c6ee69a2e73b811d209f27d015546485d508dd3ef657b3ca2e69e57d1ccf9c368d25d608747f851c40d557d7dd263000c3edeef33d166c4d8de797f19118f9106f283a98ae7ad7a37078d776db6bf1428a088a9d9b0c02a9547eb20442b72d4410e597f7e437ed4a6c4dac2cd1a8145d556e91c70ce69c5f48d0ae72faf31716d48ce07f318f45500eb6dc2ade6c710fcd8f6a1d462d7ffed9fb97611ed23b3f710cf94d1784ea497c7c94712fe95f6b0ef39e1390864ce2aae191d2176778e796f93626e3d2c62af9b2887f54752a3b7ebf019937bf6b84955e4c53dbac1be4789d7a0dd5d61ed7694199098f4a04f117ff77123c83c53a66b39afa8d424d53232b7e046d2941c87780be9fd91753ec9f283febc5f9631f757d8b6fe2d2c3737a0850ae3ae540ce8d006a71328e0d9de8543febda490a9befe09b8dc72578cf2a4137c02aab186db968b2bf9abe82fa00d049a3b225d041a63d19bfc7c91859a3be85520feb15990cf7f54bb826ac8905f75b7dce97fb6c14040a2e632c993deee4ea06a1d20ce82f8638aa68a1f291e67c5e118c6ee4f34c8234d4530ecda345e6a076f2492fe175630b1e383a9be26bc6e75c294710c07465cc7a1dcff47562a3ff547635b8834c5779e7cd982fe446abdef8cfee007b5b554b9cf005dde27e00d80ad4b81a10866c4dc6f504e1bc2c3f6c221c4ad2c8d6a2f680e167b8fe0f94963c8fba55a348165be505e5696cdcd0fca194e151663e6171dbcc59c503018cdff6b301c139ef21d8eae1a79ac7efdf7662c8b8dfc26f7e5f39831a2127c7de0214dfe5feb6d1f18b43ef2e85dc1e866c8251a22ce7475eb76ce3a0c748e9697330de3342f1e0cd0d2f132b4fed6280fc7caac2b64303f175111b545d39aedbffcffd54b33c416bdce755942d5c2addd7271d0d1f99cfc777c9c261b161b921140d8c6312546b23f90f3f455057abcf833b82f4f3846027674ed5657eabc703bdcc9317917c0d20919d22322d4ae3f36a0b3a12950054fac974dbe5af0471272a1087153f0e31388029086214ab72e81e1e3754b6f30c1ece6b98314452c9268c83a606934e456b13266941d2c7f2aea726c3dc9dff84d9e9734d7ecdff6613f6e0745a0c4b19c7e0c550f79544c3022516b61e8656973c75b496fd8c12656aed4c39e68f49040987ee83880c39263ff03e97a520656a6ceb19863d82a8089d8adaab936aa46706fd9183368c66712955392a4252b86e6b3def02d69fcaf5b22f3662eb9143446d63a8a029f1458deec7da1908efa31ddcf8a30ccd63579d619d01d3357ad90282871188455cb23203c4c7325da4b89185e3c0d9589ff31531229326978e007c55731f7481ee84a223818c638f83a681174ff5c9bc701b2fcdfa0cdd47fbc4868ca43115cd769680cf39b67e6c088b91660cd438d5055a91125e116867352b56183c06a63413af19b183b6cab6c708b411e531f65eb6356af1021d5c7b60e956fdc1b60c7c6214ab440bc5ce74d567a16463d1cb2ed913459b0dfaced02f0dc2e4026bb878bab952d18c0a970bae66ecfa8969563c871bcdbc7c80f9ed48697cc552f1feefaa5e78053f1ebbfdfaa905d8e1c9ea483a8df3501f083aeb7b42d947561f979c9e8eaa6c15f7ef41ae01c1a3a6e7c3c250b9239002a6c018bfc095a820e8d291aa82dd0ae4efa4001cc237b9ee6ab24f8e451ca634a3fa754e85869fb5f6eb2845017412adcd56dcdb92f1f1678f73d1bb9d60a2f27fe017cbc4125dfea489f6189af806f5171afde0ca8cfe566793c72f30b795dcc51a91c074af8a764c19892cb02a154de1065beb9553be66116c25dfdbb3d77d16cd5c33d42845ae086423a99a28d5fc3c30f27bb5e31f729d9bbb81d43bd55593db0d8306a0228e6b33e0da4bfc63b9444e85c43b2b90509b9cfccb83dfde5532112b5af3d20021f3aa280379c975e33f5d96eccc4365389f6fccef10726fe5b379c7491370e69e32c07f8dfd901867d626c142127e4ffced1c23af04f897b84edd7e8bb20a49922a6fcffb77f814cf9a4be07d292c81c2a625543ab22068e490830fa484c8344a71a13eb6ff6f71df5ee54d2ebdf0c48fb7cd8bf33bb4a3490fb8e7201f00559a07b96517498c277c0c87d0bbe9a10a010b71ed4db6fc9608c84c95d7e34d1310deadf07a62347b5c0f23be4a52fa924a50a4b87c42e24ca87479955c68ebc6dddb935aa982fe3563e1a65002b4eb773b78c5d43fd86823e1da832cb702428851876b125202a3748cd3ffe398146dadf6c740383a6c5d5b7522ac84b11b536897f6cfb0ace43463941fe9d8330e05b7311751615d6e6acb9240babe8042ca041c441bd2e09b557e35b3284e2fea78d4b769619993d2999d1336a755ce05f781bab466d6dc01d584a14f5a8ce477ac94b2e866f6eac9347494c887934af9ee7e73c196d0b2b2b76087a08e7db9aa5daafe35badbcca9508e791a4a608f080547e326546c199da7ca9a385166e9e1c3a73c5dc9091e3ada8ece3c2446905092c1f3d39c1c6f2bc0e085acc869570e9d3b7dc22e3b369608681e57857244d0f1af893678eabaf1548f1aff5154274d59525551ac4ff80924f1b444f972151412ea1bc46edd6f37df5d3afbd764f6430099f0e54f9b430997803aa765c058479fe3f910506de96481ab3c7b7d971904d9b97a031caf8c60bcb17a617c1cac5c54b4c0963afafc86446708c332357364623ca2b8009da61b71aa1210c0ab55cf0d073feb493ce58f3653e261bb6b91fa96481c56b1315abcdf2ab7b37ab580b777ce875d116a70b43e18b4f25f735f8d5f271de28d86e025229c130067d7902a90fbddbeb548d95dc2b765a0db8d730d570134004a03701234601877b7dc18f42b56d1ab2cc581174ea928191da270bdd254681927d6ce9094a57108bc6cee2043e8ad1e01e43ba507e8c603a4b4303495806757c16c256e949e9fd2e7717427a3f45a0eb7c4998531a1fe3c14b45bb61f13f58db1bc946bcee7258790af48445610779dd5c9fd7785f4905d66af1252dae9339dc8cdafcbb12a1fb511daff05cbb7940d5ec5318b95209220b27ed098d3902c856a79d364a925418cefe937b6ecb4c40dcb539f4a90fd7e11f458c0c27c03ce802484a842eaab758ee66d87e5622d3fec075e168e1f744aa18baec4856fa8e5d9be6fd9db80d1586eb0dfb629927c6c39b56d2136a357503b4f97c208fe48643f58481a72fad5ed0cf5a9926a8e11b69ad727044697d6af72049c54c588dd3f37a2178eb58ce371b0ad679c5f3c4515ffe9da8986f01b45ff8575164bcb421d68facd8e8b348002116434bc357c79a7bbc3db09cc382fd6f138d05338cedf512318d5fe7313ffde2383a505ed7813e792a921e7544c5394eef1e8bde580d3d2a6d90b5f06dfa44c16cfaa7f04026320ac8782be045bcb29700a382759572109415d57cf567d4a648c92c793e382ef549a63d9b1b2c2e42119f0e62c374fdd9913a80e5c37cbcaa4e3d24ca05fa676131eed0ee829ed2727f3260072609edc305b9b93bed2409ad5c6bd380a19392f3f20d3baf51d4289948ba42343196634346dd65c8992e0b56710e7a467cf0f3d33ae7b3dd850c5dd37a97787a428b3ab6867cc31e3e4714e8a2a288453cb930f3a50a213cbcccd40d5d0230cf5fb865928a385ca00ab23041cadd7169fa746a900d3b0d32a50429920de9ed7411337b179f1bf34ee3e2c51a78ece51c47e8e9f8b7ee99aec4d1c3c18fbc5f362d741e02c0f6878b27cfabd5c505adf0901cd2ef2d38a14b067eea6a8f0caffdf148569bbe219adf153a2fb9e10e27f5fcb4d", 0xe01}], 0x3)
getsockopt$inet6_buf(r4, 0x29, 0x6, &(0x7f0000034780)=""/102391, &(0x7f00000001c0)=0x18ff7) (async)
getsockopt$inet6_buf(r4, 0x29, 0x6, &(0x7f0000034780)=""/102391, &(0x7f00000001c0)=0x18ff7)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000691000/0x4000)=nil, 0x4000, 0x3, 0x28011, r7, 0x0) (async)
mmap(&(0x7f0000691000/0x4000)=nil, 0x4000, 0x3, 0x28011, r7, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f00008b7000/0x4000)=nil, 0x4000, 0x0, 0x13, r8, 0x1000)
mmap(&(0x7f00004e7000/0x2000)=nil, 0x2000, 0x0, 0x13, r8, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
mmap(&(0x7f0000867000/0x2000)=nil, 0x2000, 0x0, 0x2811, r9, 0xffffa000)
mmap(&(0x7f0000867000/0x3000)=nil, 0x3000, 0x0, 0x11, r9, 0x0)
recvfrom(r6, &(0x7f0000000240)=""/180, 0xb4, 0x120, 0x0, 0x0) (async)
recvfrom(r6, &(0x7f0000000240)=""/180, 0xb4, 0x120, 0x0, 0x0)
sendmsg$rds(r2, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f00000009c0)=""/4078, 0xfee}], 0x1}, 0x0)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e901b1bdbdaf6a4bd86", 0x14}], 0x116d, 0x0, 0x0, 0x40010}, 0x0)

20.941237738s ago: executing program 1 (id=1359):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000001800090000000000000000000200000cfffe00010000000008000500ac"], 0x24}, 0xfd}, 0x0)

20.785191605s ago: executing program 1 (id=1363):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0xa, 0x3, 0x3a)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000008c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r2, &(0x7f0000000a00)={0x0, 0x2, &(0x7f00000009c0)={&(0x7f0000000900)={0x14, r3, 0xe2c40cf0776ef37, 0x0, 0x0, {0x5}}, 0x14}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x101}}], 0x18}}], 0x1, 0x4000000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r4}, 0x10)
r6 = socket$igmp(0x2, 0x3, 0x2)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c0000000101010100000000000000000a0000003c0001800c000280050001003a0000002c0001800f0003000000000000000000000000000000000014000400ff0200000000000000000000000030720c00198008000100cd"], 0x5c}}, 0x0)
setsockopt$MRT_TABLE(r6, 0x0, 0xcf, 0xffffffffffffffff, 0x0)
r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_type(r9, &(0x7f0000000040), 0x2, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="02"], 0x10)
close(r8)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r12, r11, 0x2, 0x6, 0x4000, @void, @value}, 0x10)
r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYRES64=r13, @ANYRES64=0x0, @ANYRESHEX=r13], 0x20)

20.340015788s ago: executing program 1 (id=1366):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newneigh={0x30, 0x1c, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, r2, 0x0, 0x8, 0xf}, [@NDA_DST_IPV6={0x14, 0x1, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x8040}, 0x48000)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x8, 0xfe, 0x0, 0x0, 0x1c, {[@window={0xe, 0x3, 0x2}, @generic={0x0, 0x7, "d58838068b"}]}}}}}}, 0x42)

19.921199643s ago: executing program 1 (id=1370):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x874, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(r1, 0x4030582b, &(0x7f00000001c0)={0x1100, 0x2, 0x3, 0x9})
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f00003cf000/0x4000)=nil, 0x4000, 0x2, 0x22051, r2, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r3 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x3)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

9.545129963s ago: executing program 1 (id=1370):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x874, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(r1, 0x4030582b, &(0x7f00000001c0)={0x1100, 0x2, 0x3, 0x9})
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f00003cf000/0x4000)=nil, 0x4000, 0x2, 0x22051, r2, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r3 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x3)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.926277914s ago: executing program 3 (id=1556):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000680), 0x101100, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

2.546209352s ago: executing program 0 (id=1562):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r1, @ANYBLOB="0100000000000000000003000000c401018038000400200001000a004e200000080020010000000000000000000000000001050000001400020002000000e000000200000000000000000d0001007564703a73797a3200000000080003000500000044000400200001000a004e2300000002ff01000000000000000000000900000102000000200002"], 0x1d8}}, 0x0)

986.87707ms ago: executing program 4 (id=1564):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000000202030000000000000000000a0000003c0002802c0001"], 0x50}}, 0x0)

909.096637ms ago: executing program 0 (id=1565):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r2, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50)

908.92031ms ago: executing program 3 (id=1566):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r0, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000200)=""/4088, 0xff8}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

871.672856ms ago: executing program 3 (id=1567):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x194, 0x65, 0x200, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xffe0, 0xd}}, [@TCA_CHAIN={0x8, 0xb, 0xba41}, @filter_kind_options=@f_u32={{0x8}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x401}, @filter_kind_options=@f_fw={{0x7}, {0x14c, 0x2, [@TCA_FW_INDEV={0x14, 0x3, 'bridge_slave_0\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'wlan1\x00'}, @TCA_FW_CLASSID={0x8, 0x1, {0xffe0, 0x7}}, @TCA_FW_ACT={0x100, 0x4, [@m_sample={0xfc, 0x17, 0x0, 0x0, {{0xb}, {0x4}, {0xcd, 0x6, "047d7b171e2410a71412ac7e80f8930d3c706c23f4f0ab39569f59f772f7cf12a8d6cb48a27c0384d895f486c5684324bc5e8b263b738b63e2c45826f5fa2a7e424ec5bf72b5384a075bbb6ee31db55c5ee629d2946312aa0c752559d063f19d176c42a552027002e95e18df6aa2d23ee0d92e24438d2e1fc8a1b843f83278df4a6f5a4b7a998b3486330d49117ce8db1badaf6ca6148f1dc6a88e51b3cb0e52af93372f18abfeb85586ca5d019d8bc61b5eb491f684d7482650c8fb29a60fe2abae61bad90856cb27"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_FW_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffff}]}, @TCA_FW_MASK={0x8, 0x5, 0x40000e4}]}}]}, 0x194}, 0x1, 0x0, 0x0, 0x40090}, 0x48000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

769.325863ms ago: executing program 4 (id=1569):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403, 0x0, 0x0, 0x802}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0xfff4}]}}}]}, 0x38}}, 0x40000)

747.381601ms ago: executing program 0 (id=1570):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xb0, 0x6}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {}, {0x7}}}, 0x24}}, 0x0)

706.213961ms ago: executing program 2 (id=1571):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000980)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x8, 0x2, 0xfffffff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4006)

658.762167ms ago: executing program 4 (id=1572):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})

577.127441ms ago: executing program 3 (id=1573):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x4a9a, 0x4)
sendmmsg$inet(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000bc0)="23004e4ee760d48ddc6b7a1ebfc6e0276028840fb20d5233e81c802684e8ac1dc195296ffaaeace75a07a653ee918f67beb970cd36769470f7acb5cd5becfa3839cec05a81f9488931e0a9ba9a246f45fee8b5240bd1e078539b56973bfbbee5a100668daf66ef25121ca65db1d172a489e35e43f2ced9183d48b5850b9e1de2c492604f7b27f030d82cf14d7bcbe35579bfbfbcccc3dceb90fc0075c0c67c8b887bd9356b0fc5e5479c0133683c922e936e6d9431f80a38a5f819c00801d677445ad545dd77e1", 0xc7}], 0x1}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000640)="f473bd", 0x3}], 0x1}}], 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100"], 0x50}, 0x1, 0xba01}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

529.630589ms ago: executing program 2 (id=1574):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000039c0)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808980200000000000000334d83239d0c2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cae2ed4b4390af9a9ceefd07e002cab5ebfcaad34732181feb215139f15eafddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a58090000000000000094f22cdf550ef091a78098534f0d973058594000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca3905689a1f3db9c24db65c1e0001581d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86c0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8dd4fc7ea0000af3904ea0f3698cd9492794b8212a350d726bff873339c4cad4ead1348474250eda2c8067ab730c1d82a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c3fc74c00000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860e44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cd32941a815e3f3ceafe3065b9594fdcb24ebb6eddb9e87c9ecec7a42c0000abe1c6ea55887dfa18d0aea1b6eca5a883702b0bf3aefcb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3c0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5b0300000026d3c27e7945b29996e5cefbc9f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac2bc3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa1784d927aca9b8540534c5c49a0300cfbc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984ae4e679107a14bbb24851f6199eaf9a1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a55594616020f72f1c55ee3d325c7496a7c2f10cfeae16ae436751227378f0b1ee78bd33c50206700dd90b96a330f92bff736c83ca53e7f02b734d1a9292337e2be3896f7e7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cde00995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb6961c07b47521973cf0bb6f5530f6216b047b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d420e7b2a9e2f87f7b44949fe14c00000000000f47030c09f62d444b4981db81799776eeb4448278de519705fa8b56779bc8cc927b308c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dedc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982ebddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bffc30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c20024032e9b3bba7d6ceca38d3e96db049b92fc32ee34fe7b8419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab61213bf50000000000e1000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba3759fa55249b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be5732f29eed98d5b3688d80f7c66f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bb850f8035040ad9e57abe58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc053e64bfcfd057980136d6e9faca03b24fa300ef90bfe4ad364256937796f941c2fead94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808d409b5e36fc7fdd40080361427b6b9c118e5c9a0a1d5ca24886eb8a78796540635ac3530b9025d8bad0533a7f81b2188ec75a5fc9302e3815bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124bad23e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3018c7d48c4b6c2f6910975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df745ae7a4e446ca16d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf378ca2e577e206a758a3d46e45e7949c5b5069103009693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000b84b11308b6636b735b3c654cbc0000000000000019a4e9a9c2cbc906f97fd6eb00b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea02023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6085100d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac4bf5c06c6398c1b28bdd3f4c2353c330d8457cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a99d747d38ef5042053299b8e95decc637a022a49664742606cfdb2a3258498a6a0a82369d70177433e52b851ac396163ca09e6c22ad796a565cf23d87ae9be7235553aa6b8ab74842d3d4ba738b3fa997f079d225335f2af55644478e514aed8ba202805ad458d9ae6ab8d156f11f3cfe7def690f2bbbb463063664625223d23386540e0db96d8eb1755ad49ae817683de97a6dd32d584391302e65594b12bb2e6630217401031c8a1b964ca32f735421bbf64c9f1f9329e5cfda139ea79619e1d00a9a3ab49993362f30d191aa3387101feaa3e326190804eae2114437f8f4b27480900dd6511844a643886588fbdee7f8863a8dfdd75a9e128c6c15166a5f92d3c2d4952e5d07c59bfce0724a02600094c3369be3024edf451ff76a59855fd90353a0de907834bb77a059c56e92eed2f1415b3d8178453c7aecd8fbd161e2ffd66bcf2be175e45184f06bafd1c1c4fd7006a6c90d8afd126f1c51ee0f724ffbbed25a286c95d17c8b4297f8bba8efd565ecb157f0be244fb9657f737354b20e3a5012abb36052eec7a4fe9bc5b5283581b208d90d28d78f1c5422c3bcad67278e8bb88d7e6ccf72dd61319b44aa617d667000000000000a5edbd3e8605225681090853fc66a20e30fb9938e5886ae748236f5e071278763e070b2b75ce0a9e6870033d25dd19733152b01b507d812216e0f7fc89bbe200806f079e9515dd886a781a46ebe3da4c8307885b535109bb1678d08eeef3717bea30f64282ee844b6d64ec51b1221d175b59c1537089dfa803275ab6dcd40b1fe4e851597c1993a477c225201087b7b0977be62a71927bb01b705267aabe967add451795dfd5114726193415cc3e0784a37db8ab8b97a171bc4ad9593f7c750ad440a26b93d24ee8f080de0f2a16cbd5cd1f370bc1235d88d5cbd25acf91daa392731dab4c9c15015de2fded6332b6ebccf6e1588f3f1a5a3e853587a6843ee1a3f3c270e3ab4462bcff01c70b03e8f8c9d816d7d69e4040155e9f999ce4e366a816c6e7224f41df7eead6d6d214ed98708e1d269f4b469af2e2a2559258439758f4fded2780e736568c7eea209c5ed54a1beaf06013bb4b330d39518528a46d68b277faf926672650cad335ae285aeb0b0130a9c7016580a857722b9c51a5a37a856ccb9b6673f58ebfa66f1db4d041741e104cdd91efa4b3248ebecff3568f31b547b19a939708c3b4b45f46377b4a345248489ddef4bc87426717971de1c0049006d2fb99c311fa91c364749917ee81ea8fd51365449d568eadbad6aead6101b7e6582e793670492d814d58e4a9faa8a4a3027b230e8f5b2349fb3ff3c4365df6bd85aa7f76c388ef94f0155c81b04863624fb4708f83ebf93a51d1438d7761d4b1b929d9aa8faef691676834a2591b75205ede2e4a709c3a9899d06c5cb5a571159402e429c5cf839f49957aed76dc7db43f9fdc754e40d7c662ad7939a09bfdbc31deb0d327895afae1eca61820e09abc2c0ed5ce083aceb89c8e24ad45483d3128f0547869970dc84c8787a06046bf79f28a7678b03baeff239ce600d91a07236e255ff7ea441ff0602bb38d7aaa1c414a94c4e143ea2cca9d14a01bb70ff93057a03288bd71c45b025731765ca5250b162f08be1a29460a53f213bfb88a8e80e4c46dbfa5936894a95d27c4e90c151748f8ee457c29cb7e21deb805a9c5c6abf373a4bad5e1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffffe8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r2, 0x18000000000002a0, 0x38, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f086dd", 0x0, 0x63, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48)

507.37824ms ago: executing program 0 (id=1575):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r3}, 0x69)

417.324715ms ago: executing program 2 (id=1576):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@migrate={0xa0, 0x21, 0xd39, 0x0, 0x0, {{@in=@remote, @in=@multicast2, 0x8000, 0x0, 0x0, 0x0, 0x2}}, [@migrate={0x50, 0x11, [{@in6=@private0={0xfc, 0x0, '\x00', 0xfe}, @in6=@mcast2, @in=@empty, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0x0, 0xa}]}]}, 0xa0}}, 0x0)

410.128294ms ago: executing program 4 (id=1577):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x8, 0x3, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='fib_table_lookup\x00', r1}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c00)={r2, 0xe0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbb, 0x8, 0x0, 0x0}}, 0x10)

373.436403ms ago: executing program 2 (id=1578):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000400), 0xffffffffffffffff)
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x9, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.freeze\x00', 0x26e1, 0x0)
close(r2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240))
ioctl$SIOCSIFHWADDR(r2, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @broadcast})

305.022588ms ago: executing program 4 (id=1579):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x18c, 0x65, 0x200, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xffe0, 0xd}}, [@TCA_CHAIN={0x8, 0xb, 0xba41}, @filter_kind_options=@f_u32={{0x8}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x401}, @filter_kind_options=@f_fw={{0x7}, {0x144, 0x2, [@TCA_FW_INDEV={0x14, 0x3, 'bridge_slave_0\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'wlan1\x00'}, @TCA_FW_CLASSID={0x8, 0x1, {0xffe0, 0x7}}, @TCA_FW_ACT={0x100, 0x4, [@m_sample={0xfc, 0x17, 0x0, 0x0, {{0xb}, {0x4}, {0xcd, 0x6, "047d7b171e2410a71412ac7e80f8930d3c706c23f4f0ab39569f59f772f7cf12a8d6cb48a27c0384d895f486c5684324bc5e8b263b738b63e2c45826f5fa2a7e424ec5bf72b5384a075bbb6ee31db55c5ee629d2946312aa0c752559d063f19d176c42a552027002e95e18df6aa2d23ee0d92e24438d2e1fc8a1b843f83278df4a6f5a4b7a998b3486330d49117ce8db1badaf6ca6148f1dc6a88e51b3cb0e52af93372f18abfeb85586ca5d019d8bc61b5eb491f684d7482650c8fb29a60fe2abae61bad90856cb27"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_FW_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffff}]}]}}]}, 0x18c}, 0x1, 0x0, 0x0, 0x40090}, 0x48000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

304.76667ms ago: executing program 0 (id=1580):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

226.617086ms ago: executing program 0 (id=1581):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x0, @remote, @local, {[], {{0xffff, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x7, {[@window={0x3, 0x3, 0x3d}]}}}}}}}}, 0x0)

149.760134ms ago: executing program 2 (id=1582):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

149.404736ms ago: executing program 4 (id=1583):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3a}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x80)

144.387845ms ago: executing program 3 (id=1584):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, 0x2, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x25}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7ff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4018045}, 0x0)

745.386µs ago: executing program 3 (id=1585):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x9, 0x143ffd, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r2, &(0x7f0000000180), 0x20000000}, 0x20)

0s ago: executing program 2 (id=1586):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r4}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="06517dc2e6ea"})

kernel console output (not intermixed with test programs):

7339] sch_tbf: burst 1127 is lower than device lo mtu (65550) !
[  112.704480][ T7359] bridge_slave_0: left allmulticast mode
[  112.717861][ T7359] bridge_slave_0: left promiscuous mode
[  112.739085][ T7359] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.793963][ T7359] bridge_slave_1: left allmulticast mode
[  112.811944][ T7359] bridge_slave_1: left promiscuous mode
[  112.837140][ T7359] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.879531][ T7359] bond0: (slave bond_slave_0): Releasing backup interface
[  112.917696][ T7359] bond0: (slave bond_slave_1): Releasing backup interface
[  112.946507][ T7359] team_slave_0: left promiscuous mode
[  112.967933][ T7359] team0: Port device team_slave_0 removed
[  112.992303][ T7359] team_slave_1: left promiscuous mode
[  113.058638][ T7359] team0: Port device team_slave_1 removed
[  113.070926][ T7359] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  113.086399][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.140611][ T7359] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.166528][ T7359] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.220390][ T7359] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  113.277610][ T7359] team0: Port device netdevsim0 removed
[  113.886890][ T7380] __nla_validate_parse: 3 callbacks suppressed
[  113.886913][ T7380] netlink: 28 bytes leftover after parsing attributes in process `syz.4.468'.
[  113.952271][ T7380] netlink: 28 bytes leftover after parsing attributes in process `syz.4.468'.
[  114.001242][ T7386] pimreg: entered allmulticast mode
[  114.047594][ T7386] netlink: 'syz.4.468': attribute type 2 has an invalid length.
[  114.114284][ T7388] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 37699 - 0
[  114.129392][ T7388] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 37699 - 0
[  114.153890][ T7388] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 37699 - 0
[  114.179290][ T7388] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 37699 - 0
[  114.191140][ T7388] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 49664 - 0
[  114.208852][ T7388] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 49664 - 0
[  114.221312][ T7388] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 49664 - 0
[  114.230399][ T7388] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 49664 - 0
[  114.255056][ T7388] geneve2: entered promiscuous mode
[  114.260369][ T7388] geneve2: entered allmulticast mode
[  114.294337][ T7391] netlink: 'syz.0.470': attribute type 4 has an invalid length.
[  114.353674][ T7392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  114.359675][ T7394] netlink: 28 bytes leftover after parsing attributes in process `syz.4.472'.
[  114.375820][ T7394] netlink: 28 bytes leftover after parsing attributes in process `syz.4.472'.
[  114.384773][ T7392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.490443][ T7394] team0: entered promiscuous mode
[  114.501730][ T7394] team_slave_0: entered promiscuous mode
[  114.510212][ T7394] team_slave_1: entered promiscuous mode
[  114.526286][ T7394] bridge0: entered promiscuous mode
[  114.540030][ T7394] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  114.555304][ T7394] Cannot create hsr debugfs directory
[  114.703388][ T7403] netlink: 16 bytes leftover after parsing attributes in process `syz.2.476'.
[  114.712189][ T7405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.477'.
[  114.740340][ T7405] netlink: 48 bytes leftover after parsing attributes in process `syz.4.477'.
[  115.050302][ T7396] netlink: 20 bytes leftover after parsing attributes in process `syz.0.473'.
[  115.059524][ T7396] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  115.066813][ T7396] IPv6: NLM_F_CREATE should be set when creating new route
[  115.074185][ T7396] IPv6: NLM_F_CREATE should be set when creating new route
[  115.083124][ T7420] netlink: 'syz.4.477': attribute type 4 has an invalid length.
[  115.111426][ T7420] ip6t_srh: unknown srh invflags 4000
[  115.351810][ T7428] netlink: 'syz.0.484': attribute type 12 has an invalid length.
[  115.645593][ T7439] xt_cgroup: invalid path, errno=-2
[  115.840158][ T7449] FAULT_INJECTION: forcing a failure.
[  115.840158][ T7449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.867561][ T7449] CPU: 1 UID: 0 PID: 7449 Comm: syz.4.490 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  115.878313][ T7449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  115.888484][ T7449] Call Trace:
[  115.891779][ T7449]  <TASK>
[  115.894724][ T7449]  dump_stack_lvl+0x241/0x360
[  115.899610][ T7449]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.904835][ T7449]  ? __pfx__printk+0x10/0x10
[  115.909469][ T7449]  should_fail_ex+0x3b0/0x4e0
[  115.914173][ T7449]  _copy_to_user+0x31/0xb0
[  115.918623][ T7449]  bpf_test_finish+0x212/0x890
[  115.923418][ T7449]  ? __pfx_bpf_test_finish+0x10/0x10
[  115.928740][ T7449]  ? convert___skb_to_skb+0x41/0x620
[  115.934052][ T7449]  ? convert_skb_to___skb+0x2d3/0x510
[  115.939451][ T7449]  bpf_prog_test_run_skb+0xff0/0x1820
[  115.944866][ T7449]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  115.950695][ T7449]  ? __fget_files+0x2a/0x410
[  115.955317][ T7449]  ? fput+0x21b/0x290
[  115.959323][ T7449]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  115.965153][ T7449]  bpf_prog_test_run+0x2e4/0x360
[  115.970202][ T7449]  __sys_bpf+0x48d/0x810
[  115.974466][ T7449]  ? __pfx___sys_bpf+0x10/0x10
[  115.979279][ T7449]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  115.985300][ T7449]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  115.991656][ T7449]  ? do_syscall_64+0x100/0x230
[  115.996453][ T7449]  __x64_sys_bpf+0x7c/0x90
[  116.000909][ T7449]  do_syscall_64+0xf3/0x230
[  116.003470][ T7443] netlink: 20 bytes leftover after parsing attributes in process `syz.2.487'.
[  116.005418][ T7449]  ? clear_bhb_loop+0x35/0x90
[  116.005446][ T7449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.005466][ T7449] RIP: 0033:0x7f9910d7ff19
[  116.017055][ T7443] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  116.021324][ T7449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.027331][ T7443] IPv6: NLM_F_CREATE should be set when creating new route
[  116.031597][ T7449] RSP: 002b:00007f9911bd3058 EFLAGS: 00000246
[  116.038878][ T7443] IPv6: NLM_F_CREATE should be set when creating new route
[  116.058460][ T7449]  ORIG_RAX: 0000000000000141
[  116.058480][ T7449] RAX: ffffffffffffffda RBX: 00007f9910f45fa0 RCX: 00007f9910d7ff19
[  116.058493][ T7449] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  116.058504][ T7449] RBP: 00007f9911bd30a0 R08: 0000000000000000 R09: 0000000000000000
[  116.058515][ T7449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.115991][ T7449] R13: 0000000000000000 R14: 00007f9910f45fa0 R15: 00007ffc9900f1a8
[  116.124018][ T7449]  </TASK>
[  116.921486][ T7463] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.493'.
[  117.152425][ T7484] lo: left allmulticast mode
[  117.174334][ T7484] tunl0: left allmulticast mode
[  117.192956][ T7484] gre0: left allmulticast mode
[  117.203092][ T7484] gretap0: left allmulticast mode
[  117.218525][ T7484] erspan0: left allmulticast mode
[  117.223910][ T7484] ip_vti0: left allmulticast mode
[  117.251371][ T7484] ip6_vti0: left allmulticast mode
[  117.270323][ T7484] sit0: left allmulticast mode
[  117.312394][ T7484] ip6tnl0: left allmulticast mode
[  117.337045][ T7484] ip6gre0: left allmulticast mode
[  117.363373][ T7484] syz_tun: left allmulticast mode
[  117.370501][ T7484] vcan0: left allmulticast mode
[  117.382011][ T7484] bond0: left allmulticast mode
[  117.388716][ T7484] dummy0: left allmulticast mode
[  117.393927][ T7484] nlmon0: left allmulticast mode
[  117.404731][ T7484] caif0: left allmulticast mode
[  117.410432][ T7484] batadv0: left allmulticast mode
[  117.420842][ T7484] vxcan0: left allmulticast mode
[  117.426734][ T7484] vxcan1: left allmulticast mode
[  117.431902][ T7484] veth0: left allmulticast mode
[  117.448019][ T7484] veth1: left allmulticast mode
[  117.453225][ T7484] wg0: left allmulticast mode
[  117.463466][ T7484] wg1: left allmulticast mode
[  117.469050][ T7484] wg2: left allmulticast mode
[  117.474375][ T7484] veth0_to_bridge: left allmulticast mode
[  117.485919][ T7484] bridge_slave_0: left allmulticast mode
[  117.491888][ T7484] veth1_to_bridge: left allmulticast mode
[  117.502914][ T7484] bridge_slave_1: left allmulticast mode
[  117.510771][ T7484] veth0_to_bond: left allmulticast mode
[  117.520255][ T7484] bond_slave_0: left allmulticast mode
[  117.527435][ T7484] veth1_to_bond: left allmulticast mode
[  117.533421][ T7484] bond_slave_1: left allmulticast mode
[  117.539821][ T7484] veth0_to_team: left allmulticast mode
[  117.546624][ T7484] team_slave_0: left allmulticast mode
[  117.552257][ T7484] veth1_to_team: left allmulticast mode
[  117.559213][ T7484] team_slave_1: left allmulticast mode
[  117.564846][ T7484] veth0_to_batadv: left allmulticast mode
[  117.572386][ T7484] batadv_slave_0: left allmulticast mode
[  117.578526][ T7484] veth1_to_batadv: left allmulticast mode
[  117.584555][ T7484] batadv_slave_1: left allmulticast mode
[  117.591780][ T7484] xfrm0: left allmulticast mode
[  117.597493][ T7484] veth0_to_hsr: left allmulticast mode
[  117.603221][ T7484] veth1_to_hsr: left allmulticast mode
[  117.639652][ T7484] hsr0: left allmulticast mode
[  117.645323][ T7484] hsr_slave_0: left allmulticast mode
[  117.651914][ T7484] hsr_slave_1: left allmulticast mode
[  117.662641][ T7484] veth1_virt_wifi: left allmulticast mode
[  117.669161][ T7484] veth0_virt_wifi: left allmulticast mode
[  117.680623][ T7484] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  117.688741][ T7484] veth1_vlan: left allmulticast mode
[  117.694382][ T7484] vlan0: left allmulticast mode
[  117.704389][ T7484] vlan1: left allmulticast mode
[  117.711973][ T7484] macvlan0: left allmulticast mode
[  117.717767][ T7484] macvlan1: left allmulticast mode
[  117.728463][ T7484] ipvlan0: left allmulticast mode
[  117.751665][ T7484] ipvlan1: left allmulticast mode
[  117.760794][ T7484] veth0_vlan: left allmulticast mode
[  117.768049][ T7484] veth1_macvtap: left allmulticast mode
[  117.773790][ T7484] veth0_macvtap: left allmulticast mode
[  117.779843][ T7484] macvtap0: left allmulticast mode
[  117.786579][ T7484] geneve0: left allmulticast mode
[  117.791828][ T7484] geneve1: left allmulticast mode
[  117.801301][ T7484] netdevsim netdevsim2 netdevsim1: left allmulticast mode
[  117.808715][ T7484] netdevsim netdevsim2 netdevsim2: left allmulticast mode
[  117.816329][ T7484] netdevsim netdevsim2 netdevsim3: left allmulticast mode
[  117.824118][ T7484] mac80211_hwsim hwsim8 wlan0: left allmulticast mode
[  117.836106][ T7484] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[  117.844576][ T7484] macvtap0.3: left allmulticast mode
[  117.856765][ T7484] hsr1: left allmulticast mode
[  117.861646][ T7484] team0: left allmulticast mode
[  117.868045][ T7484] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  117.875657][ T7484] bridge0: left allmulticast mode
[  117.880876][ T7484] geneve2: left allmulticast mode
[  117.886543][ T7484] bridge1: left allmulticast mode
[  117.891728][ T7484] macvlan2: left allmulticast mode
[  117.897345][ T7484] syztnl2: left allmulticast mode
[  117.902529][ T7484] bridge2: left allmulticast mode
[  118.130842][ T7521] netlink: 'syz.2.511': attribute type 1 has an invalid length.
[  118.609570][ T7550] Cannot find map_set index 0 as target
[  118.725654][ T7553] netlink: 'syz.1.521': attribute type 1 has an invalid length.
[  118.768163][ T7558] netlink: 'syz.3.522': attribute type 10 has an invalid length.
[  118.787279][ T7558] bridge0: left allmulticast mode
[  118.822513][ T7558] bridge0: entered allmulticast mode
[  118.833525][ T7558] team0: Port device bridge0 added
[  118.899508][ T7564] __nla_validate_parse: 7 callbacks suppressed
[  118.899526][ T7564] netlink: 28 bytes leftover after parsing attributes in process `syz.2.525'.
[  118.939091][ T7564] netlink: 28 bytes leftover after parsing attributes in process `syz.2.525'.
[  118.995027][ T7570] sit0: entered promiscuous mode
[  119.028900][ T7570] sit0: left allmulticast mode
[  119.034416][ T7574] netlink: 16 bytes leftover after parsing attributes in process `syz.1.529'.
[  119.048130][ T7570] netlink: 'syz.0.527': attribute type 1 has an invalid length.
[  119.071575][ T7570] netlink: 1 bytes leftover after parsing attributes in process `syz.0.527'.
[  119.113176][ T7573] xt_hashlimit: max too large, truncated to 1048576
[  119.117039][ T7578] netlink: 8 bytes leftover after parsing attributes in process `syz.2.530'.
[  119.155456][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.530'.
[  119.175168][ T7578] netlink: 5 bytes leftover after parsing attributes in process `syz.2.530'.
[  119.677478][ T7606] netlink: 12 bytes leftover after parsing attributes in process `syz.4.541'.
[  119.735855][ T7609] netlink: 'syz.0.543': attribute type 1 has an invalid length.
[  119.758624][ T7609] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.769407][ T7609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.543'.
[  119.784840][ T7609] veth2: entered allmulticast mode
[  119.808225][ T7609] batadv0: entered promiscuous mode
[  119.814640][ T7609] batadv0: entered allmulticast mode
[  119.821624][ T7609] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.830741][ T7609] bond0: (slave batadv0): making interface the new active one
[  119.840961][ T7609] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  120.039899][ T7620] tipc: Invalid UDP bearer configuration
[  120.039960][ T7620] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  120.418170][ T7613] FAULT_INJECTION: forcing a failure.
[  120.418170][ T7613] name failslab, interval 1, probability 0, space 0, times 0
[  120.444189][ T7613] CPU: 1 UID: 0 PID: 7613 Comm: syz.4.544 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  120.454937][ T7613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  120.465040][ T7613] Call Trace:
[  120.468350][ T7613]  <TASK>
[  120.471300][ T7613]  dump_stack_lvl+0x241/0x360
[  120.476045][ T7613]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.481248][ T7613]  ? __pfx__printk+0x10/0x10
[  120.485855][ T7613]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  120.491262][ T7613]  ? __pfx___might_resched+0x10/0x10
[  120.496579][ T7613]  ? dev_addr_mod+0xbd/0x330
[  120.501205][ T7613]  should_fail_ex+0x3b0/0x4e0
[  120.505920][ T7613]  should_failslab+0xac/0x100
[  120.510635][ T7613]  __kmalloc_node_noprof+0xe1/0x4d0
[  120.515871][ T7613]  ? __pfx_geneve_setup+0x10/0x10
[  120.520940][ T7613]  ? __kvmalloc_node_noprof+0x72/0x190
[  120.526437][ T7613]  ? __raw_spin_lock_init+0x45/0x100
[  120.531771][ T7613]  __kvmalloc_node_noprof+0x72/0x190
[  120.537104][ T7613]  alloc_netdev_mqs+0x8d4/0x1080
[  120.542091][ T7613]  rtnl_create_link+0x2f9/0xc20
[  120.546983][ T7613]  rtnl_newlink_create+0x210/0xa40
[  120.552238][ T7613]  ? __pfx___mutex_lock+0x10/0x10
[  120.557299][ T7613]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  120.562963][ T7613]  ? ns_capable+0x8a/0xf0
[  120.567302][ T7613]  rtnl_newlink+0x1b40/0x20e0
[  120.571991][ T7613]  ? __pfx_rtnl_newlink+0x10/0x10
[  120.577013][ T7613]  ? __pfx_validate_chain+0x10/0x10
[  120.582229][ T7613]  ? validate_chain+0x11e/0x5920
[  120.587184][ T7613]  ? __pfx_lock_acquire+0x10/0x10
[  120.592257][ T7613]  ? __pfx_lock_release+0x10/0x10
[  120.597315][ T7613]  ? __pfx_validate_chain+0x10/0x10
[  120.602558][ T7613]  ? mark_lock+0x9a/0x360
[  120.606926][ T7613]  ? __lock_acquire+0x1397/0x2100
[  120.612014][ T7613]  ? __pfx_lock_release+0x10/0x10
[  120.617088][ T7613]  ? __pfx_rtnl_newlink+0x10/0x10
[  120.622164][ T7613]  rtnetlink_rcv_msg+0x791/0xcf0
[  120.627106][ T7613]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  120.632251][ T7613]  ? __lock_acquire+0x1397/0x2100
[  120.637295][ T7613]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  120.642811][ T7613]  netlink_rcv_skb+0x1e3/0x430
[  120.647619][ T7613]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  120.653116][ T7613]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  120.658485][ T7613]  ? netlink_deliver_tap+0x2e/0x1b0
[  120.663720][ T7613]  netlink_unicast+0x7f6/0x990
[  120.668534][ T7613]  ? __pfx_netlink_unicast+0x10/0x10
[  120.673850][ T7613]  ? __virt_addr_valid+0x183/0x530
[  120.679017][ T7613]  ? __check_object_size+0x48e/0x900
[  120.684438][ T7613]  netlink_sendmsg+0x8e4/0xcb0
[  120.689252][ T7613]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.694545][ T7613]  ? aa_sock_msg_perm+0x91/0x160
[  120.699489][ T7613]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.704769][ T7613]  __sock_sendmsg+0x221/0x270
[  120.709449][ T7613]  ____sys_sendmsg+0x52a/0x7e0
[  120.714394][ T7613]  ? __pfx_____sys_sendmsg+0x10/0x10
[  120.719677][ T7613]  ? __fget_files+0x2a/0x410
[  120.724269][ T7613]  ? __fget_files+0x2a/0x410
[  120.728863][ T7613]  __sys_sendmsg+0x269/0x350
[  120.733473][ T7613]  ? __pfx_lock_release+0x10/0x10
[  120.738518][ T7613]  ? __pfx___sys_sendmsg+0x10/0x10
[  120.743689][ T7613]  ? __pfx_vfs_write+0x10/0x10
[  120.748478][ T7613]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  120.754820][ T7613]  ? do_syscall_64+0x100/0x230
[  120.759588][ T7613]  ? do_syscall_64+0xb6/0x230
[  120.764267][ T7613]  do_syscall_64+0xf3/0x230
[  120.768772][ T7613]  ? clear_bhb_loop+0x35/0x90
[  120.773449][ T7613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.779349][ T7613] RIP: 0033:0x7f9910d7ff19
[  120.783771][ T7613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.803412][ T7613] RSP: 002b:00007f9911bd3058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.811835][ T7613] RAX: ffffffffffffffda RBX: 00007f9910f45fa0 RCX: 00007f9910d7ff19
[  120.819986][ T7613] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000004
[  120.827955][ T7613] RBP: 00007f9911bd30a0 R08: 0000000000000000 R09: 0000000000000000
[  120.835944][ T7613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.843937][ T7613] R13: 0000000000000000 R14: 00007f9910f45fa0 R15: 00007ffc9900f1a8
[  120.851939][ T7613]  </TASK>
[  121.223440][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.559'.
[  121.301641][ T7669] netlink: 'syz.0.560': attribute type 1 has an invalid length.
[  122.168657][ T7695] Cannot find map_set index 0 as target
[  122.840976][ T7729] team0: Cannot enslave team device to itself
[  122.850551][ T7729] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  123.045993][ T7736] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  123.099478][ T7737] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  123.408570][ T7750] netlink: 'syz.3.590': attribute type 10 has an invalid length.
[  123.683202][ T7737] bridge_slave_0: default FDB implementation only supports local addresses
[  123.962723][ T7772] xt_hashlimit: overflow, rate too high: 0
[  123.984377][ T7772] netlink: 'syz.2.597': attribute type 4 has an invalid length.
[  124.129599][ T7781] netlink: 'syz.0.600': attribute type 12 has an invalid length.
[  124.188680][ T7784] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  124.441476][ T7793] sctp: [Deprecated]: syz.1.605 (pid 7793) Use of struct sctp_assoc_value in delayed_ack socket option.
[  124.441476][ T7793] Use struct sctp_sack_info instead
[  124.463920][ T7795] nbd: must specify a size in bytes for the device
[  125.045913][ T7821] __nla_validate_parse: 3 callbacks suppressed
[  125.045933][ T7821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.617'.
[  125.100129][ T7823] SET target dimension over the limit!
[  125.432860][ T7841] veth0_to_bridge: entered promiscuous mode
[  125.468417][ T7842] lo: entered allmulticast mode
[  125.478162][ T7842] tunl0: entered allmulticast mode
[  125.483443][ T7842] gre0: entered allmulticast mode
[  125.489364][ T7842] gretap0: entered allmulticast mode
[  125.494806][ T7842] erspan0: entered allmulticast mode
[  125.504042][ T7842] ip_vti0: entered allmulticast mode
[  125.511225][ T7842] ip6_vti0: entered allmulticast mode
[  125.531542][ T7844] netlink: 'syz.4.625': attribute type 2 has an invalid length.
[  125.535246][ T7842] sit0: entered allmulticast mode
[  125.555597][ T7842] ip6tnl0: entered allmulticast mode
[  125.561177][ T7842] ip6gre0: entered allmulticast mode
[  125.567139][ T7842] syz_tun: entered allmulticast mode
[  125.575609][ T7842] bridge0: entered allmulticast mode
[  125.581037][ T7842] vcan0: entered allmulticast mode
[  125.586414][ T7842] bond0: entered allmulticast mode
[  125.591651][ T7842] dummy0: entered allmulticast mode
[  125.602826][ T7852] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  125.614576][ T7842] nlmon0: entered allmulticast mode
[  125.620323][ T7842] caif0: entered allmulticast mode
[  125.626014][ T7842] batadv0: entered allmulticast mode
[  125.631582][ T7842] vxcan0: entered allmulticast mode
[  125.637745][ T7842] vxcan1: entered allmulticast mode
[  125.643266][ T7842] veth0: entered allmulticast mode
[  125.648907][ T7842] veth1: entered allmulticast mode
[  125.655438][ T7842] wg0: entered allmulticast mode
[  125.660734][ T7842] wg1: entered allmulticast mode
[  125.666378][ T7842] wg2: entered allmulticast mode
[  125.671653][ T7842] veth0_to_bridge: entered allmulticast mode
[  125.678180][ T7842] bridge_slave_0: entered allmulticast mode
[  125.684440][ T7842] veth1_to_bridge: entered allmulticast mode
[  125.691035][ T7842] bridge_slave_1: entered allmulticast mode
[  125.697414][ T7842] veth0_to_bond: entered allmulticast mode
[  125.703491][ T7842] bond_slave_0: entered allmulticast mode
[  125.709637][ T7842] veth1_to_bond: entered allmulticast mode
[  125.715980][ T7842] bond_slave_1: entered allmulticast mode
[  125.722185][ T7842] veth0_to_team: entered allmulticast mode
[  125.740564][ T7842] team_slave_0: entered allmulticast mode
[  125.746781][ T7842] veth1_to_team: entered allmulticast mode
[  125.752782][ T7842] team_slave_1: entered allmulticast mode
[  125.758735][ T7842] veth0_to_batadv: entered allmulticast mode
[  125.764875][ T7842] batadv_slave_0: entered allmulticast mode
[  125.771165][ T7842] veth1_to_batadv: entered allmulticast mode
[  125.777880][ T7842] batadv_slave_1: entered allmulticast mode
[  125.784052][ T7842] xfrm0: entered allmulticast mode
[  125.789461][ T7842] veth0_to_hsr: entered allmulticast mode
[  125.795674][ T7842] hsr_slave_0: entered allmulticast mode
[  125.801863][ T7842] veth1_to_hsr: entered allmulticast mode
[  125.808217][ T7842] hsr_slave_1: entered allmulticast mode
[  125.814184][ T7842] hsr0: entered allmulticast mode
[  125.819575][ T7842] veth1_virt_wifi: entered allmulticast mode
[  125.826002][ T7842] veth0_virt_wifi: entered allmulticast mode
[  125.832326][ T7842] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  125.840033][ T7842] veth1_vlan: entered allmulticast mode
[  125.845827][ T7842] veth0_vlan: entered allmulticast mode
[  125.855145][ T7842] vlan0: entered allmulticast mode
[  125.860493][ T7842] vlan1: entered allmulticast mode
[  125.874885][ T7842] macvlan0: entered allmulticast mode
[  125.880513][ T7842] macvlan1: entered allmulticast mode
[  125.895119][ T7842] ipvlan0: entered allmulticast mode
[  125.900535][ T7842] ipvlan1: entered allmulticast mode
[  125.915227][ T7842] veth1_macvtap: entered allmulticast mode
[  125.921235][ T7842] veth0_macvtap: entered allmulticast mode
[  125.927751][ T7842] macvtap0: entered allmulticast mode
[  125.933350][ T7842] geneve0: entered allmulticast mode
[  125.939656][ T7842] geneve1: entered allmulticast mode
[  125.945325][ T7842] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  125.953222][ T7842] netdevsim netdevsim2 netdevsim1: entered allmulticast mode
[  125.961409][ T7842] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[  125.969992][ T7859] netlink: 'syz.1.630': attribute type 10 has an invalid length.
[  125.977997][ T7842] netdevsim netdevsim2 netdevsim3: entered allmulticast mode
[  125.985599][ T7842] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  125.992783][ T7842] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  126.000207][ T7842] macvtap0.3: entered allmulticast mode
[  126.005967][ T7842] hsr1: entered allmulticast mode
[  126.011009][ T7842] team0: entered allmulticast mode
[  126.016314][ T7842] geneve2: entered allmulticast mode
[  126.021704][ T7842] bridge1: entered allmulticast mode
[  126.027263][ T7842] macvlan2: entered allmulticast mode
[  126.032834][ T7842] syztnl2: entered allmulticast mode
[  126.038748][ T7842] bridge2: entered allmulticast mode
[  126.044490][ T7842] ip6erspan0: entered allmulticast mode
[  126.268544][ T7844] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.276165][ T7844] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.380980][ T7873] netlink: 'syz.2.632': attribute type 1 has an invalid length.
[  126.415980][ T7873] netlink: 4 bytes leftover after parsing attributes in process `syz.2.632'.
[  126.444827][ T7844] batman_adv: batadv0: Interface deactivated: dummy0
[  126.655455][ T7844] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.695951][ T7844] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.782367][ T7844] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.805078][ T7844] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.814019][ T7844] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.851450][ T7844] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.931796][ T7859] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  126.972179][ T7859] team0: Port device netdevsim0 added
[  127.025127][ T7840] veth0_to_bridge: left promiscuous mode
[  127.124746][ T7881] netlink: 28 bytes leftover after parsing attributes in process `syz.2.636'.
[  127.133978][ T7881] netlink: 28 bytes leftover after parsing attributes in process `syz.2.636'.
[  127.401426][ T7892] netlink: 4 bytes leftover after parsing attributes in process `syz.1.640'.
[  127.625226][ T5844] Bluetooth: hci4: command 0x0405 tx timeout
[  127.703690][ T7879] netlink: 20 bytes leftover after parsing attributes in process `syz.3.635'.
[  127.713043][ T7879] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  127.720326][ T7879] IPv6: NLM_F_CREATE should be set when creating new route
[  127.727724][ T7879] IPv6: NLM_F_CREATE should be set when creating new route
[  128.282962][ T7929] netlink: 20 bytes leftover after parsing attributes in process `syz.4.654'.
[  128.477551][ T7946] netlink: 24 bytes leftover after parsing attributes in process `syz.1.656'.
[  128.632578][ T7936] netlink: 28 bytes leftover after parsing attributes in process `syz.1.656'.
[  128.956830][ T7975] netlink: 48 bytes leftover after parsing attributes in process `syz.4.663'.
[  129.111357][ T7980] netlink: 'syz.4.663': attribute type 10 has an invalid length.
[  129.188826][ T7980] team_slave_0: left promiscuous mode
[  129.376402][ T7980] team0: Port device team_slave_0 removed
[  130.105978][ T8002] netlink: 'syz.2.667': attribute type 2 has an invalid length.
[  130.128121][ T8001] macsec0: entered promiscuous mode
[  130.155942][ T8001] bridge0: entered promiscuous mode
[  130.190495][ T8001] macsec0: entered allmulticast mode
[  130.342566][ T8015] macsec0: entered promiscuous mode
[  130.380296][ T8015] dummy0: entered promiscuous mode
[  130.409428][ T8021] netlink: 'syz.0.675': attribute type 10 has an invalid length.
[  130.426849][ T8015] macsec0: entered allmulticast mode
[  130.432500][ T8015] dummy0: entered allmulticast mode
[  130.537285][ T8015] dummy0: left allmulticast mode
[  130.542516][ T8015] dummy0: left promiscuous mode
[  130.667618][ T8021] team0: Device bridge0 failed to register rx_handler
[  130.968446][ T8027] bridge3: entered promiscuous mode
[  130.983973][ T8027] bridge3: entered allmulticast mode
[  131.074021][ T8041] netlink: 'syz.4.682': attribute type 8 has an invalid length.
[  131.092556][ T8041] netlink: 244 bytes leftover after parsing attributes in process `syz.4.682'.
[  131.197107][ T8052] netlink: 44 bytes leftover after parsing attributes in process `syz.0.686'.
[  131.936617][ T8085] netlink: 12 bytes leftover after parsing attributes in process `syz.3.699'.
[  131.967895][ T8085] bond1: entered promiscuous mode
[  131.981995][ T8085] gretap1: entered promiscuous mode
[  131.987770][ T8085] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  132.082826][ T8090] sctp: [Deprecated]: syz.3.701 (pid 8090) Use of struct sctp_assoc_value in delayed_ack socket option.
[  132.082826][ T8090] Use struct sctp_sack_info instead
[  132.096414][ T8092] netlink: 'syz.2.702': attribute type 10 has an invalid length.
[  132.107154][ T8092] syz_tun: entered promiscuous mode
[  132.112401][ T8092] syz_tun: left allmulticast mode
[  132.120500][ T8092] syz_tun: entered allmulticast mode
[  132.127698][ T8092] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  132.399286][ T8104] netlink: 32 bytes leftover after parsing attributes in process `syz.3.707'.
[  132.442165][ T8104] netlink: 24 bytes leftover after parsing attributes in process `syz.3.707'.
[  132.465163][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.482082][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.684168][ T8120] netlink: 28 bytes leftover after parsing attributes in process `syz.1.714'.
[  132.813365][ T8131] netlink: 12 bytes leftover after parsing attributes in process `syz.3.719'.
[  132.920842][ T8137] netdevsim netdevsim3: Direct firmware load for .
[  132.920842][ T8137]  failed with error -2
[  132.942781][ T8137] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  132.942781][ T8137] 
[  133.064667][ T8147] lo speed is unknown, defaulting to 1000
[  133.070938][ T8147] lo speed is unknown, defaulting to 1000
[  133.081766][ T8147] lo speed is unknown, defaulting to 1000
[  133.099380][ T8147] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  133.114004][ T8147] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  133.124518][ T8150] tipc: Started in network mode
[  133.131701][ T8150] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[  133.146725][ T8150] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  133.158586][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  133.165107][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  133.189646][ T8147] lo speed is unknown, defaulting to 1000
[  133.197168][ T8147] lo speed is unknown, defaulting to 1000
[  133.203940][ T8147] lo speed is unknown, defaulting to 1000
[  133.214071][ T8147] lo speed is unknown, defaulting to 1000
[  133.223705][ T8147] lo speed is unknown, defaulting to 1000
[  133.228075][ T8153] netlink: 'syz.2.725': attribute type 1 has an invalid length.
[  133.245342][ T8153] netlink: 'syz.2.725': attribute type 2 has an invalid length.
[  133.373567][ T8161] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.728'.
[  133.383158][ T8162] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.728'.
[  133.553591][ T8173] netlink: 'syz.1.733': attribute type 10 has an invalid length.
[  133.567905][ T8173] syz_tun: entered promiscuous mode
[  133.621543][ T8173] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  133.762343][ T8181] netlink: 'syz.1.737': attribute type 1 has an invalid length.
[  133.801918][ T8181] netlink: 4 bytes leftover after parsing attributes in process `syz.1.737'.
[  133.949755][ T8189] netlink: 'syz.1.741': attribute type 10 has an invalid length.
[  133.980918][ T8189] team0: Device bridge0 is up. Set it down before adding it as a team port
[  134.151760][ T8201] netlink: 'syz.4.746': attribute type 2 has an invalid length.
[  134.213116][ T8203] netlink: 'syz.1.745': attribute type 13 has an invalid length.
[  134.353758][ T8213] xt_cgroup: invalid path, errno=-2
[  134.419820][ T8209] netlink: 'syz.4.748': attribute type 3 has an invalid length.
[  135.120738][ T8260] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.213812][ T8260] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.301992][ T8260] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.361273][ T8260] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode
[  135.376059][ T8260] team0: Port device netdevsim0 removed
[  135.383537][ T8260] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.471785][ T8260] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  135.489173][ T8260] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.502344][ T8260] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.536702][ T8260] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.800325][ T8273] bridge2: port 1(macvlan2) entered blocking state
[  135.827905][ T8273] bridge2: port 1(macvlan2) entered disabled state
[  135.848251][ T8273] macvlan2: entered allmulticast mode
[  135.876469][ T8273] macvlan2: entered promiscuous mode
[  135.928407][ T8283] xt_TCPMSS: Only works on TCP SYN packets
[  135.958435][ T8279] lo speed is unknown, defaulting to 1000
[  136.251253][ T8301] __nla_validate_parse: 8 callbacks suppressed
[  136.251274][ T8301] netlink: 8 bytes leftover after parsing attributes in process `syz.0.780'.
[  136.638638][ T8311] netlink: 4 bytes leftover after parsing attributes in process `syz.0.785'.
[  136.742214][ T8317] validate_nla: 1 callbacks suppressed
[  136.742234][ T8317] netlink: 'syz.0.785': attribute type 1 has an invalid length.
[  138.918531][ T8354] xt_bpf: check failed: parse error
[  139.040691][ T8358] netlink: 'syz.4.802': attribute type 10 has an invalid length.
[  139.048714][ T8358] syz_tun: entered promiscuous mode
[  139.057571][ T8358] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  139.301528][ T8375] netlink: 28 bytes leftover after parsing attributes in process `syz.4.809'.
[  139.311651][ T8375] netlink: 28 bytes leftover after parsing attributes in process `syz.4.809'.
[  139.324640][ T8373] netlink: 32 bytes leftover after parsing attributes in process `syz.1.807'.
[  139.337845][ T8373] netlink: 24 bytes leftover after parsing attributes in process `syz.1.807'.
[  139.371197][  T750] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.380635][  T750] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.402336][ T8381] netlink: 'syz.4.809': attribute type 2 has an invalid length.
[  139.750664][ T8392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.814'.
[  139.894721][ T8415] netlink: 'syz.0.818': attribute type 1 has an invalid length.
[  139.909907][ T8415] netlink: 4 bytes leftover after parsing attributes in process `syz.0.818'.
[  140.062907][ T8392] team0 (unregistering): left promiscuous mode
[  140.070310][ T8392] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  140.086422][ T8392] team0 (unregistering): Port device netdevsim0 removed
[  140.137758][ T8416] vlan2: entered allmulticast mode
[  140.143599][ T8416] bridge0: port 1(vlan2) entered blocking state
[  140.152320][ T8416] bridge0: port 1(vlan2) entered disabled state
[  140.167118][ T8416] vlan2: entered promiscuous mode
[  140.173696][ T8416] bridge0: mtu less than device minimum
[  140.180458][ T8419] netlink: 76 bytes leftover after parsing attributes in process `syz.1.817'.
[  140.217292][ T8428] netlink: 16 bytes leftover after parsing attributes in process `syz.4.823'.
[  140.403798][ T8439] netlink: 'syz.3.827': attribute type 2 has an invalid length.
[  140.696714][ T8461] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  141.135702][ T8480] netlink: 'syz.1.842': attribute type 10 has an invalid length.
[  141.176866][ T8482] netlink: 'syz.0.843': attribute type 10 has an invalid length.
[  141.184668][ T8482] syz_tun: entered promiscuous mode
[  141.215042][ T8482] syz_tun: left allmulticast mode
[  141.227513][ T8484] nbd: socks must be embedded in a SOCK_ITEM attr
[  141.351833][ T8491] A link change request failed with some changes committed already. Interface veth1_to_hsr may have been left with an inconsistent configuration, please check.
[  141.493966][ T8497] __nla_validate_parse: 2 callbacks suppressed
[  141.493988][ T8497] netlink: 28 bytes leftover after parsing attributes in process `syz.4.850'.
[  141.498251][ T8501] lo speed is unknown, defaulting to 1000
[  141.637361][ T8507] netlink: 28 bytes leftover after parsing attributes in process `syz.4.854'.
[  141.876482][ T8515] netlink: 16 bytes leftover after parsing attributes in process `syz.4.856'.
[  141.963926][ T8501] netlink: 20 bytes leftover after parsing attributes in process `syz.1.852'.
[  141.980755][ T8501] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  141.988101][ T8501] IPv6: NLM_F_CREATE should be set when creating new route
[  141.995445][ T8501] IPv6: NLM_F_CREATE should be set when creating new route
[  142.405947][ T8539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.865'.
[  142.462772][ T8541] dummy0: entered promiscuous mode
[  142.479888][ T8541] dummy0: left promiscuous mode
[  142.908762][ T8565] netlink: 16 bytes leftover after parsing attributes in process `syz.4.877'.
[  143.428913][ T8569] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 44966 - 0
[  143.438474][ T8569] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 44966 - 0
[  143.447437][ T8569] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 44966 - 0
[  143.456486][ T8569] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 44966 - 0
[  143.465714][ T8569] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 38028 - 0
[  143.474549][ T8569] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 38028 - 0
[  143.483900][ T8569] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 38028 - 0
[  143.493399][ T8569] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 38028 - 0
[  143.502691][ T8569] geneve3: entered promiscuous mode
[  143.508081][ T8569] geneve3: entered allmulticast mode
[  143.608943][ T8572] bond0: (slave syz_tun): Releasing backup interface
[  143.634725][ T8572] vlan2: left promiscuous mode
[  143.641517][ T8572] bridge0: port 1(vlan2) entered disabled state
[  143.752348][ T8576] netlink: 12 bytes leftover after parsing attributes in process `syz.3.883'.
[  143.906527][ T8590] netlink: 'syz.2.884': attribute type 21 has an invalid length.
[  143.972002][ T8593] netlink: 'syz.3.888': attribute type 2 has an invalid length.
[  144.001454][ T8595] tunl0: entered promiscuous mode
[  144.006777][ T8595] tunl0: entered allmulticast mode
[  144.385471][ T8620] rdma_op ffff888029b631f0 conn xmit_rdma 0000000000000000
[  144.786994][ T8629] netlink: 4 bytes leftover after parsing attributes in process `syz.1.897'.
[  145.137640][ T8652] netlink: 52 bytes leftover after parsing attributes in process `syz.0.901'.
[  145.165612][ T8652] netlink: 52 bytes leftover after parsing attributes in process `syz.0.901'.
[  145.351290][ T8665] netlink: 'syz.2.908': attribute type 7 has an invalid length.
[  145.587938][ T8674] netlink: 'syz.4.913': attribute type 10 has an invalid length.
[  145.617935][ T8674] team0: Device bridge0 failed to register rx_handler
[  145.762346][ T8683] netlink: 'syz.1.914': attribute type 1 has an invalid length.
[  146.482027][ T8705] netlink: 'syz.2.924': attribute type 10 has an invalid length.
[  146.533787][ T8707] __nla_validate_parse: 3 callbacks suppressed
[  146.533809][ T8707] netlink: 28 bytes leftover after parsing attributes in process `syz.4.925'.
[  146.600747][ T8707] netlink: 28 bytes leftover after parsing attributes in process `syz.4.925'.
[  146.660574][ T8710] netlink: 'syz.4.925': attribute type 2 has an invalid length.
[  146.977648][ T8719] netlink: 24 bytes leftover after parsing attributes in process `syz.1.930'.
[  147.314209][ T8732] netlink: 'syz.4.937': attribute type 10 has an invalid length.
[  147.356221][ T8733] netlink: 36 bytes leftover after parsing attributes in process `syz.3.936'.
[  147.570591][ T8742] netlink: 'syz.4.940': attribute type 1 has an invalid length.
[  147.592988][ T8742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.940'.
[  147.661650][ T8743] lo speed is unknown, defaulting to 1000
[  148.235845][ T8759] netdevsim netdevsim3: Firmware load for './file0/../file0' refused, path contains '..' component
[  148.250671][ T8760] lo speed is unknown, defaulting to 1000
[  148.278302][ T8764] netdevsim netdevsim3: Firmware load for './file0/../file0' refused, path contains '..' component
[  148.551680][ T8772] netlink: 28 bytes leftover after parsing attributes in process `syz.1.949'.
[  148.585139][ T8772] netlink: 28 bytes leftover after parsing attributes in process `syz.1.949'.
[  149.036671][ T8760] netlink: 20 bytes leftover after parsing attributes in process `syz.4.945'.
[  149.047670][ T8760] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  149.055086][ T8760] IPv6: NLM_F_CREATE should be set when creating new route
[  149.062400][ T8760] IPv6: NLM_F_CREATE should be set when creating new route
[  149.447056][ T8794] netlink: 36 bytes leftover after parsing attributes in process `syz.2.957'.
[  149.811865][ T8807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.959'.
[  150.294286][ T8819] netlink: 'syz.3.963': attribute type 10 has an invalid length.
[  150.459735][ T8822] ip6gre1: entered promiscuous mode
[  150.480267][ T8822] ip6gre1: entered allmulticast mode
[  150.940149][ T8845] veth1: entered promiscuous mode
[  150.968886][ T8845] batadv0: entered promiscuous mode
[  151.058850][ T8858] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  151.135576][ T8858] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  151.800903][ T8884] __nla_validate_parse: 8 callbacks suppressed
[  151.800924][ T8884] netlink: 60 bytes leftover after parsing attributes in process `syz.4.984'.
[  152.109091][ T8897] netlink: 4 bytes leftover after parsing attributes in process `syz.4.989'.
[  152.172723][ T8899] netlink: 28 bytes leftover after parsing attributes in process `syz.0.990'.
[  152.212456][ T8899] netlink: 28 bytes leftover after parsing attributes in process `syz.0.990'.
[  152.237464][ T8899] team0: entered promiscuous mode
[  152.243175][ T8899] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  152.253848][ T8899] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  152.269363][ T8899] Cannot create hsr debugfs directory
[  152.285357][ T8899] hsr1: Slave A (team0) is not up; please bring it up to get a fully working HSR network
[  152.317388][ T8899] hsr1: Slave B (bridge0) is not up; please bring it up to get a fully working HSR network
[  152.612042][ T8911] netlink: 44 bytes leftover after parsing attributes in process `syz.3.994'.
[  152.778692][ T8917] netlink: 48 bytes leftover after parsing attributes in process `syz.1.996'.
[  152.804399][ T8917] netlink: 100 bytes leftover after parsing attributes in process `syz.1.996'.
[  152.946487][ T8924] lo speed is unknown, defaulting to 1000
[  153.310084][ T8932] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1001'.
[  154.373640][ T8864] Set syz1 is full, maxelem 65536 reached
[  154.471298][ T8956] netlink: 'syz.2.1011': attribute type 1 has an invalid length.
[  154.479393][ T8956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1011'.
[  154.664094][ T8963] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1012'.
[  155.106998][ T8984] xt_cgroup: invalid path, errno=-2
[  155.278798][ T8990] FAULT_INJECTION: forcing a failure.
[  155.278798][ T8990] name failslab, interval 1, probability 0, space 0, times 0
[  155.292427][ T8990] CPU: 1 UID: 0 PID: 8990 Comm: syz.3.1026 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  155.303159][ T8990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  155.313253][ T8990] Call Trace:
[  155.316560][ T8990]  <TASK>
[  155.319509][ T8990]  dump_stack_lvl+0x241/0x360
[  155.324231][ T8990]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.329464][ T8990]  ? __pfx__printk+0x10/0x10
[  155.334088][ T8990]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  155.340108][ T8990]  ? __pfx___might_resched+0x10/0x10
[  155.345425][ T8990]  should_fail_ex+0x3b0/0x4e0
[  155.350139][ T8990]  should_failslab+0xac/0x100
[  155.354854][ T8990]  kmem_cache_alloc_node_noprof+0x77/0x380
[  155.360700][ T8990]  ? __alloc_skb+0x1c3/0x440
[  155.365342][ T8990]  __alloc_skb+0x1c3/0x440
[  155.369803][ T8990]  ? __pfx___alloc_skb+0x10/0x10
[  155.374801][ T8990]  ? __pfx___might_resched+0x10/0x10
[  155.380178][ T8990]  alloc_skb_with_frags+0xc3/0x820
[  155.385367][ T8990]  ? validate_chain+0x11e/0x5920
[  155.390353][ T8990]  sock_alloc_send_pskb+0x91a/0xa60
[  155.395705][ T8990]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  155.401470][ T8990]  ? iov_iter_advance+0x8f/0x1e0
[  155.406447][ T8990]  tun_get_user+0xcf0/0x4890
[  155.411093][ T8990]  ? __lock_acquire+0x1397/0x2100
[  155.416156][ T8990]  ? __pfx_tun_get_user+0x10/0x10
[  155.421236][ T8990]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  155.426730][ T8990]  ? tun_get+0x1e/0x2f0
[  155.430919][ T8990]  ? __pfx_lock_release+0x10/0x10
[  155.435999][ T8990]  ? tun_get+0x1e/0x2f0
[  155.440187][ T8990]  ? tun_get+0x27d/0x2f0
[  155.444464][ T8990]  tun_chr_write_iter+0x10d/0x1f0
[  155.449534][ T8990]  vfs_write+0xaeb/0xd30
[  155.453911][ T8990]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  155.459497][ T8990]  ? __pfx_vfs_write+0x10/0x10
[  155.464300][ T8990]  ? __fget_files+0x2a/0x410
[  155.468950][ T8990]  ? __fget_files+0x2a/0x410
[  155.473673][ T8990]  ksys_write+0x18f/0x2b0
[  155.478038][ T8990]  ? __pfx_ksys_write+0x10/0x10
[  155.482920][ T8990]  ? do_syscall_64+0x100/0x230
[  155.487721][ T8990]  ? do_syscall_64+0xb6/0x230
[  155.492429][ T8990]  do_syscall_64+0xf3/0x230
[  155.496986][ T8990]  ? clear_bhb_loop+0x35/0x90
[  155.501696][ T8990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.507616][ T8990] RIP: 0033:0x7f049eb7ff19
[  155.512056][ T8990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.531724][ T8990] RSP: 002b:00007f049c9f6058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  155.540350][ T8990] RAX: ffffffffffffffda RBX: 00007f049ed45fa0 RCX: 00007f049eb7ff19
[  155.548363][ T8990] RDX: 0000000000000ffe RSI: 0000000020000240 RDI: 0000000000000003
[  155.556371][ T8990] RBP: 00007f049c9f60a0 R08: 0000000000000000 R09: 0000000000000000
[  155.564472][ T8990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.572477][ T8990] R13: 0000000000000000 R14: 00007f049ed45fa0 R15: 00007ffdad2161f8
[  155.580680][ T8990]  </TASK>
[  155.705337][ T8997] netlink: 'syz.1.1028': attribute type 10 has an invalid length.
[  155.726604][ T8997] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  155.891272][ T9004] GUP no longer grows the stack in syz.2.1029 (9004): 20006000-2000a000 (20005000)
[  155.907225][ T9004] CPU: 0 UID: 0 PID: 9004 Comm: syz.2.1029 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  155.918061][ T9004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  155.928151][ T9004] Call Trace:
[  155.931457][ T9004]  <TASK>
[  155.934408][ T9004]  dump_stack_lvl+0x241/0x360
[  155.939126][ T9004]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.944364][ T9004]  ? __pfx__printk+0x10/0x10
[  155.949002][ T9004]  ? find_vma+0xf9/0x170
[  155.953276][ T9004]  ? vma_is_secretmem+0xd/0x50
[  155.958090][ T9004]  ? check_vma_flags+0x52b/0x5a0
[  155.963072][ T9004]  __get_user_pages+0x4385/0x49e0
[  155.968140][ T9004]  ? 0xffffffffa0000cd8
[  155.972379][ T9004]  ? __pfx___get_user_pages+0x10/0x10
[  155.977812][ T9004]  __gup_longterm_locked+0x49a/0x17f0
[  155.983217][ T9004]  ? __pfx___might_resched+0x10/0x10
[  155.988552][ T9004]  ? __pfx___gup_longterm_locked+0x10/0x10
[  155.994392][ T9004]  ? down_read+0x82b/0xa40
[  155.998851][ T9004]  ? is_valid_gup_args+0x124/0x200
[  156.004003][ T9004]  pin_user_pages+0x137/0x1f0
[  156.008726][ T9004]  ? __pfx_pin_user_pages+0x10/0x10
[  156.013959][ T9004]  ? trace_kmalloc+0x1f/0xd0
[  156.018598][ T9004]  xdp_umem_create+0x978/0xf30
[  156.023409][ T9004]  xsk_setsockopt+0x732/0x950
[  156.028127][ T9004]  ? __pfx_xsk_setsockopt+0x10/0x10
[  156.033375][ T9004]  ? __pfx_lock_acquire+0x10/0x10
[  156.038438][ T9004]  ? aa_sock_opt_perm+0x79/0x120
[  156.043419][ T9004]  ? __pfx_xsk_setsockopt+0x10/0x10
[  156.048660][ T9004]  do_sock_setsockopt+0x3af/0x720
[  156.053743][ T9004]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  156.059338][ T9004]  ? __fget_files+0x395/0x410
[  156.064051][ T9004]  ? __fget_files+0x2a/0x410
[  156.068704][ T9004]  __x64_sys_setsockopt+0x1ee/0x280
[  156.073967][ T9004]  do_syscall_64+0xf3/0x230
[  156.078506][ T9004]  ? clear_bhb_loop+0x35/0x90
[  156.083223][ T9004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.089168][ T9004] RIP: 0033:0x7fb1ba77ff19
[  156.093624][ T9004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.113353][ T9004] RSP: 002b:00007fb1bb5d0058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  156.121785][ T9004] RAX: ffffffffffffffda RBX: 00007fb1ba946160 RCX: 00007fb1ba77ff19
[  156.129771][ T9004] RDX: 0000000000000004 RSI: 000000000000011b RDI: 000000000000000c
[  156.137771][ T9004] RBP: 00007fb1ba7f3cc8 R08: 0000000000000020 R09: 0000000000000000
[  156.145778][ T9004] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
[  156.153777][ T9004] R13: 0000000000000000 R14: 00007fb1ba946160 R15: 00007ffc99ce5b18
[  156.161766][ T9004]  </TASK>
[  156.332939][ T9023] netlink: 'syz.3.1037': attribute type 10 has an invalid length.
[  156.500682][ T9030] team0: entered promiscuous mode
[  156.519994][ T9030] team_slave_0: entered promiscuous mode
[  156.527815][ T9030] team_slave_1: entered promiscuous mode
[  156.533982][ T9030] bridge0: entered promiscuous mode
[  156.550311][ T9030] team0: left promiscuous mode
[  156.570529][ T9030] team_slave_0: left promiscuous mode
[  156.583564][ T9030] team_slave_1: left promiscuous mode
[  156.595204][ T9030] bridge0: left promiscuous mode
[  156.672879][ T9037] xt_nat: multiple ranges no longer supported
[  156.832513][ T9041] FAULT_INJECTION: forcing a failure.
[  156.832513][ T9041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.866185][ T9041] CPU: 0 UID: 0 PID: 9041 Comm: syz.3.1042 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  156.876934][ T9041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  156.879014][ T9045] __nla_validate_parse: 11 callbacks suppressed
[  156.879033][ T9045] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1043'.
[  156.886999][ T9041] Call Trace:
[  156.887015][ T9041]  <TASK>
[  156.887025][ T9041]  dump_stack_lvl+0x241/0x360
[  156.887058][ T9041]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.887080][ T9041]  ? __pfx__printk+0x10/0x10
[  156.887102][ T9041]  ? __pfx_lock_release+0x10/0x10
[  156.887129][ T9041]  should_fail_ex+0x3b0/0x4e0
[  156.887151][ T9041]  _copy_from_user+0x2f/0xc0
[  156.887175][ T9041]  __sys_bpf+0x1a4/0x810
[  156.887194][ T9041]  ? __pfx___sys_bpf+0x10/0x10
[  156.887222][ T9041]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  156.887250][ T9041]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  156.959002][ T9041]  ? do_syscall_64+0x100/0x230
[  156.963801][ T9041]  __x64_sys_bpf+0x7c/0x90
[  156.968258][ T9041]  do_syscall_64+0xf3/0x230
[  156.972876][ T9041]  ? clear_bhb_loop+0x35/0x90
[  156.977602][ T9041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.983538][ T9041] RIP: 0033:0x7f049eb7ff19
[  156.985141][ T9047] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1045'.
[  156.987970][ T9041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.987993][ T9041] RSP: 002b:00007f049c9f6058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  157.023759][ T9047] bridge2: port 1(macvlan2) entered blocking state
[  157.024934][ T9041] RAX: ffffffffffffffda RBX: 00007f049ed45fa0 RCX: 00007f049eb7ff19
[  157.024955][ T9041] RDX: 0000000000000020 RSI: 0000000020000240 RDI: 0000000000000009
[  157.024967][ T9041] RBP: 00007f049c9f60a0 R08: 0000000000000000 R09: 0000000000000000
[  157.024980][ T9041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.024992][ T9041] R13: 0000000000000000 R14: 00007f049ed45fa0 R15: 00007ffdad2161f8
[  157.025020][ T9041]  </TASK>
[  157.075911][ T9047] bridge2: port 1(macvlan2) entered disabled state
[  157.082709][ T9047] macvlan2: entered allmulticast mode
[  157.090463][ T9047] macvlan2: entered promiscuous mode
[  157.412973][ T9060] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1051'.
[  157.585748][ T9064] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1053'.
[  158.684187][ T9080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.515777][ T9091] tipc: Enabling <eth:lo> not permitted
[  159.528714][ T9091] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  159.554910][ T9092] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1061'.
[  159.726116][ T9104] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1064'.
[  159.810297][ T9110] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1063'.
[  159.882432][ T9110] bridge3: port 1(bridge_slave_1) entered blocking state
[  159.942760][ T9117] xt_hashlimit: overflow, rate too high: 0
[  159.944605][ T9110] bridge3: port 1(bridge_slave_1) entered disabled state
[  159.950321][ T9117] netlink: 'syz.2.1068': attribute type 4 has an invalid length.
[  159.986445][ T9110] bridge_slave_1: entered promiscuous mode
[  160.342553][ T9127] 8021q: adding VLAN 0 to HW filter on device bond1
[  160.371075][ T9127] bond0: (slave bond1): Enslaving as an active interface with a down link
[  161.609607][ T9158] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1087'.
[  162.358807][ T9153] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1084'.
[  162.373897][ T9153] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1084'.
[  162.407978][ T9157] lo speed is unknown, defaulting to 1000
[  162.523208][ T9165] netlink: 'syz.1.1090': attribute type 10 has an invalid length.
[  162.614309][ T9168] netlink: 'syz.2.1091': attribute type 1 has an invalid length.
[  162.667059][ T9172] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  162.716829][ T9172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1092'.
[  162.727451][ T9172] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1092'.
[  162.791052][   T54] block nbd0: Receive control failed (result -107)
[  162.855862][ T9172] nbd0: detected capacity change from 0 to 256
[  163.122783][ T9177] infiniband syz1: set down
[  163.138797][ T9177] infiniband syz1: added team_slave_0
[  163.166754][ T9190] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1097'.
[  163.227309][ T9177] RDS/IB: syz1: added
[  163.232731][ T9177] smc: adding ib device syz1 with port count 1
[  163.239565][ T9177] smc:    ib device syz1 port 1 has pnetid 
[  163.242809][ T9195] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1100'.
[  163.666190][ T9213] xt_cgroup: invalid path, errno=-2
[  163.770034][ T9217] lo speed is unknown, defaulting to 1000
[  164.537656][ T9238] netlink: 'syz.2.1115': attribute type 10 has an invalid length.
[  164.787565][ T9248] sctp: [Deprecated]: syz.4.1121 (pid 9248) Use of struct sctp_assoc_value in delayed_ack socket option.
[  164.787565][ T9248] Use struct sctp_sack_info instead
[  164.869501][ T9252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1124'.
[  165.196523][ T9268] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1128'.
[  165.638892][ T9284] lo speed is unknown, defaulting to 1000
[  165.784697][ T9289] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1136'.
[  166.170451][ T9302] vlan3: entered promiscuous mode
[  166.180380][ T9302] dummy0: entered promiscuous mode
[  166.244629][ T9284] IPVS: Unknown mcast interface: vcan0
[  166.342700][ T9315] nbd: nbd0 already in use
[  166.354872][ T9315] syz.2.1144: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  166.372761][ T9317] SET target dimension over the limit!
[  166.398949][ T9315] CPU: 0 UID: 0 PID: 9315 Comm: syz.2.1144 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  166.409682][ T9315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.419762][ T9315] Call Trace:
[  166.423066][ T9315]  <TASK>
[  166.426026][ T9315]  dump_stack_lvl+0x241/0x360
[  166.430741][ T9315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.435981][ T9315]  ? __pfx__printk+0x10/0x10
[  166.440613][ T9315]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  166.447091][ T9315]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  166.453639][ T9315]  warn_alloc+0x278/0x410
[  166.458023][ T9315]  ? stack_depot_save_flags+0x29/0x830
[  166.463521][ T9315]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  166.469632][ T9315]  ? __pfx_warn_alloc+0x10/0x10
[  166.474525][ T9315]  ? kasan_save_track+0x3f/0x80
[  166.479415][ T9315]  ? __kasan_kmalloc+0x98/0xb0
[  166.484216][ T9315]  ? xsk_setsockopt+0x4ea/0x950
[  166.489099][ T9315]  ? do_sock_setsockopt+0x3af/0x720
[  166.494327][ T9315]  ? __x64_sys_setsockopt+0x1ee/0x280
[  166.499820][ T9315]  ? do_syscall_64+0xf3/0x230
[  166.504616][ T9315]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.510730][ T9315]  __vmalloc_node_range_noprof+0x126/0x1380
[  166.516678][ T9315]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  166.523018][ T9315]  ? __kasan_kmalloc+0x98/0xb0
[  166.527793][ T9315]  vmalloc_user_noprof+0x74/0x80
[  166.532765][ T9315]  ? xskq_create+0xb6/0x170
[  166.537282][ T9315]  xskq_create+0xb6/0x170
[  166.541617][ T9315]  xsk_init_queue+0xa1/0x100
[  166.546211][ T9315]  xsk_setsockopt+0x4ea/0x950
[  166.550895][ T9315]  ? __pfx_xsk_setsockopt+0x10/0x10
[  166.556095][ T9315]  ? __pfx_aa_sk_perm+0x10/0x10
[  166.561033][ T9315]  ? aa_sock_opt_perm+0x79/0x120
[  166.565984][ T9315]  ? __pfx_xsk_setsockopt+0x10/0x10
[  166.571187][ T9315]  do_sock_setsockopt+0x3af/0x720
[  166.576220][ T9315]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  166.581796][ T9315]  ? __fget_files+0x395/0x410
[  166.586492][ T9315]  ? __fget_files+0x2a/0x410
[  166.591138][ T9315]  __x64_sys_setsockopt+0x1ee/0x280
[  166.596354][ T9315]  do_syscall_64+0xf3/0x230
[  166.600858][ T9315]  ? clear_bhb_loop+0x35/0x90
[  166.605544][ T9315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.611526][ T9315] RIP: 0033:0x7fb1ba77ff19
[  166.615941][ T9315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.635666][ T9315] RSP: 002b:00007fb1bb612058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  166.644528][ T9315] RAX: ffffffffffffffda RBX: 00007fb1ba945fa0 RCX: 00007fb1ba77ff19
[  166.652533][ T9315] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  166.660597][ T9315] RBP: 00007fb1ba7f3cc8 R08: 0000000000000004 R09: 0000000000000000
[  166.668574][ T9315] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[  166.676546][ T9315] R13: 0000000000000000 R14: 00007fb1ba945fa0 R15: 00007ffc99ce5b18
[  166.684544][ T9315]  </TASK>
[  166.717269][ T9315] Mem-Info:
[  166.720444][ T9315] active_anon:5063 inactive_anon:0 isolated_anon:0
[  166.720444][ T9315]  active_file:1775 inactive_file:38244 isolated_file:0
[  166.720444][ T9315]  unevictable:768 dirty:271 writeback:0
[  166.720444][ T9315]  slab_reclaimable:10850 slab_unreclaimable:101487
[  166.720444][ T9315]  mapped:28731 shmem:1454 pagetables:665
[  166.720444][ T9315]  sec_pagetables:0 bounce:0
[  166.720444][ T9315]  kernel_misc_reclaimable:0
[  166.720444][ T9315]  free:1331004 free_pcp:4960 free_cma:0
[  166.781667][ T9315] Node 0 active_anon:19852kB inactive_anon:0kB active_file:7100kB inactive_file:152904kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114924kB dirty:1084kB writeback:0kB shmem:4280kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10852kB pagetables:2360kB sec_pagetables:0kB all_unreclaimable? no
[  166.854327][ T9315] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  166.924208][ T9315] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  166.962977][ T9315] lowmem_reserve[]: 0 2465 2466 0 0
[  166.989039][ T9315] Node 0 DMA32 free:1408736kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:20212kB inactive_anon:0kB active_file:7100kB inactive_file:152068kB unevictable:1536kB writepending:1084kB present:3129332kB managed:2552832kB mlocked:0kB bounce:0kB free_pcp:13480kB local_pcp:12396kB free_cma:0kB
[  167.029584][ T9333] lo speed is unknown, defaulting to 1000
[  167.095745][ T9315] lowmem_reserve[]: 0 0 0 0 0
[  167.100706][ T9315] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  167.243849][ T9315] lowmem_reserve[]: 0 0 0 0 0
[  167.253979][ T9315] Node 1 Normal free:3906572kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:164kB local_pcp:164kB free_cma:0kB
[  167.290127][ T9340] netlink: 'syz.0.1155': attribute type 10 has an invalid length.
[  167.360036][ T9315] lowmem_reserve[]: 0 0 0 0 0
[  167.361049][ T9340] mac80211_hwsim hwsim11 wlan1: left allmulticast mode
[  167.369104][ T9315] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  167.396081][ T9340] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  167.403466][ T9340] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  167.414124][ T9315] Node 0 DMA32: 3*4kB (UME) 48*8kB (UME) 244*16kB (UME) 101*32kB (UM) 202*64kB (UM) 141*128kB (UME) 64*256kB (UME) 56*512kB (UME) 31*1024kB (UME) 4*2048kB (UME) 313*4096kB (M) = 1405548kB
[  167.436933][ T9340] team0: Port device wlan1 added
[  167.464696][ T9315] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  167.497335][ T9315] Node 1 Normal: 235*4kB (UE) 66*8kB (UME) 43*16kB (UME) 211*32kB (UME) 105*64kB (UME) 36*128kB (UME) 15*256kB (UME) 9*512kB (UM) 7*1024kB (UM) 6*2048kB (UE) 942*4096kB (M) = 3906572kB
[  167.527823][ T9315] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  167.541315][ T9315] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  167.570950][ T9315] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  167.617990][ T9315] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  167.638018][ T9315] 42997 total pagecache pages
[  167.643628][ T9315] 0 pages in swap cache
[  167.652172][ T9315] Free swap  = 124996kB
[  167.670562][ T9315] Total swap = 124996kB
[  167.689187][ T9315] 2097051 pages RAM
[  167.707511][ T9315] 0 pages HighMem/MovableOnly
[  167.733722][ T9315] 426993 pages reserved
[  167.738580][ T9315] 0 pages cma reserved
[  167.747932][ T9356] __nla_validate_parse: 3 callbacks suppressed
[  167.747950][ T9356] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1151'.
[  167.764417][ T9356] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  167.771784][ T9356] IPv6: NLM_F_CREATE should be set when creating new route
[  167.779171][ T9356] IPv6: NLM_F_CREATE should be set when creating new route
[  167.878922][ T9359] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1160'.
[  167.985797][ T9366] FAULT_INJECTION: forcing a failure.
[  167.985797][ T9366] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.987347][ T9364] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1162'.
[  167.999057][ T9366] CPU: 1 UID: 0 PID: 9366 Comm: syz.4.1163 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  167.999090][ T9366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.999102][ T9366] Call Trace:
[  167.999109][ T9366]  <TASK>
[  168.035059][ T9366]  dump_stack_lvl+0x241/0x360
[  168.039835][ T9366]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.045076][ T9366]  ? __pfx__printk+0x10/0x10
[  168.049697][ T9366]  ? __pfx_lock_release+0x10/0x10
[  168.054746][ T9366]  should_fail_ex+0x3b0/0x4e0
[  168.059428][ T9366]  _copy_from_iter+0x21f/0x1e70
[  168.064288][ T9366]  ? __virt_addr_valid+0x183/0x530
[  168.069407][ T9366]  ? skb_set_owner_w+0x246/0x380
[  168.074346][ T9366]  ? __pfx_lock_release+0x10/0x10
[  168.079383][ T9366]  ? __pfx__copy_from_iter+0x10/0x10
[  168.084757][ T9366]  ? __virt_addr_valid+0x183/0x530
[  168.089867][ T9366]  ? __virt_addr_valid+0x183/0x530
[  168.094980][ T9366]  ? __virt_addr_valid+0x45f/0x530
[  168.100099][ T9366]  ? __phys_addr_symbol+0x2f/0x70
[  168.105119][ T9366]  ? __check_object_size+0x48e/0x900
[  168.110407][ T9366]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  168.116126][ T9366]  skb_copy_datagram_from_iter+0xf2/0x6a0
[  168.122107][ T9366]  ? skb_put+0x114/0x1f0
[  168.126356][ T9366]  tun_get_user+0xebd/0x4890
[  168.130966][ T9366]  ? __lock_acquire+0x1397/0x2100
[  168.135993][ T9366]  ? __pfx_tun_get_user+0x10/0x10
[  168.141055][ T9366]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  168.146514][ T9366]  ? tun_get+0x1e/0x2f0
[  168.150671][ T9366]  ? __pfx_lock_release+0x10/0x10
[  168.155702][ T9366]  ? tun_get+0x1e/0x2f0
[  168.159857][ T9366]  ? tun_get+0x27d/0x2f0
[  168.164126][ T9366]  tun_chr_write_iter+0x10d/0x1f0
[  168.169251][ T9366]  vfs_write+0xaeb/0xd30
[  168.173518][ T9366]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  168.179105][ T9366]  ? __pfx_vfs_write+0x10/0x10
[  168.183879][ T9366]  ? __fget_files+0x2a/0x410
[  168.188469][ T9366]  ? __fget_files+0x2a/0x410
[  168.193065][ T9366]  ksys_write+0x18f/0x2b0
[  168.197403][ T9366]  ? __pfx_ksys_write+0x10/0x10
[  168.202253][ T9366]  ? do_syscall_64+0x100/0x230
[  168.207014][ T9366]  ? do_syscall_64+0xb6/0x230
[  168.211691][ T9366]  do_syscall_64+0xf3/0x230
[  168.216280][ T9366]  ? clear_bhb_loop+0x35/0x90
[  168.220955][ T9366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.226847][ T9366] RIP: 0033:0x7f9910d7ff19
[  168.231270][ T9366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.251000][ T9366] RSP: 002b:00007f9911bd3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  168.259426][ T9366] RAX: ffffffffffffffda RBX: 00007f9910f45fa0 RCX: 00007f9910d7ff19
[  168.267490][ T9366] RDX: 0000000000000ffe RSI: 0000000020000240 RDI: 0000000000000003
[  168.275461][ T9366] RBP: 00007f9911bd30a0 R08: 0000000000000000 R09: 0000000000000000
[  168.283431][ T9366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.291404][ T9366] R13: 0000000000000000 R14: 00007f9910f45fa0 R15: 00007ffc9900f1a8
[  168.299401][ T9366]  </TASK>
[  168.753619][ T9387] netlink: 220 bytes leftover after parsing attributes in process `syz.4.1170'.
[  168.772066][ T9389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1171'.
[  168.893065][ T9397] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1170'.
[  168.902909][ T9397] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1170'.
[  170.321501][ T9397] veth0: entered promiscuous mode
[  170.339976][ T9397] batadv0: entered promiscuous mode
[  170.350491][ T9397] debugfs: Directory 'hsr2' with parent 'hsr' already present!
[  170.369996][ T9397] Cannot create hsr debugfs directory
[  170.383981][ T9397] hsr2: Slave A (veth0) is not up; please bring it up to get a fully working HSR network
[  170.395896][ T9397] hsr2: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  170.439006][ T9405] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1177'.
[  170.526850][ T9408] netlink: 'syz.4.1178': attribute type 10 has an invalid length.
[  170.548756][ T9408] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  170.561459][ T9408] team0: Port device netdevsim0 added
[  170.575661][ T9413] FAULT_INJECTION: forcing a failure.
[  170.575661][ T9413] name failslab, interval 1, probability 0, space 0, times 0
[  170.629526][ T9413] CPU: 1 UID: 0 PID: 9413 Comm: syz.1.1180 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  170.640273][ T9413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  170.650364][ T9413] Call Trace:
[  170.653676][ T9413]  <TASK>
[  170.656634][ T9413]  dump_stack_lvl+0x241/0x360
[  170.661354][ T9413]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.666595][ T9413]  ? __pfx__printk+0x10/0x10
[  170.671227][ T9413]  ? fs_reclaim_acquire+0x93/0x130
[  170.676379][ T9413]  ? __pfx___might_resched+0x10/0x10
[  170.681701][ T9413]  should_fail_ex+0x3b0/0x4e0
[  170.686418][ T9413]  should_failslab+0xac/0x100
[  170.691226][ T9413]  __kmalloc_noprof+0xdd/0x4c0
[  170.696030][ T9413]  ? kstrtouint_from_user+0x128/0x190
[  170.701435][ T9413]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  170.707197][ T9413]  tomoyo_realpath_from_path+0xcf/0x5e0
[  170.712788][ T9413]  tomoyo_path_number_perm+0x236/0x860
[  170.718287][ T9413]  ? __lock_acquire+0x1397/0x2100
[  170.723366][ T9413]  ? tomoyo_path_number_perm+0x206/0x860
[  170.729036][ T9413]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  170.735087][ T9413]  ? __fget_files+0x2a/0x410
[  170.739707][ T9413]  ? __fget_files+0x2a/0x410
[  170.744330][ T9413]  security_file_ioctl+0xc6/0x2a0
[  170.749400][ T9413]  __se_sys_ioctl+0x46/0x170
[  170.754023][ T9413]  do_syscall_64+0xf3/0x230
[  170.758650][ T9413]  ? clear_bhb_loop+0x35/0x90
[  170.763369][ T9413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.769318][ T9413] RIP: 0033:0x7f606d17ff19
[  170.773763][ T9413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.789066][ T9420] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.1183'.
[  170.793475][ T9413] RSP: 002b:00007f606dedc058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.793522][ T9413] RAX: ffffffffffffffda RBX: 00007f606d345fa0 RCX: 00007f606d17ff19
[  170.793538][ T9413] RDX: 0000000020000140 RSI: 0000000000008922 RDI: 0000000000000003
[  170.827113][ T9413] RBP: 00007f606dedc0a0 R08: 0000000000000000 R09: 0000000000000000
[  170.831568][ T9420] bridge0: left allmulticast mode
[  170.835181][ T9413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.835201][ T9413] R13: 0000000000000000 R14: 00007f606d345fa0 R15: 00007ffc8683a0e8
[  170.835231][ T9413]  </TASK>
[  170.894065][ T9413] ERROR: Out of memory at tomoyo_realpath_from_path.
[  170.922265][ T9420] team0: Port device bridge0 removed
[  170.949120][ T9420] bridge_slave_0: left promiscuous mode
[  170.955661][ T9420] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.977251][ T9420] bridge_slave_1: left promiscuous mode
[  170.997416][ T9420] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.024647][ T9420] bond0: (slave bond_slave_0): Releasing backup interface
[  171.047749][ T9420] bond0: (slave bond_slave_1): Releasing backup interface
[  171.060602][ T9420] team0: Port device team_slave_0 removed
[  171.070946][ T9420] team0: Port device team_slave_1 removed
[  171.081771][ T9420] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.098293][ T9420] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.113397][ T9420] bond0: (slave netdevsim0): Releasing backup interface
[  171.133481][ T9420] bond1: (slave gretap1): Releasing backup interface
[  171.149968][ T9420] gretap1: left promiscuous mode
[  171.169377][ T9420] macvlan2: left allmulticast mode
[  171.184823][ T9420] macvlan2: left promiscuous mode
[  171.192126][ T9420] bridge2: port 1(macvlan2) entered disabled state
[  171.583932][ T9435] FAULT_INJECTION: forcing a failure.
[  171.583932][ T9435] name failslab, interval 1, probability 0, space 0, times 0
[  171.599273][ T9435] CPU: 1 UID: 0 PID: 9435 Comm: syz.4.1186 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  171.610005][ T9435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  171.620110][ T9435] Call Trace:
[  171.623402][ T9435]  <TASK>
[  171.626351][ T9435]  dump_stack_lvl+0x241/0x360
[  171.631038][ T9435]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.636339][ T9435]  ? __pfx__printk+0x10/0x10
[  171.640945][ T9435]  ? __kmalloc_noprof+0xb5/0x4c0
[  171.645905][ T9435]  ? __pfx___might_resched+0x10/0x10
[  171.651194][ T9435]  should_fail_ex+0x3b0/0x4e0
[  171.655889][ T9435]  should_failslab+0xac/0x100
[  171.660597][ T9435]  __kmalloc_noprof+0xdd/0x4c0
[  171.665386][ T9435]  ? kernfs_fop_write_iter+0x15a/0x500
[  171.670870][ T9435]  kernfs_fop_write_iter+0x15a/0x500
[  171.676180][ T9435]  vfs_write+0xaeb/0xd30
[  171.680427][ T9435]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  171.686241][ T9435]  ? __pfx_vfs_write+0x10/0x10
[  171.691041][ T9435]  ? __fget_files+0x2a/0x410
[  171.695665][ T9435]  ? __fget_files+0x2a/0x410
[  171.700276][ T9435]  ksys_write+0x18f/0x2b0
[  171.704606][ T9435]  ? __pfx_ksys_write+0x10/0x10
[  171.709466][ T9435]  ? do_syscall_64+0x100/0x230
[  171.714246][ T9435]  ? do_syscall_64+0xb6/0x230
[  171.718919][ T9435]  do_syscall_64+0xf3/0x230
[  171.723439][ T9435]  ? clear_bhb_loop+0x35/0x90
[  171.728114][ T9435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.734004][ T9435] RIP: 0033:0x7f9910d7ff19
[  171.738416][ T9435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.758033][ T9435] RSP: 002b:00007f9911bd3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  171.766474][ T9435] RAX: ffffffffffffffda RBX: 00007f9910f45fa0 RCX: 00007f9910d7ff19
[  171.774451][ T9435] RDX: 0000000000000012 RSI: 0000000020000c40 RDI: 0000000000000004
[  171.782428][ T9435] RBP: 00007f9911bd30a0 R08: 0000000000000000 R09: 0000000000000000
[  171.790421][ T9435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.798399][ T9435] R13: 0000000000000000 R14: 00007f9910f45fa0 R15: 00007ffc9900f1a8
[  171.806490][ T9435]  </TASK>
[  172.108381][ T9449] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1192'.
[  172.386835][ T9460] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  172.519803][ T9470] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  173.215168][ T9497] xt_hashlimit: overflow, rate too high: 0
[  173.239480][ T9497] __nla_validate_parse: 3 callbacks suppressed
[  173.239501][ T9497] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1209'.
[  173.762122][ T9526] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1216'.
[  175.460809][ T9532] netdevsim netdevsim0 netdevsim0: set [1, 2] type 2 family 0 port 6081 - 0
[  175.484529][ T9532] netdevsim netdevsim0 netdevsim1: set [1, 2] type 2 family 0 port 6081 - 0
[  175.505043][ T9532] netdevsim netdevsim0 netdevsim2: set [1, 2] type 2 family 0 port 6081 - 0
[  175.513938][ T9532] netdevsim netdevsim0 netdevsim3: set [1, 2] type 2 family 0 port 6081 - 0
[  175.536454][ T9532] geneve3: entered promiscuous mode
[  175.541805][ T9532] geneve3: entered allmulticast mode
[  175.566910][ T9532] netdevsim netdevsim0 netdevsim0: unset [1, 2] type 2 family 0 port 6081 - 0
[  175.581490][ T9532] netdevsim netdevsim0 netdevsim1: unset [1, 2] type 2 family 0 port 6081 - 0
[  175.590652][ T9532] netdevsim netdevsim0 netdevsim2: unset [1, 2] type 2 family 0 port 6081 - 0
[  175.600925][ T9532] netdevsim netdevsim0 netdevsim3: unset [1, 2] type 2 family 0 port 6081 - 0
[  175.730241][ T9549] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1228'.
[  175.751203][ T9553] xt_hashlimit: overflow, rate too high: 0
[  175.773588][ T9553] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.1229'.
[  175.978612][ T9564] sctp: [Deprecated]: syz.1.1233 (pid 9564) Use of struct sctp_assoc_value in delayed_ack socket option.
[  175.978612][ T9564] Use struct sctp_sack_info instead
[  176.278000][ T9576] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1237'.
[  176.295358][ T9576] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1237'.
[  176.331034][ T9577] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  176.361616][ T9582] netlink: 'syz.1.1237': attribute type 2 has an invalid length.
[  176.428899][ T9584] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1239'.
[  176.710352][ T9598] FAULT_INJECTION: forcing a failure.
[  176.710352][ T9598] name failslab, interval 1, probability 0, space 0, times 0
[  176.723709][ T9598] CPU: 0 UID: 0 PID: 9598 Comm: syz.1.1245 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  176.734423][ T9598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  176.744514][ T9598] Call Trace:
[  176.747827][ T9598]  <TASK>
[  176.750780][ T9598]  dump_stack_lvl+0x241/0x360
[  176.755482][ T9598]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.760707][ T9598]  ? __pfx__printk+0x10/0x10
[  176.765329][ T9598]  should_fail_ex+0x3b0/0x4e0
[  176.770040][ T9598]  ? __pfx_ip6_dst_gc+0x10/0x10
[  176.774923][ T9598]  should_failslab+0xac/0x100
[  176.779624][ T9598]  ? dst_alloc+0x12b/0x190
[  176.784048][ T9598]  kmem_cache_alloc_noprof+0x70/0x380
[  176.789445][ T9598]  ? __pfx_rt6_find_cached_rt+0x10/0x10
[  176.795029][ T9598]  ? __pfx_ip6_dst_gc+0x10/0x10
[  176.799913][ T9598]  dst_alloc+0x12b/0x190
[  176.804177][ T9598]  ip6_pol_route+0xb87/0x15d0
[  176.808948][ T9598]  ? ip6_pol_route+0x198/0x15d0
[  176.813818][ T9598]  ? __pfx_ip6_pol_route+0x10/0x10
[  176.818989][ T9598]  ? fib6_get_table+0x39/0x270
[  176.823778][ T9598]  ? fib6_get_table+0x253/0x270
[  176.828658][ T9598]  fib6_rule_action+0x655/0x7c0
[  176.833542][ T9598]  ? __pfx_fib6_rule_action+0x10/0x10
[  176.838959][ T9598]  fib_rules_lookup+0x62c/0xdb0
[  176.843858][ T9598]  ? fib_rules_lookup+0x9a/0xdb0
[  176.848830][ T9598]  ? __pfx_fib_rules_lookup+0x10/0x10
[  176.854223][ T9598]  ? l3mdev_update_flow+0x29/0x5f0
[  176.859354][ T9598]  ? l3mdev_update_flow+0x4a8/0x5f0
[  176.864571][ T9598]  fib6_rule_lookup+0x1fd/0x790
[  176.869452][ T9598]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  176.875268][ T9598]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  176.880665][ T9598]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  176.886485][ T9598]  ? ip6t_do_table+0x205/0x18a0
[  176.891334][ T9598]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  176.896968][ T9598]  ? ipv6_ext_hdr+0x71/0x80
[  176.901494][ T9598]  ip6_route_input+0x859/0xd90
[  176.906282][ T9598]  ? __pfx_ip6_route_input+0x10/0x10
[  176.911600][ T9598]  ? __pfx_lock_release+0x10/0x10
[  176.916685][ T9598]  ? ip6_rcv_finish_core+0x20f/0x410
[  176.922041][ T9598]  ip6_rcv_finish+0x144/0x180
[  176.926754][ T9598]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  176.931982][ T9598]  NF_HOOK+0x3a4/0x450
[  176.936082][ T9598]  ? skb_orphan+0x4b/0xd0
[  176.940448][ T9598]  ? NF_HOOK+0x9a/0x450
[  176.944681][ T9598]  ? __pfx_NF_HOOK+0x10/0x10
[  176.949292][ T9598]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  176.954529][ T9598]  ? __pfx_ipv6_rcv+0x10/0x10
[  176.959239][ T9598]  __netif_receive_skb+0x1ea/0x650
[  176.964393][ T9598]  ? __pfx_lock_acquire+0x10/0x10
[  176.969431][ T9598]  ? __pfx___netif_receive_skb+0x10/0x10
[  176.975084][ T9598]  ? tun_rx_batched+0x160/0x8f0
[  176.979994][ T9598]  ? __pfx_lockdep_softirqs_off+0x10/0x10
[  176.985744][ T9598]  ? netif_receive_skb+0x131/0x890
[  176.990887][ T9598]  ? netif_receive_skb+0x131/0x890
[  176.996040][ T9598]  netif_receive_skb+0x1e8/0x890
[  177.000992][ T9598]  ? tun_rx_batched+0x160/0x8f0
[  177.005867][ T9598]  ? __pfx_netif_receive_skb+0x10/0x10
[  177.011441][ T9598]  ? tun_rx_batched+0x160/0x8f0
[  177.016315][ T9598]  tun_rx_batched+0x1b7/0x8f0
[  177.021010][ T9598]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  177.027455][ T9598]  ? __pfx_lock_acquire+0x10/0x10
[  177.032484][ T9598]  ? __pfx_tun_rx_batched+0x10/0x10
[  177.037709][ T9598]  tun_get_user+0x30d6/0x4890
[  177.042405][ T9598]  ? tun_get_user+0x2bbe/0x4890
[  177.047306][ T9598]  ? __lock_acquire+0x1397/0x2100
[  177.052371][ T9598]  ? __pfx_tun_get_user+0x10/0x10
[  177.057467][ T9598]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  177.062950][ T9598]  ? tun_get+0x1e/0x2f0
[  177.067127][ T9598]  ? __pfx_lock_release+0x10/0x10
[  177.072184][ T9598]  ? tun_get+0x1e/0x2f0
[  177.076353][ T9598]  ? tun_get+0x27d/0x2f0
[  177.080974][ T9598]  tun_chr_write_iter+0x10d/0x1f0
[  177.086018][ T9598]  vfs_write+0xaeb/0xd30
[  177.090273][ T9598]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  177.095846][ T9598]  ? __pfx_vfs_write+0x10/0x10
[  177.100642][ T9598]  ? __fget_files+0x2a/0x410
[  177.105249][ T9598]  ? __fget_files+0x2a/0x410
[  177.109881][ T9598]  ksys_write+0x18f/0x2b0
[  177.114248][ T9598]  ? __pfx_ksys_write+0x10/0x10
[  177.119145][ T9598]  ? do_syscall_64+0x100/0x230
[  177.123910][ T9598]  ? do_syscall_64+0xb6/0x230
[  177.128646][ T9598]  do_syscall_64+0xf3/0x230
[  177.133164][ T9598]  ? clear_bhb_loop+0x35/0x90
[  177.137846][ T9598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.143748][ T9598] RIP: 0033:0x7f606d17ff19
[  177.148187][ T9598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.167798][ T9598] RSP: 002b:00007f606dedc058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  177.176231][ T9598] RAX: ffffffffffffffda RBX: 00007f606d345fa0 RCX: 00007f606d17ff19
[  177.184423][ T9598] RDX: 0000000000000ffe RSI: 0000000020000240 RDI: 0000000000000003
[  177.192429][ T9598] RBP: 00007f606dedc0a0 R08: 0000000000000000 R09: 0000000000000000
[  177.200503][ T9598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.208492][ T9598] R13: 0000000000000000 R14: 00007f606d345fa0 R15: 00007ffc8683a0e8
[  177.216513][ T9598]  </TASK>
[  177.558543][ T9605] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1248'.
[  178.023784][ T9640] netlink: 'syz.2.1259': attribute type 10 has an invalid length.
[  178.130329][ T9644] netlink: 'syz.2.1261': attribute type 10 has an invalid length.
[  178.310826][ T9650] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1263'.
[  178.482257][ T9656] netlink: 220 bytes leftover after parsing attributes in process `syz.3.1268'.
[  178.504417][ T9656] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1268'.
[  178.525202][ T9656] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1268'.
[  178.673666][ T9665] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1271'.
[  178.774387][ T9672] FAULT_INJECTION: forcing a failure.
[  178.774387][ T9672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.822091][ T9672] CPU: 1 UID: 0 PID: 9672 Comm: syz.3.1273 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  178.832838][ T9672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  178.842923][ T9672] Call Trace:
[  178.846228][ T9672]  <TASK>
[  178.849177][ T9672]  dump_stack_lvl+0x241/0x360
[  178.853887][ T9672]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.859113][ T9672]  ? __pfx__printk+0x10/0x10
[  178.863737][ T9672]  ? snprintf+0xda/0x120
[  178.868007][ T9672]  should_fail_ex+0x3b0/0x4e0
[  178.872711][ T9672]  _copy_to_user+0x31/0xb0
[  178.877165][ T9672]  simple_read_from_buffer+0xca/0x150
[  178.882579][ T9672]  proc_fail_nth_read+0x1e9/0x250
[  178.887640][ T9672]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  178.893218][ T9672]  ? rw_verify_area+0x55e/0x6f0
[  178.898097][ T9672]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  178.903674][ T9672]  vfs_read+0x1fc/0xb70
[  178.907861][ T9672]  ? __pfx___mutex_lock+0x10/0x10
[  178.912925][ T9672]  ? __pfx_vfs_read+0x10/0x10
[  178.917631][ T9672]  ? __fget_files+0x2a/0x410
[  178.922243][ T9672]  ? __fget_files+0x395/0x410
[  178.927031][ T9672]  ? __fget_files+0x2a/0x410
[  178.931656][ T9672]  ksys_read+0x18f/0x2b0
[  178.935935][ T9672]  ? __pfx_ksys_read+0x10/0x10
[  178.940730][ T9672]  ? do_syscall_64+0x100/0x230
[  178.945521][ T9672]  ? do_syscall_64+0xb6/0x230
[  178.950317][ T9672]  do_syscall_64+0xf3/0x230
[  178.954850][ T9672]  ? clear_bhb_loop+0x35/0x90
[  178.959561][ T9672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.965480][ T9672] RIP: 0033:0x7f049eb7e92c
[  178.969927][ T9672] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  178.989568][ T9672] RSP: 002b:00007f049c9f6050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  178.998017][ T9672] RAX: ffffffffffffffda RBX: 00007f049ed45fa0 RCX: 00007f049eb7e92c
[  179.006016][ T9672] RDX: 000000000000000f RSI: 00007f049c9f60b0 RDI: 0000000000000005
[  179.014015][ T9672] RBP: 00007f049c9f60a0 R08: 0000000000000000 R09: 0000000000000000
[  179.022021][ T9672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.030386][ T9672] R13: 0000000000000000 R14: 00007f049ed45fa0 R15: 00007ffdad2161f8
[  179.038412][ T9672]  </TASK>
[  180.881619][ T9704] xt_TCPMSS: Only works on TCP SYN packets
[  180.933267][ T9669] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1272'.
[  180.950731][ T9669] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  180.958039][ T9669] IPv6: NLM_F_CREATE should be set when creating new route
[  180.965515][ T9669] IPv6: NLM_F_CREATE should be set when creating new route
[  181.137356][ T9679] macvlan0 (unregistering): left allmulticast mode
[  181.143946][ T9679] macvlan0 (unregistering): left promiscuous mode
[  181.159798][ T9679] bridge2: port 1(macvlan0) entered disabled state
[  181.181162][ T9679] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  181.198414][ T9679] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  181.208680][ T9679] bond0 (unregistering): (slave syz_tun): Releasing backup interface
[  181.218173][ T9679] bond0 (unregistering): Released all slaves
[  181.231040][ T9685] netlink: 'syz.3.1277': attribute type 12 has an invalid length.
[  181.239281][ T9686] tipc: Started in network mode
[  181.244209][ T9686] tipc: Node identity , cluster identity 4711
[  181.253130][ T9686] tipc: Failed to set node id, please configure manually
[  181.260853][ T9686] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  181.270779][ T9667] lo speed is unknown, defaulting to 1000
[  181.308462][ T5145] Bluetooth: hci2: command 0x0406 tx timeout
[  181.317797][ T5835] Bluetooth: hci3: command 0x0406 tx timeout
[  181.323862][ T5835] Bluetooth: hci1: command 0x0406 tx timeout
[  181.720312][ T9747] FAULT_INJECTION: forcing a failure.
[  181.720312][ T9747] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.741496][ T9747] CPU: 1 UID: 0 PID: 9747 Comm: syz.0.1296 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  181.752240][ T9747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  181.762347][ T9747] Call Trace:
[  181.765647][ T9747]  <TASK>
[  181.768605][ T9747]  dump_stack_lvl+0x241/0x360
[  181.773324][ T9747]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.778558][ T9747]  ? __pfx__printk+0x10/0x10
[  181.783197][ T9747]  ? snprintf+0xda/0x120
[  181.787481][ T9747]  should_fail_ex+0x3b0/0x4e0
[  181.792198][ T9747]  _copy_to_user+0x31/0xb0
[  181.796650][ T9747]  simple_read_from_buffer+0xca/0x150
[  181.802060][ T9747]  proc_fail_nth_read+0x1e9/0x250
[  181.807122][ T9747]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  181.812703][ T9747]  ? rw_verify_area+0x55e/0x6f0
[  181.817584][ T9747]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  181.823249][ T9747]  vfs_read+0x1fc/0xb70
[  181.827440][ T9747]  ? __pfx___mutex_lock+0x10/0x10
[  181.832488][ T9747]  ? __pfx_vfs_read+0x10/0x10
[  181.837201][ T9747]  ? __fget_files+0x2a/0x410
[  181.841825][ T9747]  ? __fget_files+0x395/0x410
[  181.846530][ T9747]  ? __fget_files+0x2a/0x410
[  181.851151][ T9747]  ksys_read+0x18f/0x2b0
[  181.855424][ T9747]  ? __pfx_ksys_read+0x10/0x10
[  181.860216][ T9747]  ? do_syscall_64+0x100/0x230
[  181.865015][ T9747]  ? do_syscall_64+0xb6/0x230
[  181.869728][ T9747]  do_syscall_64+0xf3/0x230
[  181.874257][ T9747]  ? clear_bhb_loop+0x35/0x90
[  181.878964][ T9747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.884922][ T9747] RIP: 0033:0x7fe71cb7e92c
[  181.889354][ T9747] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  181.908988][ T9747] RSP: 002b:00007fe71d96f050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  181.917441][ T9747] RAX: ffffffffffffffda RBX: 00007fe71cd45fa0 RCX: 00007fe71cb7e92c
[  181.925447][ T9747] RDX: 000000000000000f RSI: 00007fe71d96f0b0 RDI: 0000000000000004
[  181.933447][ T9747] RBP: 00007fe71d96f0a0 R08: 0000000000000000 R09: 0000000000000000
[  181.941423][ T9747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.949416][ T9747] R13: 0000000000000000 R14: 00007fe71cd45fa0 R15: 00007ffc2e55d868
[  181.957425][ T9747]  </TASK>
[  182.233208][ T9793] netlink: 'syz.3.1302': attribute type 10 has an invalid length.
[  182.513650][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1308'.
[  182.567585][ T9810] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  183.092003][ T9848] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1321'.
[  183.187381][ T9851] lo speed is unknown, defaulting to 1000
[  183.357428][ T9858] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1325'.
[  183.395214][ T9858] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1325'.
[  183.685842][ T9874] netlink: 'syz.2.1329': attribute type 10 has an invalid length.
[  183.746637][ T9877] netlink: 'syz.3.1330': attribute type 10 has an invalid length.
[  183.754554][ T9877] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  183.785753][ T9877] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  183.803606][ T9877] team0: Port device netdevsim0 added
[  183.818303][ T9851] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1322'.
[  183.828341][ T9851] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  183.835672][ T9851] IPv6: NLM_F_CREATE should be set when creating new route
[  183.843048][ T9851] IPv6: NLM_F_CREATE should be set when creating new route
[  183.855461][ T9881] FAULT_INJECTION: forcing a failure.
[  183.855461][ T9881] name failslab, interval 1, probability 0, space 0, times 0
[  183.868234][ T9881] CPU: 1 UID: 0 PID: 9881 Comm: syz.2.1332 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  183.878953][ T9881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  183.889129][ T9881] Call Trace:
[  183.892441][ T9881]  <TASK>
[  183.895393][ T9881]  dump_stack_lvl+0x241/0x360
[  183.900104][ T9881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.905332][ T9881]  ? __pfx__printk+0x10/0x10
[  183.909960][ T9881]  ? mark_lock+0x9a/0x360
[  183.914317][ T9881]  should_fail_ex+0x3b0/0x4e0
[  183.919019][ T9881]  should_failslab+0xac/0x100
[  183.923722][ T9881]  ? skb_ext_add+0x14d/0x910
[  183.928337][ T9881]  kmem_cache_alloc_noprof+0x70/0x380
[  183.933744][ T9881]  skb_ext_add+0x14d/0x910
[  183.938191][ T9881]  ? xfrm6_tunnel_pernet+0x23/0x240
[  183.943426][ T9881]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  183.949440][ T9881]  xfrm_input+0x807/0x76f0
[  183.953890][ T9881]  ? __local_bh_enable_ip+0x168/0x200
[  183.959298][ T9881]  ? __local_bh_enable_ip+0x168/0x200
[  183.964703][ T9881]  ? xfrm6_tunnel_spi_lookup+0x21/0x2b0
[  183.970289][ T9881]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  183.976059][ T9881]  ? __pfx_xfrm_input+0x10/0x10
[  183.980943][ T9881]  ? xfrm6_tunnel_spi_lookup+0x21/0x2b0
[  183.986519][ T9881]  ? xfrm6_tunnel_spi_lookup+0x27b/0x2b0
[  183.992180][ T9881]  ? xfrm6_tunnel_spi_lookup+0x21/0x2b0
[  183.997760][ T9881]  tunnel46_rcv+0xd8/0x2d0
[  184.002378][ T9881]  ? __pfx_tunnel46_rcv+0x10/0x10
[  184.007435][ T9881]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  184.012314][ T9881]  ip6_protocol_deliver_rcu+0x105b/0x1580
[  184.018086][ T9881]  ? ip6_input_finish+0xdc/0x2d0
[  184.023058][ T9881]  ip6_input_finish+0x187/0x2d0
[  184.027944][ T9881]  ? __pfx_ip6_input_finish+0x10/0x10
[  184.033350][ T9881]  NF_HOOK+0x3a4/0x450
[  184.037449][ T9881]  ? NF_HOOK+0x9a/0x450
[  184.041630][ T9881]  ? __pfx_NF_HOOK+0x10/0x10
[  184.046248][ T9881]  ? __pfx_ip6_input_finish+0x10/0x10
[  184.051665][ T9881]  ? ipv6_chk_mcast_addr+0x2e/0x840
[  184.056894][ T9881]  ? ipv6_chk_mcast_addr+0x78f/0x840
[  184.062212][ T9881]  ? ipv6_chk_mcast_addr+0x2e/0x840
[  184.067444][ T9881]  ip6_mc_input+0x9c5/0xc30
[  184.071990][ T9881]  ? __pfx_ip6_mc_input+0x10/0x10
[  184.077061][ T9881]  ? skb_dst+0x72/0xd0
[  184.081172][ T9881]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  184.086407][ T9881]  NF_HOOK+0x3a4/0x450
[  184.090505][ T9881]  ? skb_orphan+0x4b/0xd0
[  184.094890][ T9881]  ? NF_HOOK+0x9a/0x450
[  184.099078][ T9881]  ? __pfx_NF_HOOK+0x10/0x10
[  184.103693][ T9881]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  184.108933][ T9881]  ? __pfx_ipv6_rcv+0x10/0x10
[  184.113637][ T9881]  __netif_receive_skb+0x1ea/0x650
[  184.118782][ T9881]  ? __pfx_lock_acquire+0x10/0x10
[  184.123837][ T9881]  ? __pfx___netif_receive_skb+0x10/0x10
[  184.129595][ T9881]  ? tun_rx_batched+0x160/0x8f0
[  184.134478][ T9881]  ? __pfx_lockdep_softirqs_off+0x10/0x10
[  184.140234][ T9881]  ? netif_receive_skb+0x131/0x890
[  184.145376][ T9881]  ? netif_receive_skb+0x131/0x890
[  184.150517][ T9881]  netif_receive_skb+0x1e8/0x890
[  184.155479][ T9881]  ? tun_rx_batched+0x160/0x8f0
[  184.160457][ T9881]  ? __pfx_netif_receive_skb+0x10/0x10
[  184.165967][ T9881]  ? tun_rx_batched+0x160/0x8f0
[  184.170960][ T9881]  tun_rx_batched+0x1b7/0x8f0
[  184.175675][ T9881]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.182048][ T9881]  ? __pfx_lock_acquire+0x10/0x10
[  184.187110][ T9881]  ? __pfx_tun_rx_batched+0x10/0x10
[  184.192358][ T9881]  tun_get_user+0x30d6/0x4890
[  184.197060][ T9881]  ? tun_get_user+0x2bbe/0x4890
[  184.201956][ T9881]  ? __lock_acquire+0x1397/0x2100
[  184.207107][ T9881]  ? __pfx_tun_get_user+0x10/0x10
[  184.212186][ T9881]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  184.217688][ T9881]  ? tun_get+0x1e/0x2f0
[  184.221882][ T9881]  ? __pfx_lock_release+0x10/0x10
[  184.226949][ T9881]  ? tun_get+0x1e/0x2f0
[  184.231131][ T9881]  ? tun_get+0x27d/0x2f0
[  184.235496][ T9881]  tun_chr_write_iter+0x10d/0x1f0
[  184.240574][ T9881]  vfs_write+0xaeb/0xd30
[  184.244945][ T9881]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  184.250528][ T9881]  ? __pfx_vfs_write+0x10/0x10
[  184.255329][ T9881]  ? __fget_files+0x2a/0x410
[  184.259944][ T9881]  ? __fget_files+0x2a/0x410
[  184.264577][ T9881]  ksys_write+0x18f/0x2b0
[  184.268940][ T9881]  ? __pfx_ksys_write+0x10/0x10
[  184.273823][ T9881]  ? do_syscall_64+0x100/0x230
[  184.278621][ T9881]  ? do_syscall_64+0xb6/0x230
[  184.283327][ T9881]  do_syscall_64+0xf3/0x230
[  184.287860][ T9881]  ? clear_bhb_loop+0x35/0x90
[  184.292565][ T9881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.298480][ T9881] RIP: 0033:0x7fb1ba77ff19
[  184.302918][ T9881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.322549][ T9881] RSP: 002b:00007fb1bb612058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  184.330999][ T9881] RAX: ffffffffffffffda RBX: 00007fb1ba945fa0 RCX: 00007fb1ba77ff19
[  184.339084][ T9881] RDX: 0000000000000ffe RSI: 0000000020000240 RDI: 0000000000000003
[  184.347083][ T9881] RBP: 00007fb1bb6120a0 R08: 0000000000000000 R09: 0000000000000000
[  184.355098][ T9881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  184.363101][ T9881] R13: 0000000000000000 R14: 00007fb1ba945fa0 R15: 00007ffc99ce5b18
[  184.371119][ T9881]  </TASK>
[  184.387923][ T9885] netlink: 'syz.4.1334': attribute type 10 has an invalid length.
[  184.483358][ T9885] team0: Device bridge0 failed to register rx_handler
[  184.688835][ T9896] lo speed is unknown, defaulting to 1000
[  184.757061][ T9898] netlink: 120 bytes leftover after parsing attributes in process `syz.4.1338'.
[  184.834302][ T9898] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  185.114677][ T9912] netlink: 'syz.1.1342': attribute type 10 has an invalid length.
[  185.329694][ T9920] sctp: [Deprecated]: syz.1.1346 (pid 9920) Use of struct sctp_assoc_value in delayed_ack socket option.
[  185.329694][ T9920] Use struct sctp_sack_info instead
[  185.371040][ T9919] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1345'.
[  186.559274][ T9947] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1355'.
[  186.588937][ T9947] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1355'.
[  186.634356][ T9950] netlink: 'syz.4.1355': attribute type 2 has an invalid length.
[  186.720266][ T9958] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1357'.
[  186.963059][ T9969] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1362'.
[  186.981322][ T9971] FAULT_INJECTION: forcing a failure.
[  186.981322][ T9971] name failslab, interval 1, probability 0, space 0, times 0
[  187.011892][ T9971] CPU: 1 UID: 0 PID: 9971 Comm: syz.3.1360 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  187.014165][ T9973] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1361'.
[  187.022613][ T9971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  187.022633][ T9971] Call Trace:
[  187.022641][ T9971]  <TASK>
[  187.022651][ T9971]  dump_stack_lvl+0x241/0x360
[  187.022681][ T9971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.022704][ T9971]  ? __pfx__printk+0x10/0x10
[  187.022728][ T9971]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  187.022752][ T9971]  ? __pfx___might_resched+0x10/0x10
[  187.022776][ T9971]  should_fail_ex+0x3b0/0x4e0
[  187.022801][ T9971]  should_failslab+0xac/0x100
[  187.022827][ T9971]  kmem_cache_alloc_node_noprof+0x77/0x380
[  187.022852][ T9971]  ? __alloc_skb+0x1c3/0x440
[  187.022877][ T9971]  __alloc_skb+0x1c3/0x440
[  187.022901][ T9971]  ? __pfx___alloc_skb+0x10/0x10
[  187.103024][ T9971]  ? netlink_autobind+0xd6/0x2f0
[  187.107977][ T9971]  ? netlink_autobind+0x2b0/0x2f0
[  187.113021][ T9971]  netlink_sendmsg+0x638/0xcb0
[  187.117793][ T9971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.123169][ T9971]  ? aa_sock_msg_perm+0x91/0x160
[  187.128108][ T9971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.133386][ T9971]  __sock_sendmsg+0x221/0x270
[  187.138066][ T9971]  ____sys_sendmsg+0x52a/0x7e0
[  187.142834][ T9971]  ? __pfx_____sys_sendmsg+0x10/0x10
[  187.148116][ T9971]  ? __fget_files+0x2a/0x410
[  187.152705][ T9971]  ? __fget_files+0x2a/0x410
[  187.157296][ T9971]  __sys_sendmsg+0x269/0x350
[  187.161900][ T9971]  ? __pfx_lock_release+0x10/0x10
[  187.166929][ T9971]  ? __pfx___sys_sendmsg+0x10/0x10
[  187.172113][ T9971]  ? __pfx_vfs_write+0x10/0x10
[  187.176909][ T9971]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  187.183444][ T9971]  ? do_syscall_64+0x100/0x230
[  187.188235][ T9971]  ? do_syscall_64+0xb6/0x230
[  187.192928][ T9971]  do_syscall_64+0xf3/0x230
[  187.197442][ T9971]  ? clear_bhb_loop+0x35/0x90
[  187.202118][ T9971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.208097][ T9971] RIP: 0033:0x7f049eb7ff19
[  187.212681][ T9971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.232313][ T9971] RSP: 002b:00007f049c9f6058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.240764][ T9971] RAX: ffffffffffffffda RBX: 00007f049ed45fa0 RCX: 00007f049eb7ff19
[  187.248732][ T9971] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  187.256699][ T9971] RBP: 00007f049c9f60a0 R08: 0000000000000000 R09: 0000000000000000
[  187.264669][ T9971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.272659][ T9971] R13: 0000000000000000 R14: 00007f049ed45fa0 R15: 00007ffdad2161f8
[  187.280661][ T9971]  </TASK>
[  187.447079][ T9982] bridge0: entered allmulticast mode
[  187.454099][ T9981] SET target dimension over the limit!
[  187.461475][ T9982] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  187.474514][ T9982] syztnl2: entered allmulticast mode
[  187.500147][ T9982] bond1: left promiscuous mode
[  187.513153][ T9982] bond1: entered allmulticast mode
[  187.535590][ T9982] gretap1: entered allmulticast mode
[  187.541190][ T9982] bridge2: entered allmulticast mode
[  187.547839][ T9982] macvlan2: entered allmulticast mode
[  187.561215][ T9982] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 38028 - 0
[  187.570855][ T9982] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 38028 - 0
[  187.580453][ T9982] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 38028 - 0
[  187.598293][ T9982] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 38028 - 0
[  187.609111][ T9982] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 44966 - 0
[  187.618666][ T9982] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 44966 - 0
[  187.642463][ T9982] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 44966 - 0
[  187.654778][ T9982] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 44966 - 0
[  187.665902][ T9982] geneve3: left promiscuous mode
[  187.672147][ T9982] macvlan3: entered allmulticast mode
[  187.684444][ T9982] ': entered allmulticast mode
[  187.689571][ T9982] bridge3: entered allmulticast mode
[  187.695592][ T9982] ip6gretap1: entered allmulticast mode
[  187.701358][ T9989] netlink: 'syz.0.1368': attribute type 14 has an invalid length.
[  187.709908][ T9982] ip6tnl1: entered allmulticast mode
[  187.728581][ T5828] bond0: (slave syz_tun): Releasing backup interface
[  187.852800][ T9776] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.963182][ T9776] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.050889][ T9776] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.148979][ T9776] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.364537][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  188.366907][ T9776] macvlan2: left allmulticast mode
[  188.384355][ T9776] macvlan2: left promiscuous mode
[  188.385416][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  188.398896][ T9776] bridge2: port 1(macvlan2) entered disabled state
[  188.411374][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  188.431992][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  188.440770][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  188.448371][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  188.481608][T10012] __nla_validate_parse: 4 callbacks suppressed
[  188.481627][T10012] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1376'.
[  188.774398][ T9776] bridge0 (unregistering): left promiscuous mode
[  189.089613][T10026] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1381'.
[  189.115254][T10026] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1381'.
[  189.841809][ T9776] bond0 (unregistering): Released all slaves
[  189.969861][ T9776] tipc: Left network mode
[  189.975210][T10028] netlink: 'syz.2.1382': attribute type 12 has an invalid length.
[  190.016452][T10007] lo speed is unknown, defaulting to 1000
[  190.064170][T10033] netlink: 604 bytes leftover after parsing attributes in process `syz.2.1382'.
[  190.084739][T10035] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1385'.
[  190.097118][T10030] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1384'.
[  190.351677][T10046] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1388'.
[  190.506161][   T54] Bluetooth: hci1: command tx timeout
[  190.541803][ T9776] veth1: left promiscuous mode
[  190.548372][ T9776] batadv0: left promiscuous mode
[  190.556264][ T9776] team0: left promiscuous mode
[  190.569656][ T9776] hsr_slave_0: left promiscuous mode
[  190.577390][ T9776] hsr_slave_1: left promiscuous mode
[  190.600953][ T9776] dummy0: left promiscuous mode
[  190.606386][ T9776] veth0_macvtap: left promiscuous mode
[  190.612529][ T9776] veth1_vlan: left promiscuous mode
[  190.618233][ T9776] veth0_vlan: left promiscuous mode
[  190.754258][ T9776] pimreg (unregistering): left allmulticast mode
[  190.861634][T10057] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1392'.
[  191.161820][T10060] FAULT_INJECTION: forcing a failure.
[  191.161820][T10060] name failslab, interval 1, probability 0, space 0, times 0
[  191.185062][T10060] CPU: 1 UID: 0 PID: 10060 Comm: syz.4.1393 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  191.195881][T10060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  191.205986][T10060] Call Trace:
[  191.209284][T10060]  <TASK>
[  191.212224][T10060]  dump_stack_lvl+0x241/0x360
[  191.216908][T10060]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.222121][T10060]  ? __pfx__printk+0x10/0x10
[  191.226728][T10060]  ? __kmalloc_cache_noprof+0x48/0x390
[  191.232200][T10060]  ? __pfx___might_resched+0x10/0x10
[  191.237505][T10060]  should_fail_ex+0x3b0/0x4e0
[  191.242181][T10060]  should_failslab+0xac/0x100
[  191.246864][T10060]  __kmalloc_cache_noprof+0x70/0x390
[  191.252198][T10060]  ? ovs_ct_limit_cmd_set+0x2f9/0xaf0
[  191.257677][T10060]  ovs_ct_limit_cmd_set+0x2f9/0xaf0
[  191.262888][T10060]  genl_rcv_msg+0xb14/0xec0
[  191.267396][T10060]  ? __pfx_genl_rcv_msg+0x10/0x10
[  191.272435][T10060]  ? __pfx_lock_acquire+0x10/0x10
[  191.277458][T10060]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  191.283176][T10060]  ? __pfx___might_resched+0x10/0x10
[  191.288488][T10060]  netlink_rcv_skb+0x1e3/0x430
[  191.293265][T10060]  ? __pfx_genl_rcv_msg+0x10/0x10
[  191.298293][T10060]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  191.303589][T10060]  genl_rcv+0x28/0x40
[  191.307576][T10060]  netlink_unicast+0x7f6/0x990
[  191.312347][T10060]  ? __pfx_netlink_unicast+0x10/0x10
[  191.317657][T10060]  ? __virt_addr_valid+0x183/0x530
[  191.322782][T10060]  ? __check_object_size+0x48e/0x900
[  191.328099][T10060]  netlink_sendmsg+0x8e4/0xcb0
[  191.332888][T10060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.338180][T10060]  ? aa_sock_msg_perm+0x91/0x160
[  191.343148][T10060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.348442][T10060]  __sock_sendmsg+0x221/0x270
[  191.353133][T10060]  ____sys_sendmsg+0x52a/0x7e0
[  191.357913][T10060]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.363215][T10060]  ? __fget_files+0x2a/0x410
[  191.367802][T10060]  ? __fget_files+0x2a/0x410
[  191.372489][T10060]  __sys_sendmsg+0x269/0x350
[  191.377090][T10060]  ? __pfx_lock_release+0x10/0x10
[  191.382124][T10060]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.387241][T10060]  ? __pfx_vfs_write+0x10/0x10
[  191.392048][T10060]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  191.398432][T10060]  ? do_syscall_64+0x100/0x230
[  191.403242][T10060]  ? do_syscall_64+0xb6/0x230
[  191.407951][T10060]  do_syscall_64+0xf3/0x230
[  191.412487][T10060]  ? clear_bhb_loop+0x35/0x90
[  191.417199][T10060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.423117][T10060] RIP: 0033:0x7f9910d7ff19
[  191.427531][T10060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.447146][T10060] RSP: 002b:00007f9911bd3058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.455583][T10060] RAX: ffffffffffffffda RBX: 00007f9910f45fa0 RCX: 00007f9910d7ff19
[  191.463550][T10060] RDX: 0000000000040010 RSI: 0000000020000100 RDI: 0000000000000003
[  191.471517][T10060] RBP: 00007f9911bd30a0 R08: 0000000000000000 R09: 0000000000000000
[  191.479485][T10060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  191.487450][T10060] R13: 0000000000000000 R14: 00007f9910f45fa0 R15: 00007ffc9900f1a8
[  191.495446][T10060]  </TASK>
[  191.746018][T10072] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1397'.
[  192.006774][    T9] lo speed is unknown, defaulting to 1000
[  192.045490][T10073] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1395'.
[  192.076066][T10073] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  192.293170][T10051] team0: Port device netdevsim0 removed
[  192.333196][T10007] chnl_net:caif_netlink_parms(): no params data found
[  192.526545][T10088] xt_cgroup: invalid path, errno=-2
[  192.585112][   T54] Bluetooth: hci1: command tx timeout
[  192.619391][T10092] FAULT_INJECTION: forcing a failure.
[  192.619391][T10092] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.632554][T10092] CPU: 0 UID: 0 PID: 10092 Comm: syz.2.1405 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  192.643379][T10092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  192.653465][T10092] Call Trace:
[  192.656743][T10092]  <TASK>
[  192.659680][T10092]  dump_stack_lvl+0x241/0x360
[  192.664373][T10092]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.669572][T10092]  ? __pfx__printk+0x10/0x10
[  192.674183][T10092]  ? snprintf+0xda/0x120
[  192.678430][T10092]  should_fail_ex+0x3b0/0x4e0
[  192.683110][T10092]  _copy_to_user+0x31/0xb0
[  192.687533][T10092]  simple_read_from_buffer+0xca/0x150
[  192.692930][T10092]  proc_fail_nth_read+0x1e9/0x250
[  192.697978][T10092]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  192.703638][T10092]  ? rw_verify_area+0x55e/0x6f0
[  192.708496][T10092]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  192.714045][T10092]  vfs_read+0x1fc/0xb70
[  192.718206][T10092]  ? __pfx___mutex_lock+0x10/0x10
[  192.723230][T10092]  ? __pfx_vfs_read+0x10/0x10
[  192.727999][T10092]  ? __fget_files+0x2a/0x410
[  192.732593][T10092]  ? __fget_files+0x395/0x410
[  192.737268][T10092]  ? __fget_files+0x2a/0x410
[  192.741889][T10092]  ksys_read+0x18f/0x2b0
[  192.746147][T10092]  ? __pfx_ksys_read+0x10/0x10
[  192.750919][T10092]  ? do_syscall_64+0x100/0x230
[  192.755726][T10092]  ? do_syscall_64+0xb6/0x230
[  192.760403][T10092]  do_syscall_64+0xf3/0x230
[  192.764900][T10092]  ? clear_bhb_loop+0x35/0x90
[  192.769606][T10092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.775514][T10092] RIP: 0033:0x7fb1ba77e92c
[  192.779966][T10092] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  192.799586][T10092] RSP: 002b:00007fb1bb612050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  192.808004][T10092] RAX: ffffffffffffffda RBX: 00007fb1ba945fa0 RCX: 00007fb1ba77e92c
[  192.815974][T10092] RDX: 000000000000000f RSI: 00007fb1bb6120b0 RDI: 0000000000000008
[  192.823943][T10092] RBP: 00007fb1bb6120a0 R08: 0000000000000000 R09: 0000000000000000
[  192.831946][T10092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.839929][T10092] R13: 0000000000000000 R14: 00007fb1ba945fa0 R15: 00007ffc99ce5b18
[  192.847939][T10092]  </TASK>
[  192.906409][T10007] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.913564][T10007] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.922041][T10007] bridge_slave_0: entered allmulticast mode
[  192.936278][T10007] bridge_slave_0: entered promiscuous mode
[  192.964723][T10007] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.990930][T10007] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.014599][T10007] bridge_slave_1: entered allmulticast mode
[  193.027027][T10007] bridge_slave_1: entered promiscuous mode
[  193.164376][T10007] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  193.182267][T10007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  193.268445][T10007] team0: Port device team_slave_0 added
[  193.287029][T10007] team0: Port device team_slave_1 added
[  193.317517][T10007] batman_adv: batadv0: Adding interface: batadv_slave_0
[  193.324598][T10007] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  193.375113][T10007] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  193.388774][T10007] batman_adv: batadv0: Adding interface: batadv_slave_1
[  193.395980][T10007] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  193.428316][T10007] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.566341][T10007] hsr_slave_0: entered promiscuous mode
[  193.579376][T10007] hsr_slave_1: entered promiscuous mode
[  193.600591][T10007] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  193.615250][T10007] Cannot create hsr debugfs directory
[  193.704378][T10115] __nla_validate_parse: 6 callbacks suppressed
[  193.704399][T10115] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1413'.
[  193.706318][T10117] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1414'.
[  193.794844][T10117] tc_dump_action: action bad kind
[  194.115497][T10130] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1420'.
[  194.295941][T10007] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  194.310219][T10007] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  194.320458][T10007] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  194.351937][T10007] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  194.407972][T10137] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1424'.
[  194.435123][T10137] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1424'.
[  194.560566][T10007] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.588160][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  194.656423][T10146] netlink: 'syz.2.1426': attribute type 10 has an invalid length.
[  194.665665][   T54] Bluetooth: hci1: command tx timeout
[  194.787767][T10007] 8021q: adding VLAN 0 to HW filter on device team0
[  194.853940][ T9776] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.861174][ T9776] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.894595][ T9776] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.901865][ T9776] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.913594][T10157] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1432'.
[  194.938393][T10154] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1429'.
[  194.959059][T10154] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1429'.
[  194.973205][T10154] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1429'.
[  194.993148][T10158] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1429'.
[  195.087598][T10007] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  195.157357][T10166] netlink: 'syz.4.1434': attribute type 12 has an invalid length.
[  195.225918][T10176] xt_cgroup: invalid path, errno=-2
[  195.493772][T10007] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.587451][T10007] veth0_vlan: entered promiscuous mode
[  195.605416][T10007] veth1_vlan: entered promiscuous mode
[  195.670695][T10007] veth0_macvtap: entered promiscuous mode
[  195.701111][T10007] veth1_macvtap: entered promiscuous mode
[  195.758671][T10007] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.782991][T10007] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.811169][T10007] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.830388][T10007] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.845417][T10007] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.854353][T10007] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  195.877704][T10206] xt_hashlimit: size too large, truncated to 1048576
[  195.970066][ T9777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.991191][ T9777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.041274][ T9745] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.055822][ T9745] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.408399][T10220] pim6reg1: entered promiscuous mode
[  196.422912][T10220] pim6reg1: entered allmulticast mode
[  196.595478][T10229] syz.0.1457[10229] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.595585][T10229] syz.0.1457[10229] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.637886][T10229] syz.0.1457[10229] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  196.833010][T10235] gre1: entered promiscuous mode
[  196.871020][T10235] gre1: entered allmulticast mode
[  198.424058][ T9745] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.880093][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  198.889728][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  198.898916][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  198.908514][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  198.916676][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  198.924390][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  198.963032][T10276] __nla_validate_parse: 5 callbacks suppressed
[  198.963053][T10276] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1477'.
[  199.288294][T10273] chnl_net:caif_netlink_parms(): no params data found
[  199.569853][T10295] ªªªªªª: renamed from vlan0
[  199.662922][ T9745] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.460602][ T9745] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.632691][ T9745] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.654888][T10273] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.669653][T10273] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.679779][T10273] bridge_slave_0: entered allmulticast mode
[  200.702161][T10273] bridge_slave_0: entered promiscuous mode
[  200.729821][T10324] pim6reg1: entered promiscuous mode
[  200.743005][T10324] pim6reg1: entered allmulticast mode
[  200.766017][T10273] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.773258][T10273] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.812221][T10273] bridge_slave_1: entered allmulticast mode
[  200.832442][T10273] bridge_slave_1: entered promiscuous mode
[  200.986836][ T5847] Bluetooth: hci1: command tx timeout
[  201.046391][T10273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.087922][T10273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.152302][T10273] team0: Port device team_slave_0 added
[  201.168522][T10273] team0: Port device team_slave_1 added
[  201.253618][T10273] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.264010][T10273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.299299][T10273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.360105][T10273] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.377818][T10273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.463586][T10273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.491587][ T9745] bridge_slave_1: left allmulticast mode
[  201.503399][ T9745] bridge_slave_1: left promiscuous mode
[  201.510748][ T9745] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.540990][ T9745] bridge_slave_0: left allmulticast mode
[  201.553362][ T9745] bridge_slave_0: left promiscuous mode
[  201.564668][ T9745] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.215591][ T9745] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  202.244117][ T9745] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  202.261461][ T9745] bond0 (unregistering): Released all slaves
[  202.460983][T10273] hsr_slave_0: entered promiscuous mode
[  202.469652][T10273] hsr_slave_1: entered promiscuous mode
[  202.482244][T10273] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  202.520847][T10273] Cannot create hsr debugfs directory
[  202.832080][T10396] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1531'.
[  203.065256][ T5847] Bluetooth: hci1: command tx timeout
[  203.333717][ T9745] hsr_slave_0: left promiscuous mode
[  203.350789][T10412] netlink: 'syz.4.1539': attribute type 3 has an invalid length.
[  203.410567][ T9745] hsr_slave_1: left promiscuous mode
[  203.428780][ T9745] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  203.436717][ T9745] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.447773][ T9745] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  203.459323][ T9745] batman_adv: batadv0: Removing interface: batadv_slave_1
[  203.513794][ T9745] veth1_macvtap: left promiscuous mode
[  203.535161][ T9745] veth0_macvtap: left promiscuous mode
[  203.540918][ T9745] veth1_vlan: left promiscuous mode
[  203.547733][ T9745] veth0_vlan: left promiscuous mode
[  204.147386][ T9745] team0 (unregistering): Port device team_slave_1 removed
[  204.196458][ T9745] team0 (unregistering): Port device team_slave_0 removed
[  204.735569][T10442] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1552'.
[  204.864640][T10444] netem: unknown loss type 5
[  205.146306][ T5847] Bluetooth: hci1: command tx timeout
[  206.721543][T10461] netlink: 'syz.4.1561': attribute type 4 has an invalid length.
[  206.729459][T10461] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.1561'.
[  206.745393][T10463] netlink: 300 bytes leftover after parsing attributes in process `syz.0.1562'.
[  206.754545][T10463] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  206.834425][T10470] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1564'.
[  206.861331][T10470] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1564'.
[  206.927535][T10273] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  206.948547][T10273] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  206.989850][T10273] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  207.027109][T10273] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  207.214699][T10488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1573'.
[  207.221219][T10273] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.231030][ T5847] Bluetooth: hci1: command tx timeout
[  207.235481][T10488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1573'.
[  207.300024][T10488] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1573'.
[  207.321852][T10273] 8021q: adding VLAN 0 to HW filter on device team0
[  207.471911][ T9777] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.479113][ T9777] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.493231][ T9777] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.500438][ T9777] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.640865][T10508] xt_hashlimit: size too large, truncated to 1048576
[  207.792278][T10273] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.816864][T10519] 
[  207.819245][T10519] =============================
[  207.824196][T10519] [ BUG: Invalid wait context ]
[  207.829153][T10519] 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0 Not tainted
[  207.835994][T10273] veth0_vlan: entered promiscuous mode
[  207.836254][T10519] -----------------------------
[  207.836262][T10519] syz.3.1585/10519 is trying to lock:
[  207.851895][T10519] ffff888033f8b200 (&trie->lock){..-.}-{3:3}, at: trie_delete_elem+0x96/0x6a0
[  207.860757][T10519] other info that might help us debug this:
[  207.866622][T10519] context-{5:5}
[  207.870058][T10519] 2 locks held by syz.3.1585/10519:
[  207.875231][T10519]  #0: ffff8880b863e8d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  207.885160][T10519]  #1: ffffffff8e937aa0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x244/0x590
[  207.894537][T10519] stack backtrace:
[  207.898238][T10519] CPU: 0 UID: 0 PID: 10519 Comm: syz.3.1585 Not tainted 6.13.0-rc1-syzkaller-00371-g65fb414c93f4 #0
[  207.908976][T10519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  207.919015][T10519] Call Trace:
[  207.922304][T10519]  <TASK>
[  207.925221][T10519]  dump_stack_lvl+0x241/0x360
[  207.929891][T10519]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.935073][T10519]  ? __pfx__printk+0x10/0x10
[  207.939645][T10519]  ? validate_chain+0x11e/0x5920
[  207.944576][T10519]  __lock_acquire+0x15a8/0x2100
[  207.949522][T10519]  lock_acquire+0x1ed/0x550
[  207.954012][T10519]  ? trie_delete_elem+0x96/0x6a0
[  207.958936][T10519]  ? __pfx_lock_acquire+0x10/0x10
[  207.963945][T10519]  ? __lock_acquire+0x1397/0x2100
[  207.968964][T10519]  _raw_spin_lock_irqsave+0xd5/0x120
[  207.974235][T10519]  ? trie_delete_elem+0x96/0x6a0
[  207.979179][T10519]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  207.985060][T10519]  ? __pfx_lock_acquire+0x10/0x10
[  207.990071][T10519]  ? kvm_sched_clock_read+0x11/0x20
[  207.995265][T10519]  trie_delete_elem+0x96/0x6a0
[  208.000012][T10519]  ? __pfx___cant_migrate+0x10/0x10
[  208.005193][T10519]  ? bpf_trace_run4+0x244/0x590
[  208.010026][T10519]  bpf_prog_ae0c3e605f35524c+0x46/0x4a
[  208.015465][T10519]  bpf_trace_run4+0x334/0x590
[  208.020142][T10519]  ? psi_group_change+0xb4e/0x1190
[  208.025237][T10519]  ? __pfx_bpf_trace_run4+0x10/0x10
[  208.030508][T10519]  ? __pfx_probe_sched_switch+0x10/0x10
[  208.036037][T10519]  ? tracing_record_taskinfo_sched_switch+0x7b/0x390
[  208.042696][T10519]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  208.048748][T10519]  __traceiter_sched_switch+0x98/0xd0
[  208.054109][T10519]  __schedule+0x22bc/0x4c30
[  208.058628][T10519]  ? __pfx___schedule+0x10/0x10
[  208.063477][T10519]  ? __pfx_lock_release+0x10/0x10
[  208.068484][T10519]  ? futex_wait_queue+0x27/0x1d0
[  208.073408][T10519]  ? schedule+0x90/0x320
[  208.077637][T10519]  schedule+0x14b/0x320
[  208.081800][T10519]  ? futex_wait_queue+0x27/0x1d0
[  208.086726][T10519]  futex_wait_queue+0x14e/0x1d0
[  208.091560][T10519]  __futex_wait+0x17f/0x320
[  208.096062][T10519]  ? __pfx___futex_wait+0x10/0x10
[  208.101081][T10519]  ? __pfx_futex_wake_mark+0x10/0x10
[  208.106356][T10519]  ? bpf_link_settle+0xbd/0x150
[  208.111205][T10519]  ? futex_hash+0x1e/0x1f0
[  208.115609][T10519]  futex_wait+0x101/0x360
[  208.119923][T10519]  ? __pfx_futex_wait+0x10/0x10
[  208.124762][T10519]  do_futex+0x33b/0x560
[  208.128897][T10519]  ? bpf_raw_tracepoint_open+0x18b/0x1f0
[  208.134522][T10519]  ? __pfx_do_futex+0x10/0x10
[  208.139176][T10519]  ? __pfx___sys_bpf+0x10/0x10
[  208.143925][T10519]  __se_sys_futex+0x3f9/0x480
[  208.148671][T10519]  ? __pfx___se_sys_futex+0x10/0x10
[  208.153850][T10519]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  208.160161][T10519]  ? do_syscall_64+0x100/0x230
[  208.164905][T10519]  ? __x64_sys_futex+0x21/0xf0
[  208.169739][T10519]  do_syscall_64+0xf3/0x230
[  208.174223][T10519]  ? clear_bhb_loop+0x35/0x90
[  208.178884][T10519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.184775][T10519] RIP: 0033:0x7f049eb7ff19
[  208.189173][T10519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.208762][T10519] RSP: 002b:00007f049c9f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  208.217160][T10519] RAX: ffffffffffffffda RBX: 00007f049ed45fa8 RCX: 00007f049eb7ff19
[  208.225208][T10519] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f049ed45fa8
[  208.233357][T10519] RBP: 00007f049ed45fa0 R08: 0000000000000000 R09: 0000000000000000
[  208.241330][T10519] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f049ed45fac
[  208.249295][T10519] R13: 0000000000000000 R14: 00007ffdad216110 R15: 00007ffdad2161f8
[  208.257515][T10519]  </TASK>
[  208.265848][T10273] veth1_vlan: entered promiscuous mode
[  208.283198][T10273] veth0_macvtap: entered promiscuous mode
[  208.291504][T10273] veth1_macvtap: entered promiscuous mode
[  208.305715][T10273] batman_adv: batadv0: Interface activated: batadv_slave_0
[  208.316138][T10273] batman_adv: batadv0: Interface activated: batadv_slave_1
[  208.325325][T10273] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  208.334054][T10273] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  208.342864][T10273] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  208.351728][T10273] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.412581][T10273] ieee80211 phy16: Selected rate control algorithm 'minstrel_ht'
[  208.975805][ T5834] bond0: (slave syz_tun): Releasing backup interface
[  208.983140][ T5834] syz_tun (unregistering): left allmulticast mode
[  210.531747][ T9760] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.898246][ T9760] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.959396][ T9760] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.008200][ T9760] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.066935][ T9760] bridge_slave_1: left allmulticast mode
[  212.072708][ T9760] bridge_slave_1: left promiscuous mode
[  212.078537][ T9760] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.087099][ T9760] bridge_slave_0: left allmulticast mode
[  212.092739][ T9760] bridge_slave_0: left promiscuous mode
[  212.098884][ T9760] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.165409][ T9760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.177428][ T9760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.186998][ T9760] bond0 (unregistering): Released all slaves
[  212.331920][ T9760] hsr_slave_0: left promiscuous mode
[  212.337782][ T9760] hsr_slave_1: left promiscuous mode
[  212.343554][ T9760] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.351067][ T9760] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.359128][ T9760] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.366903][ T9760] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.376918][ T9760] veth1_macvtap: left promiscuous mode
[  212.382550][ T9760] veth0_macvtap: left promiscuous mode
[  212.390105][ T9760] veth1_vlan: left promiscuous mode
[  212.395541][ T9760] veth0_vlan: left promiscuous mode
[  212.502416][ T9760] team0 (unregistering): Port device team_slave_1 removed
[  212.529583][ T9760] team0 (unregistering): Port device team_slave_0 removed