last executing test programs:

2.753526985s ago: executing program 4 (id=1795):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x3308, 0x0, 0x3ff, 0x40, r2, 0x2, '\x00', 0x0, r2, 0x0, 0x1, 0x6, 0x0, @void, @value, @void, @value}, 0x50)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000100100"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
r4 = socket(0x28, 0x800, 0x0)
bind$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
listen(r4, 0x0)
r5 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r5, &(0x7f0000000080), 0x10)
shutdown(r5, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x2, 0x10000000000002)
close(0x3)

2.532511155s ago: executing program 4 (id=1801):
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000500)=ANY=[@ANYBLOB="64010039", @ANYRES16, @ANYBLOB="040026bd7000fbdbdf251b0000000500920005000000b8002280040000800c000080080005000180000024000080080006000300000008000400070000000800050005000000080007000700000044000080080003000800000008000100000000000800050058020000080006000500000008000200070000000800060008000000080001008efeffff080005000f0000003c0000800800030009000000080003000000000008"], 0x174}, 0x1, 0x0, 0x0, 0x44}, 0x4)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x14, 0x0, 0x2, 0x70bd25}, 0x14}}, 0x40000)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x11, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000eeff120000000a0004007778616e3300000008001500", @ANYRES32=0x0, @ANYBLOB="080001"], 0x30}}, 0x0)

2.363128878s ago: executing program 4 (id=1802):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xfff1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ALPHA={0x8, 0x5, 0xb}, @TCA_FQ_PIE_BETA={0x8, 0x6, 0x7}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x4091)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)
unshare(0x20000400)
r2 = socket$l2tp(0x2, 0x2, 0x73)
r3 = socket(0x1d, 0x2, 0x6)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x1}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r3)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NOTIFY_RADAR(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r5, 0x400, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8000}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}]}, 0x34}}, 0x4044000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000140)=@framed={{}, [@jmp={0x5, 0x0, 0xd, 0x0, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.350197611s ago: executing program 2 (id=1804):
unshare(0x68040200)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x62040200)
r1 = accept4(r0, &(0x7f0000000140)=@generic, &(0x7f0000000000)=0x80, 0x0)
getsockopt(r1, 0x7, 0x3, &(0x7f00000001c0), &(0x7f0000000240))
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x7, @local, 0x3}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='vcan0\x00', 0x10)
sendto$inet6(r2, 0x0, 0x0, 0x40800, 0x0, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in=@rand_addr=0x64010102, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x1, 0x0, 0xe00000000, 0x40, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@private1, 0x0, 0x32}, 0xa, @in=@local, 0x0, 0x4}}, 0xe8)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001a000100000000000000000002000000000000030038000008000100ac1414"], 0x24}}, 0x0)

2.346125857s ago: executing program 0 (id=1805):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000000), 0x4)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYRESOCT=r1, @ANYRES16=r2, @ANYBLOB="01000000000000000000010000000800010000000000080008800400128008000200010000002c0004800500030000000000050003000000000005000300000000000500030000000000050003"], 0x58}}, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
epoll_create1(0x80000)
ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f0000000280)=@generic={0x1, 0xc6f2, 0x9})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x9}, 0x8)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$inet(0x2, 0x6, 0x0)
shutdown(r8, 0x0)
recvmmsg(r8, &(0x7f00000066c0), 0xa0d, 0xf0, 0x0)
connect$inet(r8, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
clock_gettime(0x9, &(0x7f0000000280))
pipe(&(0x7f0000000040))
syz_emit_ethernet(0x36, &(0x7f00000003c0)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @random="24475466a8f0", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "902d03", 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}}}}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[], 0x54}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x13, &(0x7f0000000400)=ANY=[@ANYBLOB="18000001000000000000", @ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7020000010000008500000086000000bf91000000000000b7020000000000008500000085000000b700", @ANYRES16=r5], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, @void, @value}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e00000000000000080008", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000280)={r10, 0x0, &(0x7f0000000200)=""/76}, 0x20)
getsockopt$sock_buf(r4, 0x1, 0x3d, &(0x7f0000000000)=""/167, &(0x7f00000000c0)=0xa7)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x2, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055000000950000000000000085100000f5ffffffbf91000000000000b7020000000000008500000085000000b7000000000000009500"/104], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0xe)

2.286765715s ago: executing program 1 (id=1806):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280), &(0x7f0000000340)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xf}}}, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x0, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000600)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0xfffff000, 0xe, 0x0, &(0x7f0000000040)="61df712bc884fed5722780b605a7", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
recvmmsg(r5, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x162, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x4, 0x1, 0x0, 0x0, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x4}}}}]}]}, 0x70}}, 0x20040000)
read$alg(r6, &(0x7f00000001c0)=""/170, 0xaa)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$kcm(0x2, 0x200000000000001, 0x106)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(r8, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0xc001, @multicast1}, 0x10, 0x0}, 0x30004001)
setsockopt$sock_attach_bpf(r7, 0x1, 0x24, &(0x7f0000000000), 0x4)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

2.12800616s ago: executing program 1 (id=1808):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
r1 = socket$phonet(0x23, 0x2, 0x1)
ioctl$SIOCPNDELRESOURCE(r1, 0x89ef, &(0x7f0000000080)=0x6)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x5d0, 0x1b0, 0x310, 0x0, 0x1b0, 0xd0, 0x500, 0x500, 0x500, 0x500, 0x500, 0x6, 0x0, {[{{@ipv6={@mcast2, @private1, [], [0x0, 0xff], 'macvlan1\x00', 'veth1_to_bridge\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'syzkaller0\x00', 'team_slave_1\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0xfd}, {0xffffffffffffffff}, {}, 0xf3d9, 0x2}}}, {{@ipv6={@mcast1, @remote, [], [0xff, 0x0, 0x0, 0xff], '\x00', 'dummy0\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @mcast1, @empty, [0x0, 0x0, 0xff]}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x1000, 0x6, 0x3}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x630)
r3 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x140, 0x5c, 0x160, 0x140, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @dev, [], [], 'veth0_to_batadv\x00', 'wg1\x00', {}, {0x222cecdb0fb5a62a}, 0x3a}, 0x5002, 0xf8, 0x140, 0x52020000, {0x0, 0x6802000000000000}, [@common=@icmp6={{0x28}, {0x0, "d176"}}, @common=@unspec=@state={{0x28}, {0xfffffffd}}]}, @unspec=@CT0={0x48}}, {{@ipv6={@local, @private2, [], [0xff], 'veth1_to_hsr\x00', 'dummy0\x00', {}, {}, 0x88}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)
getsockopt$inet_int(r3, 0x0, 0x16, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x48014}, 0x20004000)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=r4, @ANYBLOB="10002abd7000ffdbdf250400000006001d000300000014001f00fc00000000000000000000000000000105002100000000"], 0x38}, 0x1, 0x0, 0x0, 0x28040084}, 0x4000001)
unshare(0x6a040000)
r5 = socket$alg(0x26, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000480)=ANY=[], &(0x7f0000000080)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$alg(r5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x8890}, 0x4002)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000340)={'wpan0\x00'})
unshare(0xc000000)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24048040}, 0x2)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=ANY=[@ANYRES32], 0x4c}, 0x1, 0x0, 0x0, 0x24040000}, 0x24000815)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x12, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000400000000000000000000000850000003900000095"], &(0x7f0000000140)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x2d, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x0, 0x300)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0)

1.803199462s ago: executing program 3 (id=1810):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380)}, 0x4)

1.792850319s ago: executing program 3 (id=1811):
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x6)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="5ca62bbd7000ffdbdf2505000000500001800f00010069623a697036746e6c30000008000300070000000d0001007564703a73797a32000000002400028008000400610100000800040080000300080002008000"/94], 0x64}, 0x1, 0x0, 0x0, 0x20000040}, 0x24020091)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)={0x98, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_SYNPROXY={0x6c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0xf0}, @CTA_SYNPROXY_TSOFF={0x0, 0x3, 0x1, 0x0, 0xf67}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_SYNPROXY_ISN={0x8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_TSOFF={0x8}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x7fffffff}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x7}]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x1}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0xfffffffc}, @CTA_LABELS_MASK={0x4}, @CTA_LABELS={0x4}]}, 0x98}, 0x1, 0x0, 0x0, 0x8020}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0009000000000000000000010000d63e82c552fada28fee50487a90080c33cdb4fd1f890b6c8720000000000001001800ccb9053feebed61bf08d571c4d958935b00f9e95c30280000000000d70c7ae435a22b6604b3bc55e48300957d4b06ba46efdd79f323055708df601dfc3237d4c9e861a860e8e4e57d21b3fe276dc607e1e589c3be24caf949ee69df4984748e0aca132081105811c4bc6e5351bdbdda4f001e8a74fb263fbf9c243c632e69a5341b9d4b860b2f58b4c95ccd9a29f728f2f462e1e6aa325b078730bec3abbf5d5f49338cd66cfca734cddaa73a6ec46e1b02aed5760905cccac980b1246e69cff28226d3940f5d568e4c5b73852d18984e4522ef2078d6727dec0f7e4a6d7eab21b7fce34d1536b4aab1c6894984fd17fec514fed7c7ffd6c95d0f38562c861860fa31ba926d330858847e1dfae822230c696b6bf200dcad90aa32e8ee2fb8360f852f137edee8cc42b5a0748f0106fe8e0c2178055122fb2d44d0cbca396756e00c9521731318a83c4feacb325fa0a93f7f46b567ecb29c145ead8e733f9f5519cfb1c2a986ca57dbfc0dfdb3c9c8cf5d0ff36eadf92f6464b669dc998ae65bb21080ab530d65e28ac7b7456365002b9ebd11c62b8a536c63964a172ce2edd7d08acd255eba86fcbc9ee03b2c8d13"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x20004050)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r7=>0x0})
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f0000000300)={&(0x7f0000000440)=""/80, 0x328000, 0x1000}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r8, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r9, 0x0, 0xca, &(0x7f0000000140)={0x5, 0x1, 0x8, 0x2, @vifc_lcl_addr=@multicast1, @broadcast}, 0x10)
setsockopt$MRT_FLUSH(r9, 0x0, 0xd4, &(0x7f0000000040)=0x8, 0x4)
setsockopt$XDP_RX_RING(r8, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'})
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4)
bind$xdp(r8, &(0x7f0000000100)={0x2c, 0x8, r7, 0xfffffffe}, 0x10)
bind$xdp(r5, &(0x7f0000000240)={0x2c, 0x1, r7, 0x0, r8}, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmmsg(0xffffffffffffffff, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x1)
r10 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000e80)=@raw={'raw\x00', 0x8, 0x3, 0xaa8, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x9d8, 0xffffffff, 0xffffffff, 0x9d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x73, 0x0, 0x0, 0x45}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x43}}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, [], [0x0, 0xffffffff, 0xff000000], 'wg1\x00', 'gre0\x00'}, 0x0, 0x8e0, 0x908, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3fb, 0x0, 0x8}}}, @common=@unspec=@u32={{0x7e0}, {[{[{0x7fff, 0x1}, {0x8, 0x3}, {0xfffff7ec, 0x1}, {0xfff, 0xbd3626e1c8b1df09}, {0x5, 0x2}, {0xb34c, 0x3}, {0x2}, {0xe48b, 0x2}, {0x101, 0x2}, {0x5, 0x2}, {0x5}], [{0x400}, {0x6, 0x8001}, {0x401, 0x40}, {0x7fff}, {0xffffc1b1, 0x32de}, {0xfff, 0x8}, {0x2, 0x9}, {0x1, 0xbbca}, {0x83, 0x1}, {0x5, 0x7}, {0x3}], 0x1, 0x7}, {[{0x9, 0x3}, {0x6, 0x3}, {0x4, 0x3}, {0x1, 0x2}, {0x9, 0x1}, {0xfffffffa}, {0x0, 0x2}, {0x80000000, 0x3}, {0x80000001}, {0x8001, 0x2}, {0xff, 0x3}], [{0x7, 0x5}, {0x3, 0x6b6}, {0x4, 0x400}, {0x3}, {0x4, 0xfff}, {0x3ff, 0xe5d7}, {0x6, 0x3ff}, {0xa78, 0xffffffff}, {0xa9e1, 0x3}, {0x8, 0x1000}, {0xc7, 0xf385}], 0x6, 0x3}, {[{0x101, 0x2}, {0x9}, {0x3, 0x3}, {0x2, 0x3}, {0x48}, {0x9, 0x2}, {0x1, 0x2}, {0x7, 0x2}, {0x9}, {0x7, 0x1}, {0x0, 0x3}], [{0xfffffffb, 0x5}, {0x8, 0xa17}, {0x80, 0x4}, {0x8}, {0x3, 0x7}, {0x5e18, 0x7}, {0x4, 0x101}, {0x7, 0xfff}, {0xd, 0x7f}, {0x2, 0x2}, {0xfb3, 0xa94}], 0xb, 0x4}, {[{0x8, 0x1}, {0x4, 0x2}, {0x4e, 0xc781c4f1f9c1fa4f}, {0x8, 0x1}, {0x4e5, 0x2}, {0x3, 0x3}, {0x6, 0x1}, {0x7, 0x1}, {0x5, 0x2}, {0xfff}, {0x4}], [{0x9, 0x8001}, {0xffff, 0x4}, {0x7fff, 0xf}, {0x66d, 0x9}, {0x92, 0xb}, {0x3, 0x6}, {0x7, 0xfff}, {0x1, 0xff}, {0x1, 0x1}, {0x0, 0x8}, {0x1, 0xff}], 0xa}, {[{0x5, 0x2}, {0x7a3, 0x2}, {0x1, 0x3}, {0x100, 0x3}, {0x40}, {0x8d, 0x1}, {0x8, 0x3}, {0x9, 0x3}, {0x8, 0x2}, {0x1, 0x1}, {0x7}], [{0x854f, 0x6b}, {0x7, 0x7}, {0x6, 0x80}, {0x3, 0xffc00000}, {0x7}, {0x3, 0x6}, {0x2, 0xf17}, {0x25, 0x401}, {0x200, 0x84b}, {0x7fff, 0x80}, {0x3, 0x1}], 0x4, 0x8}, {[{0xc3d, 0x147d12363fe5c40a}, {0x64, 0x1}, {0xf, 0x3}, {0x5, 0x1}, {0x7fffffff, 0x2}, {0x5}, {0x2af0, 0x2}, {0x1bd6, 0x2}, {0x1, 0x2}, {0x7, 0x1}, {0x7, 0x2}], [{0x92b, 0x1ff}, {0x1, 0xf458}, {0x5, 0x3}, {0x84, 0x1}, {0xe923, 0x7fff}, {0x4, 0xe}, {0x3, 0x6}, {0xad3f, 0x59f}, {0x4, 0xfffffffc}, {0x6}, {0x5, 0x6f}], 0x9}, {[{0x8}, {0x2f, 0x1}, {0x7, 0x1}, {0x0, 0x2}, {0x3, 0x3}, {0x0, 0x1}, {0x1, 0x3}, {0x8, 0x3}, {0x7}, {0x2}, {0x2, 0x3}], [{0x101, 0x80000000}, {0x1, 0x9}, {0x40, 0xff}, {0x4, 0x2}, {0x5, 0x6}, {0x2, 0x5}, {0x0, 0x3}, {0xe, 0x5}, {0x6, 0x1ff}, {0xc, 0x7}, {0x1, 0x4}], 0xb, 0x7}, {[{0x8c, 0x1}, {0xd}, {0x10000, 0x2}, {0x8, 0x2}, {0x3, 0x3}, {0x0, 0x3}, {0x1ff, 0x1}, {}, {0xc, 0x1}, {0xf0f}, {0xf629}], [{0x4, 0x5}, {0x35f7, 0x1}, {0x401, 0xf6}, {0x94, 0xd16}, {0x8, 0x5}, {0x35, 0x4929}, {0x8001, 0x5}, {0x1000, 0x9}, {0x9f, 0x65}, {0x9, 0x4}, {0x9, 0xf0a9}], 0x1, 0x4}, {[{0x9, 0x1}, {0x9, 0x2}, {0x7, 0x1}, {0x4, 0x4adbb8db8b6f3087}, {0x3}, {0x3, 0x3}, {0x7ff}, {0x7, 0x1}, {0x10000, 0x3}, {0x0, 0x2}, {0x80000000, 0x1}], [{0xf767, 0x8}, {0xc, 0x5}, {0x9, 0x8}, {0x6, 0xb23}, {0x101, 0x4}, {0xfffffff7, 0xb98}, {0x10001, 0x8f}, {0x9, 0xa83}, {0xd, 0x1}, {0x4, 0xe00}, {0x7, 0x444}], 0x6, 0x4}, {[{0x2, 0x3}, {0x2}, {0x26914786, 0x3}, {0x3}, {0xd7f, 0x1}, {0x7fffffff}, {0xf}, {0x4, 0x2}, {0x8, 0x1}, {0x4, 0x3}, {0xe, 0x1}], [{0xb59, 0x6}, {0x4, 0x70c063f5}, {0x2, 0xfffffffe}, {0x5, 0x6}, {0x10000, 0x872}, {0x6, 0x8}, {0xffff, 0x7}, {0x7, 0x4}, {0x6, 0x10}, {0xfff, 0xa}, {0x81, 0x4}], 0xb, 0x4}, {[{0x200, 0x1}, {0x2, 0x3}, {0xa, 0x1}, {0x3ff, 0x1}, {0x7}, {0x1, 0x2}, {0x6, 0x3}, {0x7}, {0x92, 0x3}, {0x6, 0x1}, {0x7fffffff, 0x2}], [{0x3, 0xbbb9}, {0x4, 0x400}, {0xdec, 0x9}, {0x7, 0x1d}, {0x0, 0x9a}, {0x1, 0x7}, {0x1, 0xf580}, {0x4, 0x9f}, {0x2, 0x4}, {0x5, 0x7}, {0xfff, 0x1}], 0x5, 0x7}], 0x4, 0x1}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x8, 0xff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0xb08)

1.455340185s ago: executing program 4 (id=1812):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000010000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000047733757000000000000000085000000ba00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x17fe, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000006640), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000006740)={0x0, 0x0, &(0x7f0000006700)={&(0x7f0000006680)={0x68, r2, 0x1, 0x2, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0x783, @media='eth\x00'}}}}, 0x68}}, 0x40000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x4, 0x9, 0x0, 0x1, 0x70030000}}}, &(0x7f0000000200)='syzkaller\x00', 0x9, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1.387273595s ago: executing program 2 (id=1813):
syz_emit_ethernet(0x26, &(0x7f0000000000)={@multicast, @random="bad4f9431624", @val={@val={0x88a8, 0x0, 0x1, 0x2}, {0x8100, 0x4}}, {@can={0xc, {{0x3, 0x1}, 0x0, 0x7, 0x0, 0x0, "ca3b7d1e0f1c33d0"}}}}, 0x0)

1.343347382s ago: executing program 0 (id=1814):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={<r0=>0x0}, &(0x7f0000000280)=0xc)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.empty_time\x00', 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r0, r1, 0x0, 0x1c, &(0x7f0000000000)='/proc///\x00\x82q\xee\x00!\xbd\xc2\x98#YP\xee\x9c2G\xf0\x81x\x97'}, 0x30)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffbfffb702000008000000b703000000000000850000007b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r4, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x0, 0x2a, 0x0, &(0x7f0000000080)="e02742e8680d85ffd782762f0800ae017b99508578ca7070610b4ce9470af5f9534e", 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x3a)
socket$rds(0x15, 0x5, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r7, &(0x7f0000000100)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9232f328db0049d90491ceaebfd26d4eef23248000000f858dbb8a1905234", 0x34}, {&(0x7f0000000180)='\x00\x00\x00\x00\x00', 0x5}, {&(0x7f0000000300)="22366aeb0f9a2bef25", 0x9}], 0x3)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r6, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000540)={0x128, 0x0, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0x128}, 0x1, 0x0, 0x0, 0x4}, 0x80)

1.317217833s ago: executing program 2 (id=1815):
socket$inet_dccp(0x2, 0x6, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000000)=ANY=[@ANYBLOB="34010000170001030000000000000000ffffffff0000000000000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000000ffff7f000001ff01000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e0000001000000000000000000000000fc02000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00\b'], 0x134}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) (async)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f00000004c0)="5f74a874eec639d0a431865ae40232b2c254da19197c3cca19e638475bfe0bebe18e3b", 0x23}], 0x1}, 0x4000000) (async)
setsockopt$sock_attach_bpf(r1, 0x84, 0x1e, &(0x7f0000000000), 0x10)
socket$kcm(0x2, 0x3, 0x2)
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8916, &(0x7f0000000040)={'wg1\x00', @random="0200ac7f7f00"})
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
r4 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0) (async)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x45, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4803}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)

1.219151971s ago: executing program 3 (id=1816):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(twofish-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="a95c55bcc79e923241fddecb4a9762a5", 0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x22}, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6a}, 0x2c)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000005500010e0e0000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0)
sendmmsg$alg(r2, &(0x7f00000000c0), 0x492492492492627, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x4, 0x0}, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
syz_emit_ethernet(0xc2, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x4, 0x3, {0x26, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @multicast2, {[@lsrr={0x83, 0x13, 0xd7, [@multicast2, @multicast1, @remote, @broadcast]}, @cipso={0x86, 0x31, 0x3, [{0x5, 0xe, "ca7b14fffffff50000000000"}, {0x5, 0x8, "120ca487597b"}, {0x5, 0x3, "cb"}, {0x2, 0x5, "67bace"}, {0x2, 0xd, "dba3c872e70f02a7f40b9b"}]}, @timestamp_addr={0x44, 0x3c, 0xc5, 0x1, 0xe, [{@rand_addr=0x64010100, 0x845ea2e}, {@multicast2, 0x9}, {@local, 0x400}, {@multicast2, 0x9}, {@rand_addr=0x64010101, 0x2}, {@broadcast, 0x5}, {@empty, 0x2}]}, @noop]}}}}}}}, 0x0)

1.218656265s ago: executing program 4 (id=1817):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x40, 0x20}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x0, 0x8, 0x4}]}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1590}]]}, 0x24}}, 0x0)

1.152870555s ago: executing program 1 (id=1818):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$key(0xf, 0x3, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$bt_hci(r0, &(0x7f00000000c0)={0x1f, 0xffffffffffffffff, 0x3}, 0x2)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000200)=0x3, 0x4)
write$bt_hci(r0, &(0x7f0000000200)=ANY=[], 0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="0000000600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), r8)
sendmsg$SMC_PNETID_FLUSH(r8, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, r9, 0x20, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x24000001}, 0x4000)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r8, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, r10, 0x711}, 0x14}, 0x1, 0x0, 0x0, 0x4000014}, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(r2, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x144, r10, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x40}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9}]}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7ff}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wg1\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xa}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7f}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}]}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wlan1\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80000000}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0xff}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@empty}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x5c}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3b}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x49}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x144}, 0x1, 0x0, 0x0, 0xc850}, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26, 0x0, 0x0, @void, @value}, 0x10)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
recvmsg$unix(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001780)=""/4071, 0xfe7}], 0x1}, 0x40020000)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x4)

1.04869279s ago: executing program 2 (id=1819):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000010850000006d00000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r2 = socket(0x840000000002, 0x3, 0x100) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000008c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000002c00010324bd7002f9dbdf2506"], 0x14}, 0x1, 0x0, 0x0, 0xc850}, 0x40000) (async)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4000, @empty}, 0x10) (async)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=ANY=[@ANYBLOB="180000000f14010000000000002900e9070045006d6164"], 0x18}}, 0x0) (async)
listen(0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r8 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r8, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r8, 0x1, 0x3e, &(0x7f0000000100)=r9, 0x4) (async)
write$cgroup_subtree(r7, &(0x7f00000002c0)=ANY=[@ANYRES8=r2, @ANYRES16=r3], 0x32600) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000000)={0x18, 0x6}) (async)
mmap(&(0x7f000039f000/0x1000)=nil, 0x1000, 0x300000c, 0x11, r6, 0x9cc21000) (async)
getpeername$packet(r2, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0xc)
getsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000300)={<r10=>0x0, @empty, @private}, &(0x7f0000000580)=0xc)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@ipv6_delroute={0x130, 0x19, 0x20, 0x70bd2c, 0x25dfdbfb, {0xa, 0x20, 0x14, 0x95, 0xfd, 0x3, 0xfe, 0x3, 0x3100}, [@RTA_METRICS={0xe8, 0x8, 0x0, 0x1, "aa29cfb63033e6b9465935c3d600f75e8e5268f9895d2e0827081746d265694f7f37d05c393407e2281f2524d822d1715e771193c0d087679d9d0cf47e903b9e5d4c050f7017390cef43962f5ec45201c6ddb72a847c739380b276425dd2f0e0dfebc397fabcd95fed18b541600632cd8a8ac61752d01b27328b7913c9b0610c26dca056097e606827f65e930b6c852e8442dc4ad92c6a4af28dd8b7d0e285e4d1c89e845a75695e64a5d2e410119aeb2424b981d3e6512f9e49ffc09edec65827810725df726b0377875137f15e3993113e99b64ed08653a9733d4eb4b77aa8e2f0b580"}, @RTA_OIF={0x8, 0x4, r10}, @RTA_GATEWAY={0x14, 0x5, @loopback}, @RTA_PREF={0x5, 0x14, 0x5}, @RTA_OIF={0x8}]}, 0x130}, 0x1, 0x0, 0x0, 0x40004}, 0x4000810)
r11 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r11, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
ioctl$sock_inet_SIOCSARP(r11, 0x8955, &(0x7f0000000100)={{0x2, 0x4e23, @rand_addr=0x64010101}, {0x6, @local}, 0x8, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 'syzkaller0\x00'})

906.093296ms ago: executing program 3 (id=1820):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000003800)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x1, 0x1000, 0x6, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0xfffff5ea, 0x6, 0x8, 0x1a, 0x9, 0x6, 0x3, 0x4, 0x178, 0x5, 0x1, 0x9, 0x9b2d, 0x12000, 0x1, 0x80000001, 0x80000001, 0x5, 0xfffffffb, 0x4, 0x10001, 0x4, 0x9, 0xfff, 0x0, 0x6, 0x8, 0x101, 0x7, 0x1ff, 0x8, 0x60, 0x7, 0x2, 0x5, 0x5d57, 0x2, 0x3, 0x7fff, 0x6, 0x7, 0x6, 0x8, 0x1, 0x0, 0xfff, 0x69d, 0x5, 0x2, 0xfffffff7, 0x3, 0x3, 0x101, 0x8001, 0x7, 0x7, 0x8, 0x3, 0x0, 0x92c8, 0x0, 0x2, 0x5, 0x26, 0xffffffff, 0x375efe9a, 0x1, 0x80000000, 0xffffffff, 0x5, 0x7, 0x80, 0x40, 0x8, 0x200, 0x7, 0x8, 0x6, 0x6, 0x5, 0x6, 0x2, 0x7, 0x3, 0x5, 0x9, 0xbf, 0x7, 0x6, 0x0, 0x40000000, 0x800, 0x7, 0x8, 0xfffffff8, 0x8, 0x200, 0x1, 0x7f, 0x8, 0x8, 0x1, 0xadf, 0x400, 0xa9, 0x1, 0x1, 0xff, 0x73, 0x1, 0x9, 0x5, 0x7f, 0x1, 0x2, 0x5e8afbb3, 0x2, 0x48, 0x3, 0x9, 0x8, 0x9, 0x1ff, 0x0, 0x6, 0x95, 0x6, 0x0, 0x3, 0x9, 0x3, 0x1, 0x1, 0x1, 0xb7, 0xaa2dd66, 0x0, 0x9, 0x3, 0x1, 0xfff, 0x4, 0x80000000, 0x3, 0x0, 0x808a, 0x3, 0x60000000, 0xa4, 0x2, 0x2, 0x954, 0x1, 0x2, 0x3, 0xd00, 0xfffffe01, 0x81f, 0x6, 0x4, 0x0, 0x3, 0xfffffff9, 0x6, 0x2, 0x8, 0x5, 0x0, 0x7, 0xfffffe00, 0x9, 0xa, 0x7ff, 0x7, 0x2, 0x6, 0x9, 0x6, 0xd59, 0x3, 0xc, 0x7fff, 0x8, 0xf3, 0x8, 0x4, 0x800, 0x4, 0x9, 0x3, 0x2, 0x53de, 0x0, 0x5b, 0x3, 0x1, 0x401, 0x1f400000, 0x8, 0x8, 0x0, 0x0, 0x5, 0xe, 0x6, 0x5, 0x200, 0xcd, 0x2, 0x1, 0xd3ec, 0x7, 0x400, 0x5, 0x1, 0x2, 0x3, 0x80000000, 0x13c13754, 0xffffffff, 0xcd15, 0x8, 0xbc8, 0xbc, 0xe8, 0x100, 0xe, 0xb, 0x8, 0x2, 0x1000, 0x2, 0x81, 0x7fff, 0x8001, 0x5, 0x8, 0xd4f, 0xfff, 0x6, 0x4, 0x8001, 0x4, 0x9, 0x0, 0x9b, 0x3, 0x2, 0x9, 0x3, 0xfffffff8, 0x6, 0x5, 0x8, 0x3]}]]}, {0x4}, {0xc, 0xb, {0x1}}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x7f, &(0x7f00000003c0)=0x5, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b700000040ecffff7f00000000000000850000000c0000009500000000000a6682f08a000000e2dd39d1a88073c9479e9a907c994a09566dbbf1acd717fd83e985be33d8ef246cc4127ed247d35d238f671bc6c8a3d87944f1e6cb4082687905ba8112df4f033094c6620ed86d419d9e0c9477aad30aeb621b22642efc3581f1f66fcafb238b9800fe8548aa7216e135ee8487402c6b9d338fbbb3d93a5f4b28679933490af177ae3b5ab1ddfb30d861d7d23e20d362cf5e8237ffb792fc19da30c74ea15047b6ea85b4b0bf03b4fd449f5167801af2f09903b2cb2686b62ff116e6ba89d355675381106b46aa36ba452f5e00e62f379e1524ef06"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xb9, &(0x7f000000cf3d)=""/185, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r5, &(0x7f0000000200)=@in4={0x21, 0x0, 0x2, 0x8, {0x2, 0x0, @empty}}, 0x24) (async)
connect$rxrpc(r5, &(0x7f0000000200)=@in4={0x21, 0x0, 0x2, 0x8, {0x2, 0x0, @empty}}, 0x24)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r4}, 0x10)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0)
r7 = accept4$ax25(r6, &(0x7f0000000500)={{0x3, @default}, [@remote, @remote, @bcast, @remote, @rose, @netrom, @remote, @rose]}, &(0x7f0000000580)=0x48, 0x80000)
connect$ax25(r7, &(0x7f00000005c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @bcast]}, 0x48) (async)
connect$ax25(r7, &(0x7f00000005c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @bcast]}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b05, &(0x7f00000004c0)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b05, &(0x7f00000004c0)={'wlan0\x00'})
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x260, 0x108, 0x0, 0x0, 0x108, 0x108, 0x1c8, 0x1c8, 0x1c8, 0x1c8, 0x1c8, 0x3, 0x0, {[{{@ip={@rand_addr, @dev, 0x0, 0x0, '\x00', 'veth0\x00', {}, {}, 0x21}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@inet=@dccp={{0x30}, {[], [], 0xf00, 0x10}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x4}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2c0) (async)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x2, 0x3, 0x260, 0x108, 0x0, 0x0, 0x108, 0x108, 0x1c8, 0x1c8, 0x1c8, 0x1c8, 0x1c8, 0x3, 0x0, {[{{@ip={@rand_addr, @dev, 0x0, 0x0, '\x00', 'veth0\x00', {}, {}, 0x21}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@inet=@dccp={{0x30}, {[], [], 0xf00, 0x10}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x4}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2c0)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000400)={'wpan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000400)={'wpan0\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000002b40), r12) (async)
r13 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000002b40), r12)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000ac0)=@nat={'nat\x00', 0x1b, 0x5, 0x350, 0x0, 0x178, 0xffffffff, 0x0, 0xd0, 0x2b8, 0x2b8, 0xffffffff, 0x2b8, 0x2b8, 0x5, &(0x7f00000006c0), {[{{@ip={@empty, @dev={0xac, 0x14, 0x14, 0x29}, 0xffffffff, 0x0, 'tunl0\x00', 'nicvf0\x00', {0xff}, {0xff}, 0x1, 0x1, 0x6}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0x3, "fd95"}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @empty, @loopback, @port=0x4e23, @gre_key=0x5}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x3, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @gre_key=0xda, @icmp_id=0x66}}}}, {{@ip={@empty, @broadcast, 0xff, 0xffffffff, '\x00', 'hsr0\x00', {0xff}, {}, 0x16, 0x5}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x4, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, @port=0x4e24, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r9) (async)
r14 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000740), r9)
sendmsg$IEEE802154_ASSOCIATE_RESP(r12, &(0x7f00000008c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000800)={0x4c, r14, 0x0, 0x70bd2a, 0x8, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa3}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x8}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x7}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x7}]}, 0x4c}, 0x1, 0x0, 0x0, 0x5}, 0x4000041)
sendmsg$NLBL_MGMT_C_ADD(r12, &(0x7f0000002c40)={0x0, 0x0, &(0x7f0000002c00)={&(0x7f0000002b80)={0x34, r13, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'net/l2cap\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000080)
sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000408}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x1c, r13, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000550011022abd7000fddbdf2507000000", @ANYRES32=0x0, @ANYBLOB="170002"], 0x38}, 0x1, 0x0, 0x0, 0x84}, 0x0) (async)
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000550011022abd7000fddbdf2507000000", @ANYRES32=0x0, @ANYBLOB="170002"], 0x38}, 0x1, 0x0, 0x0, 0x84}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)={0x38, r8, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x81}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x84) (async)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)={0x38, r8, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x81}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x84)

905.463898ms ago: executing program 0 (id=1821):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380)}, 0x4)

905.048757ms ago: executing program 4 (id=1822):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000440)={'syztnl2\x00', <r3=>0x0, 0x2f, 0xf, 0x55, 0x80000001, 0x4c, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1, 0x7800, 0x8, 0xbc58, 0x9}})
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r0, &(0x7f0000000600)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x3c, 0x0, 0x2, 0x2, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x20, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8c0}, 0x44000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r2}, 0x10)
r4 = socket$kcm(0x29, 0x5, 0x0)
recvmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000000)=@can, 0x80, &(0x7f0000000080)=[{&(0x7f0000000340)=""/223, 0xdf}], 0x1, &(0x7f0000000680)=""/245, 0xf5}, 0x100)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000003d0007010000000000000000027c0000040000000c000180060006000806"], 0x24}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="0500000000000000000009000000240004800c00078008000600000000001300010062726f6164636173742d6c696e4fdb"], 0x38}}, 0x0)

891.458013ms ago: executing program 1 (id=1823):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) (async)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
pwrite64(r0, &(0x7f0000000140)="72b0be64e487847b0f6ac346a8d0081cfedacb4b96df87f05875de6f1dc6c7cda55884d9f8233e8323a163504fc324030b4f50d780bfc33c35f1c8337f45d568c2edc98e93d1a946cc7c9e6526c0d55f77f9255ee8dcc31fdc20782f89546ba25440e8fb9490a912c8a860db9e4738d83a12f40a04302942d21dbd4078be395ae8f3b90a97eba896125d", 0x8a, 0x8e1)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r3)
sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="eb8f000000000000000007"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r2) (async)
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0xfffffffffffffff5, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x18, 0x10, 0x3}, @TCA_FQ_FLOW_MAX_RATE={0x2, 0x2}, @TCA_FQ_PLIMIT={0x0, 0x1, 0x5}]}}]}, 0x48}}, 0x0)
socket$packet(0x11, 0x2, 0x300) (async)
r8 = socket$packet(0x11, 0x2, 0x300)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'hsr0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'hsr0\x00', <r10=>0x0})
sendto$packet(r8, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x11, 0x8100, r10, 0x1, 0x1, 0x6, @multicast}, 0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@delqdisc={0x78, 0x25, 0x300, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0x5, 0x10}, {0xfff3, 0x4}, {0x9, 0xf}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}, @TCA_RATE={0x6, 0x5, {0x8, 0xff}}, @qdisc_kind_options=@q_pie={{0x8}, {0x34, 0x2, [@TCA_PIE_BETA={0x8}, @TCA_PIE_ALPHA={0x8, 0x4, 0x6}, @TCA_PIE_ALPHA={0x8, 0x4, 0x1a}, @TCA_PIE_ALPHA={0x8, 0x4, 0x6}, @TCA_PIE_BYTEMODE={0x8, 0x7, 0x1}, @TCA_PIE_TARGET={0x8, 0x1, 0x9}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5a}]}, 0x78}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000040)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x18, r1, 0x1, 0xffffffff, 0x0, {}, [@TIPC_NLA_NODE={0x4}]}, 0x18}}, 0x4000000) (async)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x18, r1, 0x1, 0xffffffff, 0x0, {}, [@TIPC_NLA_NODE={0x4}]}, 0x18}}, 0x4000000)
r11 = socket$kcm(0x10, 0x2, 0x0)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
r13 = socket$inet_sctp(0x2, 0x5, 0x84)
r14 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sendmsg$sock(r14, &(0x7f0000000940)={&(0x7f0000000480)=@phonet={0x23, 0x0, 0xa, 0x1}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000500)="45b03a19d14c3d5b99d5f994fe153a12ca39579e6ee030909a701713843f453f2bc3c2ef4db6269dbcebd9df05d6977ef27a1af1f971b2ca97c73c1d48302f11c414754cc411bc2f9505619d42d2d70479dc328065c30c3fbb7c70e35f777681698ccbdb69a4437e1189f5063cd417b3df7308bc1cf807260650810a1ef3fc28e3c93275b230fcb6a5", 0x89}, {&(0x7f00000005c0)="cd13c84144f63e0906df58e25c0726dcdfb4e96a7b62e1bee298f8e2574ee51670a6a221c2ead0f703775b067cb32682588bf7d0cbcdb422da744dc3ada4bbd2940a0c8f335ab8fac2c646aa8984aeacbd898b16cf44763e9ba6acbe6172d59e838289e15585a30d4ba87557db4730e70098f33de954aa64515d5fd1ff4e8419118494a1bae2e475ec0b61f6699465b5beae515b17438bb506c84d5ca1828baf1656c2bdd38edbb2b37901d7bc41fd", 0xaf}, {&(0x7f0000000680)="11e724b557a508439e95a848393c3692aacfb646e089379b1a5ae98707db60f9541a637688cd89c7ec09cb7ab49eee6c4448c596e346b0648a693d2fd8d9fedbeacde0eade20a92240ca2383799c146a0150ca7edfde040700037ee6cf212604380efed0c1a5f2bc82924a1048dcaef4fa411920a5d5f46e43", 0x79}, {&(0x7f0000000400)="b46eba59c0490a", 0x7}, {&(0x7f0000000700)="486f5a308f2c19c0cfa6cbb3d6febeffa848be03c17405f6162090bb54ff2f6dd27b92917db5044f7bc7c74f3ab1e5a813f83c3a50afd93d5b483b77812b6f3c8775fe5e7d64785110391f3a6cab467d7840d730973c9e70000585bda21b1ce9b95178b2c5919361913079b77ac21023e25e8b2ebe5f8944e74d5b0b5636c3ab19c83bb44e719edd8c3345e47001e07ebcf5a853d710f9d578041cf080f160b1d574f6b42fe21c05f09b0b1f53ba14f6aeba57867ae28e", 0xb7}, {&(0x7f00000007c0)="ac6f0c878631fcd6014755170edeb09659dc47fbdcd7915becd89260a1c2cc437cc6653fcaa3f0c0369508e08411f3fe08b2eb", 0x33}, {&(0x7f0000000800)="68fefc3e0ebaf3a754247664cee5fb0f7a37ec54c9ab0df042d20ca0bc12edfeaf509561811037", 0x27}], 0x7, &(0x7f00000008c0)=[@mark={{0x14, 0x1, 0x24, 0x7}}, @mark={{0x14}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0x10}}], 0x60}, 0x40)
r15 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r15, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r16=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r13, 0x84, 0x72, &(0x7f0000000040)={r16, 0xd, 0x30}, &(0x7f00000000c0)=0xc) (async)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r13, 0x84, 0x72, &(0x7f0000000040)={r16, 0xd, 0x30}, &(0x7f00000000c0)=0xc)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r12, 0x84, 0x6, &(0x7f0000000340)={r16, @in6={{0xa, 0x4e21, 0x101, @private1, 0xa}}}, 0x84)
sendmsg$kcm(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000200)="cb000000150081054e81f782db44b904021f08010a000000040000a118000200ac141414ffff0d1208000f0100810401880016ea1f0006ea7f400303000803600cfab94dcf5c046181d67f6f94007134cf6ee080005c4ab0f45312b3429fa0e408f456211bef32d4760000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd60100730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee", 0xcb}], 0x1, 0x0, 0x0, 0x7400}, 0x44804)

727.186156ms ago: executing program 0 (id=1824):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000040)={{r0}, {@void, @actul_num={@void, 0x7, 0x54}}})
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x114, 0x1f, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="02180000100000000000000000000000030005000000000002000010e000000100000000000000000800120000000000000000000000000010000000000000000000000000000000ac1414bb000000000000000000000000fc010000000000000000000000000000030006000000000002"], 0x80}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000007c0)=@o_path={0x0, r2, 0x4000, r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f000000040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmmsg(r4, &(0x7f0000008b40)=[{{&(0x7f00000004c0)=@nl=@kern={0x10, 0x0, 0x0, 0x800000}, 0x80, &(0x7f0000002900)=[{&(0x7f0000000540)='si', 0x2}], 0x1, &(0x7f0000002980)=[{0x10, 0x110, 0x81}], 0x10}}], 0x1, 0x4000000)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x9d987127a8f98182, 0x800, 0x2, 0x3}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000003, @void, @value}, 0x94)

655.299875ms ago: executing program 3 (id=1825):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101842, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) (async)
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
r1 = epoll_create1(0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0x20000014})
ioctl$PPPIOCATTCHAN(r0, 0x40047438, &(0x7f0000000000))
epoll_wait(r1, &(0x7f0000000280)=[{}], 0x1, 0x40402) (async)
write$ppp(r0, &(0x7f00000003c0)="0000600f1c73b6875232ac6273854ac83ef81bbb4d4592ff5a0023c3bdee9f4b234c9c492d350eb553ec4f9550a69e1c3e35ddb290fa014f42c075fb9fea", 0x3e) (async)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/61, 0x3d}], 0x1)

531.489956ms ago: executing program 1 (id=1826):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000400)=[0x0], 0x0, 0x0, 0xb9, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x0, 0x0, 0x6b, 0x8, 0x0, 0x0}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x670, 0x5, 0x338, 0x218, 0xf0, 0xfeffffff, 0x218, 0x218, 0x3c0, 0x3c0, 0xffffffff, 0x3c0, 0x3c0, 0x5, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @remote, @icmp_id}}}}, {{@ip={@loopback, @rand_addr, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id}}}}, {{@ip={@remote, @broadcast, 0x0, 0x0, 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@private2, @ipv4=@dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f00000000c0)="a6f185ff83b1b54dd046a0683cb4cf2f", 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TARGET={0x8, 0x3, 0x20}, @TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe0ec}]}}]}, 0x44}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)

466.082768ms ago: executing program 2 (id=1827):
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000000008010200000000000000000000000009"], 0x34}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="c00000006800010027bd7040fcdbdf0a0a0001000100000014000600ac1414bb0000000000000000000000000c00088008000600090000004400020001000000800000000100000002000000020000007f0000000200000003000000000000000b00000001000000010000000100000093000000010000000500000014000600fc02000000000000000000000000000014000600ac1efe0100000000000000000000000014000600ac1414bb0000000000000000000000002b00010002000000"], 0xc0}, 0x1, 0x0, 0x0, 0xb0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r4, r5, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r6, 0x2, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)
r7 = socket$igmp6(0xa, 0x3, 0x2)
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x89a2, &(0x7f0000000900)={'ip6tnl0\x00', @random="0600002000"})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r7, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
syz_emit_ethernet(0x45, &(0x7f0000000200)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}, @multicast, @void, {@generic={0xa70a996207429faf, "6b90e404d618886a2f5e536f944d852041590e61b96aa0742d62d7d57abe766b5608a3470fb8ecddf10430022629284cc1d0eb2439ed3e"}}}, &(0x7f0000000280)={0x3, 0x1, [0x3b3, 0xf76, 0xee, 0x849]})
write$tun(r1, &(0x7f0000000380)=ANY=[@ANYRES64=r7, @ANYRES8=r7], 0xfdef)
socket$nl_xfrm(0x10, 0x3, 0x6)

390.895406ms ago: executing program 0 (id=1828):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
getpeername$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r1}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'ip6_vti0\x00', &(0x7f0000000200)={'ip6tnl0\x00', 0x0, 0x4, 0x1, 0x2, 0x5, 0x42, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @local}, 0x7800, 0x8, 0xfff, 0x8}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={<r2=>0x0, @rand_addr, @remote}, &(0x7f0000000300)=0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r4, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r6=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, &(0x7f0000000480)=[0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x75, &(0x7f0000000580)=[{}, {}], 0x10, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xb2, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0x7}, {}, {0xffff}}, [@filter_kind_options=@f_cgroup={{0xb}, {0xc, 0x2, [@TCA_CGROUP_EMATCHES={0x8, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x800)
r11 = socket(0x10, 0x803, 0x0)
r12 = socket(0x400000000010, 0x3, 0x0)
r13 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r14, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0x884, 0x2c, 0xd27, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r14, {0x0, 0x8}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x854, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x14fa8}, @TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_TBF={0x3c, 0x1, {0xa3e, 0x1, 0x80, 0x80000001, 0x3, {0x16, 0x1, 0xe5b, 0x5, 0x9, 0x2}, {0x7, 0x0, 0xb3d, 0x0, 0xfffe, 0xfffff976}, 0x0, 0x200, 0x4}}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x1ff, 0xa4, 0x7, 0x101, 0x7, 0x8, 0xfffff000, 0x3, 0x0, 0x1, 0x1, 0x3932685, 0x4, 0x0, 0x5, 0x8, 0x0, 0x8, 0xfffffffd, 0x9, 0x0, 0x4, 0xfff, 0x8, 0x9, 0x66c, 0x3b8f5929, 0x3, 0x9, 0xa, 0x101, 0x5, 0x4, 0x8, 0xf0a, 0x800, 0x1, 0x1, 0x47905ebf, 0x5, 0x1, 0x1, 0xa, 0xf7f0, 0x3, 0x401, 0x7, 0xc, 0x8, 0xf, 0x7, 0xff0b882, 0x7ff, 0x55, 0xd, 0x2, 0xad, 0x4, 0x80000001, 0x0, 0x7fffffff, 0x6, 0x4, 0x2, 0x6c, 0x0, 0x5, 0x5, 0x57, 0x3, 0x14, 0x2d9, 0x0, 0x3, 0x0, 0x5, 0xab7, 0x9abb, 0x48, 0xfff, 0x8, 0x1, 0x4, 0x40, 0x8d23, 0xffff, 0x3, 0x31b, 0x8, 0x1, 0x9, 0x1, 0x5, 0x3, 0x7, 0x5, 0x8, 0x9, 0x53, 0xffffffff, 0x10000, 0x8, 0x7, 0x892, 0xb, 0x4bfbd966, 0x401, 0x2, 0x6, 0xa2c7, 0x3, 0xfffffffb, 0x16eae2cc, 0x3, 0xc, 0x3, 0x6, 0x4, 0x4, 0x0, 0x9, 0x7, 0x8, 0x1, 0x6, 0xff, 0x6, 0x3, 0x6, 0xfffffffd, 0x0, 0x6, 0x4, 0x3, 0x2, 0xffffffee, 0x10001, 0xba87, 0x1000, 0xb, 0x4000000, 0x10001, 0x9, 0x4, 0x2, 0x8, 0x5, 0x5, 0xffffffc1, 0x200, 0x5, 0x80, 0x1800, 0x3ff, 0x5b6, 0xb245, 0x4, 0x5, 0x401, 0xb, 0x9, 0x4, 0x9d, 0xb, 0x400, 0xedd1, 0x6, 0x7ff, 0x8, 0x1ff, 0x4, 0xfffffffd, 0x0, 0x0, 0x7, 0x3, 0x5, 0x3, 0x6f2d, 0x3, 0x9, 0x6, 0x5, 0x40, 0x28, 0xd23b, 0x1, 0x5, 0x5, 0xd5, 0x905f, 0x2, 0x1, 0xffff, 0x8, 0x80, 0x6fd, 0x65dd, 0x8, 0x3272, 0x4, 0x497, 0x6, 0x7fffffff, 0x8, 0x3, 0x6, 0x103, 0xa, 0xfee6, 0xff, 0x7, 0x0, 0x7, 0x5406, 0x7, 0x1, 0x6, 0x0, 0x5, 0x2, 0x81, 0x80000000, 0x7, 0xf, 0x1000, 0x0, 0x75, 0x6, 0x9, 0x200, 0x4, 0xff, 0xe7, 0x40, 0x0, 0x401, 0x47ac2596, 0x39, 0xffffffff, 0x6, 0x1ff, 0x2, 0x2, 0x2, 0xf7ffe9e6, 0x3, 0x5, 0x8, 0x1, 0x3, 0xfffffffe, 0x3, 0xaf79, 0x101]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0xfff, 0x8, 0x9, 0x4, 0x8000800, 0x3, 0x8, 0x5, 0x0, 0xfffffff7, 0x0, 0x6, 0x3, 0xfffffff9, 0xfffffffa, 0x8, 0x40, 0x2, 0xd, 0x6, 0x8, 0x1de, 0x2, 0x3, 0x2800, 0x4, 0xffffffff, 0x6, 0x6, 0x0, 0x2, 0x58f3, 0x10001, 0xd26, 0x4, 0x5, 0x2, 0x6, 0x51ec, 0x4, 0x8, 0x15c, 0x2, 0x1ff, 0x2, 0xfffff58a, 0x10, 0xc, 0x9, 0x7, 0x2, 0x7, 0x6, 0x2, 0x2, 0x204, 0x402, 0x6, 0x400, 0x1, 0x3, 0x2, 0xfffffff7, 0x1, 0xea8, 0x1, 0x3, 0xb33, 0x80000e, 0x7, 0x5, 0x6b, 0x1ff, 0x3, 0x6, 0x1, 0x1, 0xfffffe01, 0xdc, 0x9, 0x1, 0x7, 0x800000, 0x8, 0x10001, 0xc, 0x3, 0xe, 0x1ff, 0x80, 0x401, 0x3, 0x7ae4e9d, 0x3, 0x12b0, 0x5, 0x0, 0x101, 0x8, 0xee3, 0x5, 0x7, 0x7, 0x6, 0x9, 0x2, 0x3ff, 0x5, 0xf, 0x4, 0x3, 0x7, 0x2, 0x3e1, 0x1, 0x10001, 0xffff, 0x10, 0x401, 0x3, 0xe7a1, 0x0, 0x7, 0x6, 0x57, 0x1, 0x80000001, 0x1000, 0x0, 0x28, 0xc6, 0x3, 0x6, 0x1, 0x9, 0x7, 0x0, 0xae, 0x3a81, 0x1, 0x8, 0x9, 0x1, 0xfff, 0x3999, 0x0, 0x7, 0x14, 0x1, 0x5, 0xce, 0xf0000000, 0x5, 0x7, 0x7, 0x3, 0x6, 0x1, 0xb, 0x9, 0x7, 0x9, 0x5, 0x6, 0x2, 0x3, 0x2, 0x7, 0x7, 0x3, 0x7, 0x2, 0x8, 0x31f8, 0x3, 0x2, 0xb, 0x400, 0x5, 0x8000, 0x5, 0x6, 0x80000001, 0x96c0, 0xfffffeff, 0x9, 0x9, 0x80, 0xfffffffd, 0xc8, 0x2, 0x2, 0x81, 0x10001, 0xde8, 0x3fe, 0x4, 0x800, 0xd, 0x8, 0xa, 0x81, 0xde, 0x8, 0x2, 0x2, 0xa, 0x5, 0x9a62295, 0x8, 0x401, 0x7f, 0x8, 0x1, 0x4, 0x7b02, 0xffffffff, 0x80000001, 0x5, 0xf, 0x7, 0xffffffff, 0xa, 0x9, 0x2, 0xe, 0xd, 0xfffffff6, 0x4, 0x5, 0x804e, 0xeb, 0x800, 0x8, 0x6, 0x9, 0x86b2, 0x3ff, 0xfffffff8, 0x6, 0xf1e7, 0x8, 0x79d2, 0x4d4, 0x7, 0x2, 0x7, 0x7fffffff, 0x4, 0x7, 0x9, 0x20007fff, 0x1, 0xa00, 0x4]}]}]}}]}, 0x884}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000), 0xc, &(0x7f00000007c0)={&(0x7f0000001500)={0x1ec, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x1ec}, 0x1, 0x0, 0x0, 0x20000014}, 0x4004040)
r15 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', <r16=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x19, 0xc, 0x8, 0x8, 0x200, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r17 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r17, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0503020000000000140012808b0001006d61637365630065000400c8ac08000500b24ad4bd4f183e83c6a7207ea152dedb91eccf6f6ccf1bcd0c1a3bd23d6ef96bd5cb4e43f5643312c738cb6ef3c2b39694032c1a16d1be7aa56293d4b26c9f1beb7fbae6f86671dbe610", @ANYRES32=r16, @ANYBLOB], 0x3c}}, 0x0)

342.505681ms ago: executing program 1 (id=1829):
unshare(0x8000400)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000440)='freezer.parent_freezing\x00', 0x275a, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r3, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x5, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x10)
sendfile(r3, r2, 0x0, 0xffefffff)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="871a0000000000000740000000000e4a00800104000000000000000000000100000000000000000000000000592b90d1338280b6d640a85e00000000000000000009000000000000000401ff3a5215a229eb6f47c95c05d11fb8d64e6d870bff186ff1a153bb4e2491ba72172857ec160a95ddcb5e8b624e9de6d01d8e34a1b27bc9a0446dd57a630fd0ee795a148f42285c30e04b9408cb8a309bb5807a035ea49b5246bbaa314ec20903d9121a76ae0c34024eda6d074e8e7a0b9378caaada5c2afa7ec7da04d996d82d5c8ca6678aa04f6f0000008000000000a2969260392218444d90b45aa46a5da867ad470493b0a95d3cef2d72e72bc69b1156fdebaca8630967b3ced4f8d5784317fb2ac1a7257b77aa0da10cee7114bc826b23c5660232ab24fa85f1f0c13dd62344bbf3c83bedb627a3f8f6afdc0876194bd1c8ee32457e610ae4da5cba3ec5aeed112bf903981f4b7d5a3c0909e53f4890e088b10e3efecaf9e6f7a487a4a6b78bf601a12abae9174e9c2e000e8a70f51f096d877ab6aac1c378f6884dcb81a50bd8"], 0xe0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000002100))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000140)={<r4=>r0})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x14, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000077cb0000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000000)=0x204810c)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>0x0})
connect$can_bcm(r8, &(0x7f0000000180)={0x1d, r9}, 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={0x5, 0x413, 0x4, {}, {}, {0x0, 0x0, 0x1}, 0x1, @can={{}, 0x7, 0x7, 0x0, 0x0, "fbfd05efe8a2c877"}}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x14000000)
r10 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r10, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r11, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x34, 0x0, 0x1, 0x70bd29, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x34}}, 0x4000000)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2004409c)
socket$packet(0x11, 0x3, 0x300)

188.069748ms ago: executing program 3 (id=1830):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000070000000060a010400000000000000000100000008000b400000000048000480440001800b000100657874686472000034000280080001400000000c080003400000000008000440000000220500020007000000080005400000000108000640000000000900010073797a30"], 0xe4}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f00000011c0), r1)
sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fbdbdf25070000000c0017000201aaaaaaaaaaaa08000300", @ANYRES32=r2, @ANYBLOB="0a0004007770616e33000000080005000000642b"], 0x3c}}, 0x800)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, r4, 0x0, 0x2c, &(0x7f0000000000)='/proc/\x80yync_\x00le\xf44.\xab%\xf8\xff\xff\xff\xff\xff\xff\xff?\x11\xc8\xdd\x15\xcc\xd2\xf1\xfb\'%\xa0\x00\x00\x00,'}, 0x30)
write$tun(r4, &(0x7f0000000000)=ANY=[], 0x38)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0)
sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40404850}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x44, 0x0, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x6}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0xc, 0x7, 0x0, 0x1, [{0x8, 0x1, r4}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x14}, 0x4000010)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYRESDEC=0x0, @ANYRES32=0x0], 0x174}, 0x1, 0x0, 0x0, 0x44}, 0x44)
r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000002c0), r1)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000004, 0x12012, r6, 0xe3ac4000)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2d8, 0x2e8, 0x2e8, 0x2d8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @remote, [], [], 'veth0_to_team\x00', 'macsec0\x00'}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e20, 0x6, @empty, 0x4}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0x6}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r8, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r8, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket(0x40000000015, 0x5, 0x0)
getsockopt(r4, 0x9, 0xe6, 0x0, &(0x7f0000000080))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x300, 0x0, 0x26}, 0x9c)
recvmmsg(r8, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x3}], 0x1, 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000380)={0x44, r5, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0xc}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xf94d}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3000000000}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x810)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x14, 0x0, 0x4, 0x70bd29}, 0x14}}, 0x40000)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r9)

123.313862ms ago: executing program 2 (id=1831):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000000f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x4400046, r1})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
socket$netlink(0x10, 0x3, 0x0)

0s ago: executing program 0 (id=1832):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, r1, 0x100, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void, @val={0xc, 0x99, {0x6, 0x6d}}}}, ["", "", ""]}, 0x20}}, 0x20044845) (async)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c000000330007010000000000000300016800000c00038008000600", @ANYRES32=0x0, @ANYBLOB="0c0007000001000000000000"], 0x2c}}, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet(r2, &(0x7f0000000200)="e3dca3c8a6c73c608417c556821949dd54bff64286ec299d3937fb51d566c86030c0550705f6af49514292d8eb21", 0x2e, 0x40a0001, &(0x7f0000000280)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10)

kernel console output (not intermixed with test programs):

8083]  ____sys_sendmsg+0x53a/0x860
[  125.412253][ T8083]  ? __pfx_____sys_sendmsg+0x10/0x10
[  125.412267][ T8083]  ? __fget_files+0x2a/0x410
[  125.412289][ T8083]  ? __fget_files+0x2a/0x410
[  125.412316][ T8083]  __sys_sendmsg+0x269/0x350
[  125.412337][ T8083]  ? __pfx___sys_sendmsg+0x10/0x10
[  125.412366][ T8083]  ? do_sys_openat2+0x17a/0x1d0
[  125.412410][ T8083]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  125.412432][ T8083]  ? do_syscall_64+0x100/0x230
[  125.412453][ T8083]  ? do_syscall_64+0xb6/0x230
[  125.412472][ T8083]  do_syscall_64+0xf3/0x230
[  125.412490][ T8083]  ? clear_bhb_loop+0x35/0x90
[  125.412512][ T8083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.412531][ T8083] RIP: 0033:0x7f35a318d169
[  125.412545][ T8083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.412558][ T8083] RSP: 002b:00007f35a3f5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  125.412575][ T8083] RAX: ffffffffffffffda RBX: 00007f35a33a5fa0 RCX: 00007f35a318d169
[  125.412586][ T8083] RDX: 0000000024044884 RSI: 0000400000000300 RDI: 0000000000000003
[  125.412596][ T8083] RBP: 00007f35a3f5e090 R08: 0000000000000000 R09: 0000000000000000
[  125.412605][ T8083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.412615][ T8083] R13: 0000000000000000 R14: 00007f35a33a5fa0 R15: 00007ffd6c5aa6c8
[  125.412638][ T8083]  </TASK>
[  125.742364][ T8092] FAULT_INJECTION: forcing a failure.
[  125.742364][ T8092] name failslab, interval 1, probability 0, space 0, times 0
[  125.757211][ T8092] CPU: 1 UID: 0 PID: 8092 Comm: syz.4.577 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  125.757235][ T8092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  125.757245][ T8092] Call Trace:
[  125.757251][ T8092]  <TASK>
[  125.757258][ T8092]  dump_stack_lvl+0x241/0x360
[  125.757282][ T8092]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.757300][ T8092]  ? __pfx__printk+0x10/0x10
[  125.757318][ T8092]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  125.757341][ T8092]  ? __pfx___might_resched+0x10/0x10
[  125.757365][ T8092]  should_fail_ex+0x40a/0x550
[  125.757391][ T8092]  should_failslab+0xac/0x100
[  125.757414][ T8092]  kmem_cache_alloc_node_noprof+0x77/0x380
[  125.757433][ T8092]  ? __alloc_skb+0x1c3/0x440
[  125.757452][ T8092]  __alloc_skb+0x1c3/0x440
[  125.757473][ T8092]  ? __pfx___alloc_skb+0x10/0x10
[  125.757490][ T8092]  ? netlink_autobind+0xd6/0x2f0
[  125.757510][ T8092]  ? netlink_autobind+0x2b0/0x2f0
[  125.757534][ T8092]  netlink_sendmsg+0x634/0xcb0
[  125.757566][ T8092]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.757591][ T8092]  ? aa_sock_msg_perm+0x91/0x160
[  125.757618][ T8092]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.757637][ T8092]  __sock_sendmsg+0x221/0x270
[  125.757661][ T8092]  ____sys_sendmsg+0x53a/0x860
[  125.757686][ T8092]  ? __pfx_____sys_sendmsg+0x10/0x10
[  125.757701][ T8092]  ? __fget_files+0x2a/0x410
[  125.757725][ T8092]  ? __fget_files+0x2a/0x410
[  125.757754][ T8092]  __sys_sendmsg+0x269/0x350
[  125.757775][ T8092]  ? __pfx___sys_sendmsg+0x10/0x10
[  125.757805][ T8092]  ? do_sys_openat2+0x17a/0x1d0
[  125.757850][ T8092]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  125.757874][ T8092]  ? do_syscall_64+0x100/0x230
[  125.757895][ T8092]  ? do_syscall_64+0xb6/0x230
[  125.757916][ T8092]  do_syscall_64+0xf3/0x230
[  125.757934][ T8092]  ? clear_bhb_loop+0x35/0x90
[  125.757957][ T8092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.757977][ T8092] RIP: 0033:0x7f35a318d169
[  125.757991][ T8092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.758004][ T8092] RSP: 002b:00007f35a3f5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  125.758022][ T8092] RAX: ffffffffffffffda RBX: 00007f35a33a5fa0 RCX: 00007f35a318d169
[  125.758034][ T8092] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  125.758044][ T8092] RBP: 00007f35a3f5e090 R08: 0000000000000000 R09: 0000000000000000
[  125.758054][ T8092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.758062][ T8092] R13: 0000000000000000 R14: 00007f35a33a5fa0 R15: 00007ffd6c5aa6c8
[  125.758088][ T8092]  </TASK>
[  126.467724][ T8119] netlink: 'syz.1.586': attribute type 4 has an invalid length.
[  126.566155][ T8125] netlink: 'syz.2.587': attribute type 3 has an invalid length.
[  126.645561][ T8130] netlink: 'syz.3.591': attribute type 1 has an invalid length.
[  126.663557][ T8130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.591'.
[  126.686649][ T8134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.593'.
[  126.730763][ T8134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.593'.
[  126.746814][ T8134] netlink: 4 bytes leftover after parsing attributes in process `syz.4.593'.
[  126.755505][ T8137] netlink: 8 bytes leftover after parsing attributes in process `syz.0.594'.
[  126.790288][ T8137] netlink: 4 bytes leftover after parsing attributes in process `syz.0.594'.
[  126.809977][ T8137] netlink: 'syz.0.594': attribute type 5 has an invalid length.
[  126.840408][ T8137] netlink: 'syz.0.594': attribute type 6 has an invalid length.
[  126.932840][ T8144] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'.
[  127.019953][ T8152] netlink: 'syz.0.600': attribute type 9 has an invalid length.
[  127.043647][ T8153] FAULT_INJECTION: forcing a failure.
[  127.043647][ T8153] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.089572][ T8153] CPU: 1 UID: 0 PID: 8153 Comm: syz.2.599 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  127.089597][ T8153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  127.089607][ T8153] Call Trace:
[  127.089613][ T8153]  <TASK>
[  127.089619][ T8153]  dump_stack_lvl+0x241/0x360
[  127.089643][ T8153]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.089660][ T8153]  ? __pfx__printk+0x10/0x10
[  127.089677][ T8153]  ? __pfx_lock_release+0x10/0x10
[  127.089706][ T8153]  should_fail_ex+0x40a/0x550
[  127.089730][ T8153]  _copy_from_iter+0x1df/0x1c40
[  127.089747][ T8153]  ? __virt_addr_valid+0x183/0x530
[  127.089763][ T8153]  ? __pfx_lock_release+0x10/0x10
[  127.089790][ T8153]  ? __alloc_skb+0x28f/0x440
[  127.089804][ T8153]  ? __pfx__copy_from_iter+0x10/0x10
[  127.089821][ T8153]  ? __virt_addr_valid+0x183/0x530
[  127.089835][ T8153]  ? __virt_addr_valid+0x183/0x530
[  127.089848][ T8153]  ? __virt_addr_valid+0x45f/0x530
[  127.089863][ T8153]  ? __phys_addr_symbol+0x2f/0x70
[  127.089878][ T8153]  ? __check_object_size+0x47a/0x730
[  127.089898][ T8153]  netlink_sendmsg+0x742/0xcb0
[  127.089928][ T8153]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.089953][ T8153]  ? aa_sock_msg_perm+0x91/0x160
[  127.089978][ T8153]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.089996][ T8153]  __sock_sendmsg+0x221/0x270
[  127.090016][ T8153]  ____sys_sendmsg+0x53a/0x860
[  127.090039][ T8153]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.090053][ T8153]  ? __fget_files+0x2a/0x410
[  127.090076][ T8153]  ? __fget_files+0x2a/0x410
[  127.090102][ T8153]  __sys_sendmsg+0x269/0x350
[  127.090122][ T8153]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.090149][ T8153]  ? do_sys_openat2+0x17a/0x1d0
[  127.090187][ T8153]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  127.090209][ T8153]  ? do_syscall_64+0x100/0x230
[  127.090230][ T8153]  ? do_syscall_64+0xb6/0x230
[  127.090251][ T8153]  do_syscall_64+0xf3/0x230
[  127.090268][ T8153]  ? clear_bhb_loop+0x35/0x90
[  127.090297][ T8153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.090316][ T8153] RIP: 0033:0x7f27a458d169
[  127.090330][ T8153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.090342][ T8153] RSP: 002b:00007f27a5335038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.090360][ T8153] RAX: ffffffffffffffda RBX: 00007f27a47a5fa0 RCX: 00007f27a458d169
[  127.090371][ T8153] RDX: 0000000024044884 RSI: 0000400000000300 RDI: 0000000000000003
[  127.090381][ T8153] RBP: 00007f27a5335090 R08: 0000000000000000 R09: 0000000000000000
[  127.090390][ T8153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.090399][ T8153] R13: 0000000000000000 R14: 00007f27a47a5fa0 R15: 00007ffd100af258
[  127.090423][ T8153]  </TASK>
[  127.401978][ T8156] netlink: 'syz.0.602': attribute type 4 has an invalid length.
[  127.443867][ T8160] FAULT_INJECTION: forcing a failure.
[  127.443867][ T8160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.467985][ T8160] CPU: 1 UID: 0 PID: 8160 Comm: syz.3.604 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  127.468010][ T8160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  127.468020][ T8160] Call Trace:
[  127.468026][ T8160]  <TASK>
[  127.468033][ T8160]  dump_stack_lvl+0x241/0x360
[  127.468059][ T8160]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.468076][ T8160]  ? __pfx__printk+0x10/0x10
[  127.468095][ T8160]  ? __pfx_lock_release+0x10/0x10
[  127.468125][ T8160]  should_fail_ex+0x40a/0x550
[  127.468152][ T8160]  _copy_from_iter+0x1df/0x1c40
[  127.468171][ T8160]  ? __virt_addr_valid+0x183/0x530
[  127.468187][ T8160]  ? __pfx_lock_release+0x10/0x10
[  127.468215][ T8160]  ? __alloc_skb+0x28f/0x440
[  127.468231][ T8160]  ? __pfx__copy_from_iter+0x10/0x10
[  127.468250][ T8160]  ? __virt_addr_valid+0x183/0x530
[  127.468264][ T8160]  ? __virt_addr_valid+0x183/0x530
[  127.468278][ T8160]  ? __virt_addr_valid+0x45f/0x530
[  127.468300][ T8160]  ? __phys_addr_symbol+0x2f/0x70
[  127.468314][ T8160]  ? __check_object_size+0x47a/0x730
[  127.468339][ T8160]  netlink_sendmsg+0x742/0xcb0
[  127.468371][ T8160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.468394][ T8160]  ? aa_sock_msg_perm+0x91/0x160
[  127.468421][ T8160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.468440][ T8160]  __sock_sendmsg+0x221/0x270
[  127.468464][ T8160]  ____sys_sendmsg+0x53a/0x860
[  127.468489][ T8160]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.468504][ T8160]  ? __fget_files+0x2a/0x410
[  127.468528][ T8160]  ? __fget_files+0x2a/0x410
[  127.468557][ T8160]  __sys_sendmsg+0x269/0x350
[  127.468579][ T8160]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.468608][ T8160]  ? do_sys_openat2+0x17a/0x1d0
[  127.468653][ T8160]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  127.468676][ T8160]  ? do_syscall_64+0x100/0x230
[  127.468698][ T8160]  ? do_syscall_64+0xb6/0x230
[  127.468719][ T8160]  do_syscall_64+0xf3/0x230
[  127.468737][ T8160]  ? clear_bhb_loop+0x35/0x90
[  127.468760][ T8160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.468780][ T8160] RIP: 0033:0x7f65f198d169
[  127.468794][ T8160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.468808][ T8160] RSP: 002b:00007f65f28d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.468825][ T8160] RAX: ffffffffffffffda RBX: 00007f65f1ba5fa0 RCX: 00007f65f198d169
[  127.468837][ T8160] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  127.468847][ T8160] RBP: 00007f65f28d6090 R08: 0000000000000000 R09: 0000000000000000
[  127.468857][ T8160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.468866][ T8160] R13: 0000000000000000 R14: 00007f65f1ba5fa0 R15: 00007ffe547d9d18
[  127.468891][ T8160]  </TASK>
[  127.936702][ T8169] xt_nfacct: accounting object `syz1' does not exists
[  128.293781][ T8195] netlink: 'syz.0.615': attribute type 4 has an invalid length.
[  128.434202][ T8204] FAULT_INJECTION: forcing a failure.
[  128.434202][ T8204] name failslab, interval 1, probability 0, space 0, times 0
[  128.451462][ T8204] CPU: 1 UID: 0 PID: 8204 Comm: syz.2.616 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  128.451486][ T8204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  128.451496][ T8204] Call Trace:
[  128.451501][ T8204]  <TASK>
[  128.451508][ T8204]  dump_stack_lvl+0x241/0x360
[  128.451533][ T8204]  ? __pfx_dump_stack_lvl+0x10/0x10
[  128.451549][ T8204]  ? __pfx__printk+0x10/0x10
[  128.451567][ T8204]  ? __kmalloc_noprof+0xb5/0x4c0
[  128.451587][ T8204]  ? __pfx___might_resched+0x10/0x10
[  128.451605][ T8204]  ? aa_get_newest_label+0xff/0x6f0
[  128.451633][ T8204]  should_fail_ex+0x40a/0x550
[  128.451658][ T8204]  should_failslab+0xac/0x100
[  128.451677][ T8204]  __kmalloc_noprof+0xdd/0x4c0
[  128.451695][ T8204]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  128.451712][ T8204]  ? apparmor_capable+0x13b/0x1b0
[  128.451729][ T8204]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  128.451749][ T8204]  genl_rcv_msg+0x80b/0xec0
[  128.451772][ T8204]  ? __pfx_genl_rcv_msg+0x10/0x10
[  128.451808][ T8204]  ? __pfx_lock_acquire+0x10/0x10
[  128.451826][ T8204]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  128.451845][ T8204]  ? __pfx_nl80211_new_interface+0x10/0x10
[  128.451862][ T8204]  ? __pfx_nl80211_post_doit+0x10/0x10
[  128.451893][ T8204]  ? __pfx___might_resched+0x10/0x10
[  128.451920][ T8204]  netlink_rcv_skb+0x206/0x480
[  128.451942][ T8204]  ? __pfx_genl_rcv_msg+0x10/0x10
[  128.451960][ T8204]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  128.452005][ T8204]  genl_rcv+0x28/0x40
[  128.452019][ T8204]  netlink_unicast+0x7f6/0x990
[  128.452044][ T8204]  ? __pfx_netlink_unicast+0x10/0x10
[  128.452060][ T8204]  ? __virt_addr_valid+0x45f/0x530
[  128.452076][ T8204]  ? __phys_addr_symbol+0x2f/0x70
[  128.452088][ T8204]  ? __check_object_size+0x47a/0x730
[  128.452110][ T8204]  netlink_sendmsg+0x8de/0xcb0
[  128.452139][ T8204]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.452162][ T8204]  ? aa_sock_msg_perm+0x91/0x160
[  128.452186][ T8204]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.452201][ T8204]  __sock_sendmsg+0x221/0x270
[  128.452223][ T8204]  ____sys_sendmsg+0x53a/0x860
[  128.452245][ T8204]  ? __pfx_____sys_sendmsg+0x10/0x10
[  128.452259][ T8204]  ? __fget_files+0x2a/0x410
[  128.452282][ T8204]  ? __fget_files+0x2a/0x410
[  128.452309][ T8204]  __sys_sendmsg+0x269/0x350
[  128.452329][ T8204]  ? __pfx___sys_sendmsg+0x10/0x10
[  128.452356][ T8204]  ? do_sys_openat2+0x17a/0x1d0
[  128.452401][ T8204]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  128.452424][ T8204]  ? do_syscall_64+0x100/0x230
[  128.452445][ T8204]  ? do_syscall_64+0xb6/0x230
[  128.452464][ T8204]  do_syscall_64+0xf3/0x230
[  128.452481][ T8204]  ? clear_bhb_loop+0x35/0x90
[  128.452502][ T8204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.452518][ T8204] RIP: 0033:0x7f27a458d169
[  128.452533][ T8204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.452545][ T8204] RSP: 002b:00007f27a5335038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.452561][ T8204] RAX: ffffffffffffffda RBX: 00007f27a47a5fa0 RCX: 00007f27a458d169
[  128.452572][ T8204] RDX: 0000000024044884 RSI: 0000400000000300 RDI: 0000000000000003
[  128.452581][ T8204] RBP: 00007f27a5335090 R08: 0000000000000000 R09: 0000000000000000
[  128.452590][ T8204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.452598][ T8204] R13: 0000000000000000 R14: 00007f27a47a5fa0 R15: 00007ffd100af258
[  128.452625][ T8204]  </TASK>
[  128.464325][ T8206] FAULT_INJECTION: forcing a failure.
[  128.464325][ T8206] name failslab, interval 1, probability 0, space 0, times 0
[  128.806534][ T8206] CPU: 0 UID: 0 PID: 8206 Comm: syz.1.618 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  128.806555][ T8206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  128.806565][ T8206] Call Trace:
[  128.806570][ T8206]  <TASK>
[  128.806578][ T8206]  dump_stack_lvl+0x241/0x360
[  128.806602][ T8206]  ? __pfx_dump_stack_lvl+0x10/0x10
[  128.806619][ T8206]  ? __pfx__printk+0x10/0x10
[  128.806647][ T8206]  should_fail_ex+0x40a/0x550
[  128.806673][ T8206]  should_failslab+0xac/0x100
[  128.806695][ T8206]  ? skb_clone+0x20c/0x390
[  128.806712][ T8206]  kmem_cache_alloc_noprof+0x70/0x380
[  128.806737][ T8206]  skb_clone+0x20c/0x390
[  128.806758][ T8206]  __netlink_deliver_tap+0x3c4/0x7f0
[  128.806790][ T8206]  ? netlink_deliver_tap+0x2e/0x1b0
[  128.806809][ T8206]  netlink_deliver_tap+0x19d/0x1b0
[  128.806830][ T8206]  netlink_unicast+0x7c4/0x990
[  128.806856][ T8206]  ? __pfx_netlink_unicast+0x10/0x10
[  128.806873][ T8206]  ? __virt_addr_valid+0x45f/0x530
[  128.806890][ T8206]  ? __phys_addr_symbol+0x2f/0x70
[  128.806904][ T8206]  ? __check_object_size+0x47a/0x730
[  128.806928][ T8206]  netlink_sendmsg+0x8de/0xcb0
[  128.806957][ T8206]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.806980][ T8206]  ? aa_sock_msg_perm+0x91/0x160
[  128.807007][ T8206]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.807023][ T8206]  __sock_sendmsg+0x221/0x270
[  128.807044][ T8206]  ____sys_sendmsg+0x53a/0x860
[  128.807068][ T8206]  ? __pfx_____sys_sendmsg+0x10/0x10
[  128.807083][ T8206]  ? __fget_files+0x2a/0x410
[  128.807113][ T8206]  ? __fget_files+0x2a/0x410
[  128.807141][ T8206]  __sys_sendmsg+0x269/0x350
[  128.807161][ T8206]  ? __pfx___sys_sendmsg+0x10/0x10
[  128.807189][ T8206]  ? do_sys_openat2+0x17a/0x1d0
[  128.807234][ T8206]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  128.807258][ T8206]  ? do_syscall_64+0x100/0x230
[  128.807280][ T8206]  ? do_syscall_64+0xb6/0x230
[  128.807301][ T8206]  do_syscall_64+0xf3/0x230
[  128.807318][ T8206]  ? clear_bhb_loop+0x35/0x90
[  128.807342][ T8206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.807361][ T8206] RIP: 0033:0x7fe89bb8d169
[  128.807376][ T8206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.807388][ T8206] RSP: 002b:00007fe89c935038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.807405][ T8206] RAX: ffffffffffffffda RBX: 00007fe89bda5fa0 RCX: 00007fe89bb8d169
[  128.807416][ T8206] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  128.807425][ T8206] RBP: 00007fe89c935090 R08: 0000000000000000 R09: 0000000000000000
[  128.807435][ T8206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.807444][ T8206] R13: 0000000000000000 R14: 00007fe89bda5fa0 R15: 00007ffda010ac18
[  128.807469][ T8206]  </TASK>
[  128.807524][ T8206] netlink: 8 bytes leftover after parsing attributes in process `syz.1.618'.
[  128.939979][ T8208] vlan3: entered promiscuous mode
[  129.121163][ T8222] netlink: 'syz.3.621': attribute type 7 has an invalid length.
[  129.140678][ T8208] vlan3: entered allmulticast mode
[  129.360581][ T8226] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  129.369787][ T8226] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  129.378632][ T8226] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  129.387470][ T8226] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  129.599650][ T8245] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[  129.734085][ T8253] netlink: 'syz.2.627': attribute type 4 has an invalid length.
[  129.796914][ T8261] FAULT_INJECTION: forcing a failure.
[  129.796914][ T8261] name failslab, interval 1, probability 0, space 0, times 0
[  129.851906][ T8262] netlink: 8 bytes leftover after parsing attributes in process `syz.0.630'.
[  129.869648][ T8261] CPU: 0 UID: 0 PID: 8261 Comm: syz.1.629 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  129.869673][ T8261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  129.869683][ T8261] Call Trace:
[  129.869689][ T8261]  <TASK>
[  129.869696][ T8261]  dump_stack_lvl+0x241/0x360
[  129.869721][ T8261]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.869739][ T8261]  ? __pfx__printk+0x10/0x10
[  129.869758][ T8261]  ? __kmalloc_noprof+0xb5/0x4c0
[  129.869787][ T8261]  ? __pfx___might_resched+0x10/0x10
[  129.869806][ T8261]  ? aa_get_newest_label+0xff/0x6f0
[  129.869832][ T8261]  should_fail_ex+0x40a/0x550
[  129.869859][ T8261]  should_failslab+0xac/0x100
[  129.869881][ T8261]  __kmalloc_noprof+0xdd/0x4c0
[  129.869900][ T8261]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  129.869917][ T8261]  ? apparmor_capable+0x13b/0x1b0
[  129.869938][ T8261]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  129.869961][ T8261]  genl_rcv_msg+0x80b/0xec0
[  129.869983][ T8261]  ? __pfx_genl_rcv_msg+0x10/0x10
[  129.870023][ T8261]  ? __pfx_lock_acquire+0x10/0x10
[  129.870043][ T8261]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  129.870063][ T8261]  ? __pfx_nl80211_new_interface+0x10/0x10
[  129.870079][ T8261]  ? __pfx_nl80211_post_doit+0x10/0x10
[  129.870100][ T8261]  ? __pfx___might_resched+0x10/0x10
[  129.870128][ T8261]  netlink_rcv_skb+0x206/0x480
[  129.870148][ T8261]  ? __pfx_genl_rcv_msg+0x10/0x10
[  129.870164][ T8261]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  129.870193][ T8261]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  129.870226][ T8261]  genl_rcv+0x28/0x40
[  129.870240][ T8261]  netlink_unicast+0x7f6/0x990
[  129.870264][ T8261]  ? __pfx_netlink_unicast+0x10/0x10
[  129.870280][ T8261]  ? __virt_addr_valid+0x45f/0x530
[  129.870296][ T8261]  ? __phys_addr_symbol+0x2f/0x70
[  129.870310][ T8261]  ? __check_object_size+0x47a/0x730
[  129.870334][ T8261]  netlink_sendmsg+0x8de/0xcb0
[  129.870363][ T8261]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.870387][ T8261]  ? aa_sock_msg_perm+0x91/0x160
[  129.870412][ T8261]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.870430][ T8261]  __sock_sendmsg+0x221/0x270
[  129.870452][ T8261]  ____sys_sendmsg+0x53a/0x860
[  129.870475][ T8261]  ? __pfx_____sys_sendmsg+0x10/0x10
[  129.870489][ T8261]  ? __fget_files+0x2a/0x410
[  129.870513][ T8261]  ? __fget_files+0x2a/0x410
[  129.870541][ T8261]  __sys_sendmsg+0x269/0x350
[  129.870562][ T8261]  ? __pfx___sys_sendmsg+0x10/0x10
[  129.870591][ T8261]  ? do_sys_openat2+0x17a/0x1d0
[  129.870635][ T8261]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  129.870659][ T8261]  ? do_syscall_64+0x100/0x230
[  129.870685][ T8261]  ? do_syscall_64+0xb6/0x230
[  129.870705][ T8261]  do_syscall_64+0xf3/0x230
[  129.870723][ T8261]  ? clear_bhb_loop+0x35/0x90
[  129.870746][ T8261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.870771][ T8261] RIP: 0033:0x7fe89bb8d169
[  129.870787][ T8261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.870800][ T8261] RSP: 002b:00007fe89c935038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.870818][ T8261] RAX: ffffffffffffffda RBX: 00007fe89bda5fa0 RCX: 00007fe89bb8d169
[  129.870829][ T8261] RDX: 0000000024044884 RSI: 0000400000000300 RDI: 0000000000000003
[  129.870839][ T8261] RBP: 00007fe89c935090 R08: 0000000000000000 R09: 0000000000000000
[  129.870848][ T8261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.870857][ T8261] R13: 0000000000000000 R14: 00007fe89bda5fa0 R15: 00007ffda010ac18
[  129.870883][ T8261]  </TASK>
[  130.258934][ T8269] netlink: 8 bytes leftover after parsing attributes in process `syz.4.633'.
[  130.268015][ T8269] FAULT_INJECTION: forcing a failure.
[  130.268015][ T8269] name failslab, interval 1, probability 0, space 0, times 0
[  130.280798][ T8269] CPU: 1 UID: 0 PID: 8269 Comm: syz.4.633 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  130.280820][ T8269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  130.280830][ T8269] Call Trace:
[  130.280836][ T8269]  <TASK>
[  130.280843][ T8269]  dump_stack_lvl+0x241/0x360
[  130.280868][ T8269]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.280885][ T8269]  ? __pfx__printk+0x10/0x10
[  130.280904][ T8269]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  130.280925][ T8269]  ? __pfx___might_resched+0x10/0x10
[  130.280956][ T8269]  should_fail_ex+0x40a/0x550
[  130.280982][ T8269]  should_failslab+0xac/0x100
[  130.281003][ T8269]  kmem_cache_alloc_node_noprof+0x77/0x380
[  130.281023][ T8269]  ? __alloc_skb+0x1c3/0x440
[  130.281042][ T8269]  __alloc_skb+0x1c3/0x440
[  130.281062][ T8269]  ? __pfx___alloc_skb+0x10/0x10
[  130.281083][ T8269]  ? netlink_ack_tlv_len+0x6e/0x200
[  130.281105][ T8269]  netlink_ack+0x145/0xa60
[  130.281121][ T8269]  ? __pfx_lock_acquire+0x10/0x10
[  130.281143][ T8269]  ? __pfx_nl80211_update_mesh_config+0x10/0x10
[  130.281166][ T8269]  ? __pfx___might_resched+0x10/0x10
[  130.281194][ T8269]  netlink_rcv_skb+0x294/0x480
[  130.281215][ T8269]  ? __pfx_genl_rcv_msg+0x10/0x10
[  130.281232][ T8269]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  130.281278][ T8269]  genl_rcv+0x28/0x40
[  130.281293][ T8269]  netlink_unicast+0x7f6/0x990
[  130.281320][ T8269]  ? __pfx_netlink_unicast+0x10/0x10
[  130.281336][ T8269]  ? __virt_addr_valid+0x45f/0x530
[  130.281352][ T8269]  ? __phys_addr_symbol+0x2f/0x70
[  130.281366][ T8269]  ? __check_object_size+0x47a/0x730
[  130.281388][ T8269]  netlink_sendmsg+0x8de/0xcb0
[  130.281421][ T8269]  ? __pfx_netlink_sendmsg+0x10/0x10
[  130.281443][ T8269]  ? aa_sock_msg_perm+0x91/0x160
[  130.281470][ T8269]  ? __pfx_netlink_sendmsg+0x10/0x10
[  130.281486][ T8269]  __sock_sendmsg+0x221/0x270
[  130.281507][ T8269]  ____sys_sendmsg+0x53a/0x860
[  130.281531][ T8269]  ? __pfx_____sys_sendmsg+0x10/0x10
[  130.281545][ T8269]  ? __fget_files+0x2a/0x410
[  130.281569][ T8269]  ? __fget_files+0x2a/0x410
[  130.281597][ T8269]  __sys_sendmsg+0x269/0x350
[  130.281619][ T8269]  ? __pfx___sys_sendmsg+0x10/0x10
[  130.281647][ T8269]  ? do_sys_openat2+0x17a/0x1d0
[  130.281692][ T8269]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  130.281714][ T8269]  ? do_syscall_64+0x100/0x230
[  130.281735][ T8269]  ? do_syscall_64+0xb6/0x230
[  130.281756][ T8269]  do_syscall_64+0xf3/0x230
[  130.281774][ T8269]  ? clear_bhb_loop+0x35/0x90
[  130.281797][ T8269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.281814][ T8269] RIP: 0033:0x7f35a318d169
[  130.281829][ T8269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.281842][ T8269] RSP: 002b:00007f35a3f5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  130.281858][ T8269] RAX: ffffffffffffffda RBX: 00007f35a33a5fa0 RCX: 00007f35a318d169
[  130.281868][ T8269] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  130.281876][ T8269] RBP: 00007f35a3f5e090 R08: 0000000000000000 R09: 0000000000000000
[  130.281886][ T8269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.281895][ T8269] R13: 0000000000000000 R14: 00007f35a33a5fa0 R15: 00007ffd6c5aa6c8
[  130.281921][ T8269]  </TASK>
[  130.839235][ T8283] sctp: [Deprecated]: syz.3.635 (pid 8283) Use of struct sctp_assoc_value in delayed_ack socket option.
[  130.839235][ T8283] Use struct sctp_sack_info instead
[  131.273299][ T8303] netlink: 'syz.0.641': attribute type 4 has an invalid length.
[  132.845153][ T8311] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  132.864919][ T8317] FAULT_INJECTION: forcing a failure.
[  132.864919][ T8317] name failslab, interval 1, probability 0, space 0, times 0
[  132.896193][ T8317] CPU: 1 UID: 0 PID: 8317 Comm: syz.1.644 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  132.896218][ T8317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  132.896228][ T8317] Call Trace:
[  132.896233][ T8317]  <TASK>
[  132.896240][ T8317]  dump_stack_lvl+0x241/0x360
[  132.896267][ T8317]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.896285][ T8317]  ? __pfx__printk+0x10/0x10
[  132.896303][ T8317]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  132.896324][ T8317]  ? __pfx___might_resched+0x10/0x10
[  132.896347][ T8317]  should_fail_ex+0x40a/0x550
[  132.896374][ T8317]  should_failslab+0xac/0x100
[  132.896395][ T8317]  kmem_cache_alloc_node_noprof+0x77/0x380
[  132.896415][ T8317]  ? __alloc_skb+0x1c3/0x440
[  132.896435][ T8317]  __alloc_skb+0x1c3/0x440
[  132.896448][ T8317]  ? ____sys_sendmsg+0x53a/0x860
[  132.896467][ T8317]  ? __pfx___alloc_skb+0x10/0x10
[  132.896487][ T8317]  ? netlink_ack_tlv_len+0x6e/0x200
[  132.896509][ T8317]  netlink_ack+0x145/0xa60
[  132.896525][ T8317]  ? __pfx_lock_acquire+0x10/0x10
[  132.896544][ T8317]  ? __pfx_nl80211_new_interface+0x10/0x10
[  132.896565][ T8317]  ? __pfx___might_resched+0x10/0x10
[  132.896590][ T8317]  netlink_rcv_skb+0x294/0x480
[  132.896611][ T8317]  ? __pfx_genl_rcv_msg+0x10/0x10
[  132.896627][ T8317]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  132.896656][ T8317]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  132.896696][ T8317]  genl_rcv+0x28/0x40
[  132.896709][ T8317]  netlink_unicast+0x7f6/0x990
[  132.896733][ T8317]  ? __pfx_netlink_unicast+0x10/0x10
[  132.896748][ T8317]  ? __virt_addr_valid+0x45f/0x530
[  132.896764][ T8317]  ? __phys_addr_symbol+0x2f/0x70
[  132.896778][ T8317]  ? __check_object_size+0x47a/0x730
[  132.896802][ T8317]  netlink_sendmsg+0x8de/0xcb0
[  132.896834][ T8317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.896858][ T8317]  ? aa_sock_msg_perm+0x91/0x160
[  132.896886][ T8317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.896904][ T8317]  __sock_sendmsg+0x221/0x270
[  132.896926][ T8317]  ____sys_sendmsg+0x53a/0x860
[  132.896950][ T8317]  ? __pfx_____sys_sendmsg+0x10/0x10
[  132.896965][ T8317]  ? __fget_files+0x2a/0x410
[  132.896988][ T8317]  ? __fget_files+0x2a/0x410
[  132.897018][ T8317]  __sys_sendmsg+0x269/0x350
[  132.897040][ T8317]  ? __pfx___sys_sendmsg+0x10/0x10
[  132.897070][ T8317]  ? do_sys_openat2+0x17a/0x1d0
[  132.897116][ T8317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  132.897139][ T8317]  ? do_syscall_64+0x100/0x230
[  132.897161][ T8317]  ? do_syscall_64+0xb6/0x230
[  132.897181][ T8317]  do_syscall_64+0xf3/0x230
[  132.897197][ T8317]  ? clear_bhb_loop+0x35/0x90
[  132.897219][ T8317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.897237][ T8317] RIP: 0033:0x7fe89bb8d169
[  132.897250][ T8317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.897263][ T8317] RSP: 002b:00007fe89c935038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.897281][ T8317] RAX: ffffffffffffffda RBX: 00007fe89bda5fa0 RCX: 00007fe89bb8d169
[  132.897292][ T8317] RDX: 0000000024044884 RSI: 0000400000000300 RDI: 0000000000000003
[  132.897302][ T8317] RBP: 00007fe89c935090 R08: 0000000000000000 R09: 0000000000000000
[  132.897312][ T8317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.897321][ T8317] R13: 0000000000000000 R14: 00007fe89bda5fa0 R15: 00007ffda010ac18
[  132.897344][ T8317]  </TASK>
[  133.243608][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  133.498670][ T8336] __nla_validate_parse: 5 callbacks suppressed
[  133.498689][ T8336] netlink: 4 bytes leftover after parsing attributes in process `syz.1.646'.
[  133.596409][ T8347] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  133.652739][ T8352] netlink: 16 bytes leftover after parsing attributes in process `syz.0.653'.
[  133.680185][ T8347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.651'.
[  133.702371][ T8355] ipt_REJECT: ECHOREPLY no longer supported.
[  133.727308][ T8357] netlink: 416 bytes leftover after parsing attributes in process `syz.0.653'.
[  133.736699][ T8357] netlink: 104 bytes leftover after parsing attributes in process `syz.0.653'.
[  133.788565][ T8347] netlink: 'syz.3.651': attribute type 11 has an invalid length.
[  133.897958][ T8369] netlink: 'syz.1.655': attribute type 4 has an invalid length.
[  134.044888][ T8377] openvswitch: netlink: nsh attribute has 65504 unknown bytes.
[  134.080817][ T8377] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  134.136272][ T8384] netlink: 4 bytes leftover after parsing attributes in process `syz.1.659'.
[  134.138144][ T8377] netlink: 'syz.0.656': attribute type 29 has an invalid length.
[  134.179442][ T8377] netlink: 8 bytes leftover after parsing attributes in process `syz.0.656'.
[  134.216327][ T8377] netlink: 56 bytes leftover after parsing attributes in process `syz.0.656'.
[  135.019920][ T8431] netlink: 'syz.3.669': attribute type 4 has an invalid length.
[  135.370134][ T8376] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.381070][ T8376] netlink: 8 bytes leftover after parsing attributes in process `syz.2.658'.
[  135.405409][ T8376] netlink: 24 bytes leftover after parsing attributes in process `syz.2.658'.
[  135.570656][   T29] audit: type=1107 audit(1741531225.907:7): pid=8469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='Àï'
[  136.108968][ T3551] bond0 (unregistering): Released all slaves
[  136.122164][ T8492] netlink: 'syz.0.681': attribute type 4 has an invalid length.
[  138.202577][ T8586] netlink: 'syz.3.711': attribute type 12 has an invalid length.
[  139.399025][ T8629] __nla_validate_parse: 11 callbacks suppressed
[  139.399042][ T8629] netlink: 88 bytes leftover after parsing attributes in process `syz.0.725'.
[  139.542047][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.563860][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.609693][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.631457][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.672488][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.731241][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.744775][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.759961][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  139.801627][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  140.105636][ T8662] smc: net device bond0 applied user defined pnetid SYZ0
[  140.112959][ T8660] sctp: [Deprecated]: syz.3.735 (pid 8660) Use of int in max_burst socket option.
[  140.112959][ T8660] Use struct sctp_assoc_value instead
[  140.129244][ T8662] smc: net device bond0 erased user defined pnetid SYZ0
[  140.427115][ T8685] bond0: entered promiscuous mode
[  140.455124][ T8685] bond_slave_0: entered promiscuous mode
[  140.465537][ T8685] bond_slave_1: entered promiscuous mode
[  140.543620][ T8685] bond0: left promiscuous mode
[  140.562001][ T8685] bond_slave_0: left promiscuous mode
[  140.576874][ T8685] bond_slave_1: left promiscuous mode
[  140.734118][ T8707] IPv6: NLM_F_REPLACE set, but no existing node found!
[  140.754582][ T8708] netlink: 'syz.2.749': attribute type 1 has an invalid length.
[  140.769945][ T8708] netlink: 'syz.2.749': attribute type 3 has an invalid length.
[  140.784276][ T8707] tipc: Started in network mode
[  140.789810][ T8707] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  140.799607][ T8707] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  140.817755][ T8707] tipc: Enabled bearer <udp:syz1>, priority 10
[  140.826095][ T8711] netlink: 'syz.0.751': attribute type 5 has an invalid length.
[  140.875555][ T8713] netlink: 'syz.3.750': attribute type 18 has an invalid length.
[  141.334648][ T8733] netlink: 'syz.0.757': attribute type 4 has an invalid length.
[  141.373850][ T8733] netlink: 'syz.0.757': attribute type 4 has an invalid length.
[  141.373969][ T8737] netdevsim netdevsim3: Direct firmware load for /
[  141.373969][ T8737]  failed with error -2
[  141.401356][ T8737] netdevsim netdevsim3: Falling back to sysfs fallback for: /
[  141.401356][ T8737] 
[  141.698247][ T8744] hsr_slave_1 (unregistering): left promiscuous mode
[  141.905542][ T8748] macsec0: entered promiscuous mode
[  141.922413][ T8748] macsec0: entered allmulticast mode
[  141.940333][ T8748] openvswitch: netlink: Actions may not be safe on all matching packets
[  141.953446][ T8748] veth1_macvtap: entered allmulticast mode
[  141.961316][ T8748] macsec0: left promiscuous mode
[  141.970342][ T8748] macsec0: left allmulticast mode
[  141.975509][ T8748] veth1_macvtap: left allmulticast mode
[  142.012913][   T25] tipc: Node number set to 1
[  142.207027][ T8754] xt_CT: No such helper "pptp"
[  142.468559][ T8773] openvswitch: netlink: Key type 173 is out of range max 32
[  142.590009][ T8782] netlink: 'syz.4.776': attribute type 10 has an invalid length.
[  142.634115][ T8782] veth0_vlan: left promiscuous mode
[  142.659607][ T8782] veth0_vlan: entered promiscuous mode
[  142.673070][ T8782] team0: Device veth0_vlan failed to register rx_handler
[  142.781794][ T5884] IPVS: starting estimator thread 0...
[  142.813729][ T8791] bridge0: port 4(gretap0) entered blocking state
[  142.846259][ T8791] bridge0: port 4(gretap0) entered disabled state
[  142.864220][ T8791] gretap0: entered allmulticast mode
[  142.907568][ T8795] IPVS: using max 28 ests per chain, 67200 per kthread
[  142.910920][ T8791] gretap0: entered promiscuous mode
[  142.971504][ T8804] gretap0: left allmulticast mode
[  143.001771][ T8804] gretap0: left promiscuous mode
[  143.032451][ T8804] bridge0: port 4(gretap0) entered disabled state
[  144.185767][ T8874] netlink: 'syz.2.801': attribute type 4 has an invalid length.
[  144.358502][ T8886] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  144.432809][ T8886] batman_adv: batadv0: Removing interface: batadv_slave_1
[  144.479372][ T8895] netlink: 'syz.4.806': attribute type 10 has an invalid length.
[  144.874526][ T8913] bond0: option min_links: invalid value (18446744073038462990)
[  144.925448][ T8913] bond0: option min_links: allowed values 0 - 2147483647
[  144.950231][ T8913] __nla_validate_parse: 116 callbacks suppressed
[  144.950258][ T8913] netlink: 8 bytes leftover after parsing attributes in process `syz.4.811'.
[  145.026239][ T8918] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  145.273911][ T8930] netlink: 'syz.3.817': attribute type 1 has an invalid length.
[  145.330398][ T8926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.816'.
[  145.347091][ T8930] bond1: entered promiscuous mode
[  145.361017][ T8930] 8021q: adding VLAN 0 to HW filter on device bond1
[  145.393689][ T8930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.817'.
[  145.403784][ T8930] netlink: 4 bytes leftover after parsing attributes in process `syz.3.817'.
[  145.484277][ T8936] netlink: 52 bytes leftover after parsing attributes in process `syz.4.820'.
[  145.568525][ T8945] netlink: 19 bytes leftover after parsing attributes in process `syz.1.819'.
[  145.597888][ T8947] netlink: 56 bytes leftover after parsing attributes in process `syz.0.821'.
[  145.985801][ T8965] tipc: Started in network mode
[  145.990938][ T8965] tipc: Node identity 4ed7deed89f, cluster identity 4711
[  145.998693][ T8965] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  146.031756][ T8964] syz.2.829: vmalloc error: size 16781312, failed to allocated page array size 32776, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  146.063076][ T8964] CPU: 1 UID: 0 PID: 8964 Comm: syz.2.829 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  146.063101][ T8964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  146.063109][ T8964] Call Trace:
[  146.063114][ T8964]  <TASK>
[  146.063120][ T8964]  dump_stack_lvl+0x241/0x360
[  146.063144][ T8964]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.063157][ T8964]  ? __pfx__printk+0x10/0x10
[  146.063173][ T8964]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  146.063191][ T8964]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  146.063208][ T8964]  warn_alloc+0x278/0x410
[  146.063225][ T8964]  ? __pfx_warn_alloc+0x10/0x10
[  146.063244][ T8964]  ? xskq_create+0xb6/0x170
[  146.063262][ T8964]  ? __get_vm_area_node+0x1c8/0x2d0
[  146.063280][ T8964]  ? __get_vm_area_node+0x25c/0x2d0
[  146.063302][ T8964]  __vmalloc_node_range_noprof+0x62f/0x1380
[  146.063335][ T8964]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  146.063352][ T8964]  ? __kasan_kmalloc+0x98/0xb0
[  146.063370][ T8964]  vmalloc_user_noprof+0x74/0x80
[  146.063383][ T8964]  ? xskq_create+0xb6/0x170
[  146.063399][ T8964]  xskq_create+0xb6/0x170
[  146.063418][ T8964]  xsk_init_queue+0xa1/0x100
[  146.063446][ T8964]  xsk_setsockopt+0x560/0x810
[  146.063466][ T8964]  ? __pfx_xsk_setsockopt+0x10/0x10
[  146.063485][ T8964]  ? __pfx_aa_sk_perm+0x10/0x10
[  146.063506][ T8964]  ? __pfx_lock_acquire+0x10/0x10
[  146.063522][ T8964]  ? aa_sock_opt_perm+0x79/0x120
[  146.063544][ T8964]  ? __pfx_xsk_setsockopt+0x10/0x10
[  146.063562][ T8964]  do_sock_setsockopt+0x3af/0x720
[  146.063583][ T8964]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  146.063602][ T8964]  ? __fget_files+0x395/0x410
[  146.063620][ T8964]  ? __fget_files+0x2a/0x410
[  146.063646][ T8964]  __x64_sys_setsockopt+0x1ee/0x280
[  146.063666][ T8964]  do_syscall_64+0xf3/0x230
[  146.063684][ T8964]  ? clear_bhb_loop+0x35/0x90
[  146.063706][ T8964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.063724][ T8964] RIP: 0033:0x7f27a458d169
[  146.063739][ T8964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.063751][ T8964] RSP: 002b:00007f27a5314038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  146.063768][ T8964] RAX: ffffffffffffffda RBX: 00007f27a47a6080 RCX: 00007f27a458d169
[  146.063779][ T8964] RDX: 0000000000000003 RSI: 000000000000011b RDI: 0000000000000047
[  146.063788][ T8964] RBP: 00007f27a460e2a0 R08: 0000000000000004 R09: 0000000000000000
[  146.063797][ T8964] R10: 00004000000001c0 R11: 0000000000000246 R12: 0000000000000000
[  146.063807][ T8964] R13: 0000000000000000 R14: 00007f27a47a6080 R15: 00007ffd100af258
[  146.063831][ T8964]  </TASK>
[  146.063838][ T8964] Mem-Info:
[  146.333522][ T8964] active_anon:4178 inactive_anon:0 isolated_anon:0
[  146.333522][ T8964]  active_file:1444 inactive_file:38332 isolated_file:0
[  146.333522][ T8964]  unevictable:768 dirty:211 writeback:0
[  146.333522][ T8964]  slab_reclaimable:10562 slab_unreclaimable:100950
[  146.333522][ T8964]  mapped:28478 shmem:1464 pagetables:765
[  146.333522][ T8964]  sec_pagetables:0 bounce:0
[  146.333522][ T8964]  kernel_misc_reclaimable:0
[  146.333522][ T8964]  free:1335880 free_pcp:570 free_cma:0
[  146.385787][ T8964] Node 0 active_anon:16712kB inactive_anon:0kB active_file:5776kB inactive_file:153252kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:113912kB dirty:840kB writeback:0kB shmem:4320kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11080kB pagetables:3060kB sec_pagetables:0kB all_unreclaimable? no
[  146.437688][ T8964] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  146.472558][ T8964] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  146.570861][ T8964] lowmem_reserve[]: 0 2489 2490 0 0
[  146.586654][ T8964] Node 0 DMA32 free:1425236kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:16376kB inactive_anon:0kB active_file:5776kB inactive_file:152936kB unevictable:1536kB writepending:840kB present:3129332kB managed:2549728kB mlocked:0kB bounce:0kB free_pcp:1932kB local_pcp:1508kB free_cma:0kB
[  146.631111][ T8964] lowmem_reserve[]: 0 0 0 0 0
[  146.636125][ T8964] Node 0 Normal free:4kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:316kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  146.700586][ T8964] lowmem_reserve[]: 0 0 0 0 0
[  146.709933][ T8964] Node 1 Normal free:3903636kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  146.739621][ T8964] lowmem_reserve[]: 0 0 0 0 0
[  146.744379][ T8964] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  146.757945][ T8964] Node 0 DMA32: 221*4kB (UM) 271*8kB (ME) 152*16kB (ME) 866*32kB (UME) 509*64kB (UME) 274*128kB (UME) 148*256kB (UME) 65*512kB (UM) 24*1024kB (UM) 6*2048kB (UME) 297*4096kB (M) = 1425388kB
[  146.759384][ T8985] netlink: 'syz.0.832': attribute type 64 has an invalid length.
[  146.787950][ T8984] netlink: 96 bytes leftover after parsing attributes in process `syz.1.834'.
[  146.799677][ T8964] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  146.839325][ T8964] Node 1 Normal: 205*4kB (UME) 56*8kB (UME) 32*16kB (UME) 205*32kB (UME) 90*64kB (UME) 29*128kB (UME) 17*256kB (UME) 7*512kB (UME) 5*1024kB (UME) 1*2048kB (U) 945*4096kB (M) = 3903636kB
[  146.857266][ T8988] tap0: tun_chr_ioctl cmd 1074025677
[  146.863314][ T8988] tap0: linktype set to 6138
[  146.883010][ T8964] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  146.900023][ T8964] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  146.955579][ T8964] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  146.975497][ T8964] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  146.999374][ T8964] 41190 total pagecache pages
[  147.004107][ T8964] 0 pages in swap cache
[  147.022230][ T8964] Free swap  = 124996kB
[  147.033222][ T8964] Total swap = 124996kB
[  147.044124][ T8998] netlink: 'syz.3.837': attribute type 1 has an invalid length.
[  147.053408][ T8964] 2097051 pages RAM
[  147.067649][ T8964] 0 pages HighMem/MovableOnly
[  147.075491][ T8964] 427897 pages reserved
[  147.089906][ T8964] 0 pages cma reserved
[  147.115414][ T5839] tipc: Node number set to 3341278957
[  147.179615][ T8998] 8021q: adding VLAN 0 to HW filter on device bond2
[  147.277331][ T9001] 8021q: adding VLAN 0 to HW filter on device bond2
[  147.300178][ T9001] bond2: (slave vcan1): The slave device specified does not support setting the MAC address
[  147.322229][ T9001] bond2: (slave vcan1): Error -95 calling set_mac_address
[  147.372573][ T9006] tipc: New replicast peer: 0.0.0.0
[  147.379602][ T9006] tipc: Enabled bearer <udp:syz2>, priority 10
[  147.403390][ T8964] tipc: Disabling bearer <eth:syzkaller0>
[  147.821611][ T9046] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[  148.076328][ T9061] netlink: 'syz.1.851': attribute type 4 has an invalid length.
[  148.133658][ T9064] netlink: 'syz.1.851': attribute type 4 has an invalid length.
[  148.318944][ T9071] netlink: 596 bytes leftover after parsing attributes in process `syz.3.853'.
[  148.495060][ T9078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.855'.
[  149.332260][ T9109] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  149.409578][ T9105] syzkaller0: entered promiscuous mode
[  149.415112][ T9105] syzkaller0: entered allmulticast mode
[  149.448305][ T9119] netlink: 'syz.1.868': attribute type 10 has an invalid length.
[  149.456396][ T9121] netlink: 'syz.4.865': attribute type 15 has an invalid length.
[  149.467829][ T9115] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  149.509948][ T9119] team0: Port device wlan1 added
[  149.534672][ T9112] vlan0: entered promiscuous mode
[  151.849253][ T9174] __nla_validate_parse: 4 callbacks suppressed
[  151.849270][ T9174] netlink: 28 bytes leftover after parsing attributes in process `syz.2.880'.
[  152.443278][ T9197] bridge_slave_0: left allmulticast mode
[  152.449150][ T9197] bridge_slave_0: left promiscuous mode
[  152.455036][ T9197] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.472126][ T9197] bridge_slave_1: left allmulticast mode
[  152.478363][ T9197] bridge_slave_1: left promiscuous mode
[  152.484624][ T9199] netlink: 'syz.0.886': attribute type 10 has an invalid length.
[  152.496368][ T9197] bridge3: port 1(bridge_slave_1) entered disabled state
[  152.525099][ T9197] bond0: (slave bond_slave_0): Releasing backup interface
[  152.568415][ T9197] bond0: (slave bond_slave_1): Releasing backup interface
[  152.613633][ T9197] team0: Port device team_slave_0 removed
[  152.621147][ T9209] Cannot find add_set index 3 as target
[  152.639821][ T9208] trusted_key: syz.2.890 sent an empty control message without MSG_MORE.
[  152.661345][ T9197] team0: Port device team_slave_1 removed
[  152.692568][ T9197] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.719393][ T9197] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.723564][ T9216] netlink: 12 bytes leftover after parsing attributes in process `syz.0.886'.
[  152.759637][ T9197] bond1: left allmulticast mode
[  152.764556][ T9197] bond1: left promiscuous mode
[  152.771594][ T9197] bridge0: port 3(bond1) entered disabled state
[  152.843018][ T9199] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  152.910003][ T9212] tun0: tun_chr_ioctl cmd 2147767520
[  152.979360][ T9215] lo: entered allmulticast mode
[  153.000663][ T9215] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  153.104509][ T9226] team0: Port device wlan1 removed
[  153.583787][ T9239] team0: Unable to change to the same mode the team is in
[  153.603529][ T9251] Bluetooth: MGMT ver 1.23
[  153.742735][ T9258] netlink: 4 bytes leftover after parsing attributes in process `syz.4.904'.
[  153.773757][ T9259] netlink: 12 bytes leftover after parsing attributes in process `syz.4.904'.
[  153.851861][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.1.905'.
[  153.940555][ T9274] netlink: 4 bytes leftover after parsing attributes in process `syz.0.906'.
[  153.950178][ T9273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.906'.
[  153.992933][ T9276] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  154.034658][ T9276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.909'.
[  154.051910][ T9278] xt_CT: No such helper "snmp"
[  154.377805][ T9299] bridge0: port 1(macsec1) entered blocking state
[  154.384615][ T9299] bridge0: port 1(macsec1) entered disabled state
[  154.397910][ T9299] macsec1: entered allmulticast mode
[  154.404430][ T9299] bridge0: entered allmulticast mode
[  154.426273][ T9299] macsec1: left allmulticast mode
[  154.433183][ T9299] bridge0: left allmulticast mode
[  154.471314][ T9305] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6)
[  154.495177][ T9305] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6)
[  154.600693][ T9311] xt_CT: You must specify a L4 protocol and not use inversions on it
[  154.626914][ T9314] netlink: 4 bytes leftover after parsing attributes in process `syz.3.919'.
[  154.850300][ T9326] netlink: 'syz.3.922': attribute type 11 has an invalid length.
[  154.866699][ T9326] netlink: 220 bytes leftover after parsing attributes in process `syz.3.922'.
[  155.115411][ T9343] delete_channel: no stack
[  155.148895][ T9343] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  155.813137][ T9382] netlink: 'syz.3.934': attribute type 1 has an invalid length.
[  156.214985][ T9395] ieee802154 phy1 wpan1: encryption failed: -22
[  156.302342][ T9395] bridge_slave_1: entered promiscuous mode
[  156.423329][ T9406] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma?
[  156.516294][ T9410] netlink: 'syz.4.940': attribute type 10 has an invalid length.
[  156.544744][ T9410] veth1_macvtap: left promiscuous mode
[  156.561683][ T9410] team0: Device veth1_macvtap failed to register rx_handler
[  156.732909][ T9384] bridge_slave_1: left promiscuous mode
[  156.852973][ T9424] nbd: must specify an index to disconnect
[  157.046085][ T9431] __nla_validate_parse: 8 callbacks suppressed
[  157.046102][ T9431] netlink: 20 bytes leftover after parsing attributes in process `syz.3.946'.
[  157.226721][ T9436] netlink: 'syz.3.949': attribute type 2 has an invalid length.
[  157.418230][ T9439] sctp: [Deprecated]: syz.3.950 (pid 9439) Use of int in max_burst socket option.
[  157.418230][ T9439] Use struct sctp_assoc_value instead
[  157.476257][ T9439] netlink: 28 bytes leftover after parsing attributes in process `syz.3.950'.
[  157.485560][ T9439] netlink: 28 bytes leftover after parsing attributes in process `syz.3.950'.
[  157.778668][ T9449] SET target dimension over the limit!
[  157.849850][ T9449] xt_CT: No such helper "snmp"
[  158.332187][ T9478] netlink: 4 bytes leftover after parsing attributes in process `syz.2.956'.
[  158.341982][ T9478] netlink: 17 bytes leftover after parsing attributes in process `syz.2.956'.
[  158.378896][ T9482] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[  158.778583][ T9480] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  158.787723][ T9480] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  158.796336][ T9480] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  158.845790][ T9480] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 20000 - 0
[  158.871622][ T9480] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 6081 - 0
[  158.895364][ T9480] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 6081 - 0
[  158.913990][ T9480] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 6081 - 0
[  158.938988][ T9480] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 6081 - 0
[  159.206926][ T9486] x_tables: unsorted underflow at hook 3
[  159.847142][ T9528] syz_tun: entered allmulticast mode
[  160.151809][ T9549] netlink: 'syz.0.980': attribute type 1 has an invalid length.
[  160.190524][ T9554] Cannot find del_set index 65533 as target
[  161.263987][ T9610] openvswitch: netlink: ufid size 1496 bytes exceeds the range (1, 16)
[  161.358792][ T9615] netlink: 32 bytes leftover after parsing attributes in process `syz.1.999'.
[  161.374668][ T9615] netlink: 7 bytes leftover after parsing attributes in process `syz.1.999'.
[  161.396348][ T9616] sctp: [Deprecated]: syz.0.998 (pid 9616) Use of struct sctp_assoc_value in delayed_ack socket option.
[  161.396348][ T9616] Use struct sctp_sack_info instead
[  161.428364][ T9615] ip6tnl2: entered promiscuous mode
[  161.442108][ T9615] ip6tnl2: entered allmulticast mode
[  161.500197][ T9615] team0: Device ip6tnl2 is up. Set it down before adding it as a team port
[  162.170721][ T9651] netlink: 'syz.2.1004': attribute type 10 has an invalid length.
[  162.220429][ T9651] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1004'.
[  162.286331][ T9651] veth0_vlan: left promiscuous mode
[  162.326303][ T9651] veth0_vlan: entered promiscuous mode
[  162.367482][ T9651] veth0_vlan: entered allmulticast mode
[  162.404582][ T9651] bridge0: port 4(veth0_vlan) entered blocking state
[  162.428162][ T9651] bridge0: port 4(veth0_vlan) entered disabled state
[  162.441579][ T9665] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1007'.
[  162.464176][ T9651] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  162.522589][ T9653] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1006'.
[  162.885858][ T5844] Bluetooth: hci0: command 0x0c20 tx timeout
[  162.984289][ T9684] ip6erspan0: entered promiscuous mode
[  163.203219][ T9694] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1015'.
[  163.283977][ T9697] x_tables: duplicate underflow at hook 2
[  163.344865][ T9700] netlink: 'syz.3.1015': attribute type 10 has an invalid length.
[  163.396629][ T9700] bridge0: entered promiscuous mode
[  163.406796][ T9702] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1015'.
[  163.421654][ T9700] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  163.451883][ T9705] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1017'.
[  163.480621][ T9705] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1017'.
[  163.500782][ T9702] bond0: (slave bridge0): Releasing backup interface
[  163.511332][ T9702] bridge0 (unregistering): left promiscuous mode
[  163.912372][ T9717] batadv_slave_1: entered promiscuous mode
[  163.945444][ T9717] batadv_slave_1: entered allmulticast mode
[  163.952165][ T9717] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  164.014695][ T9727] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[  164.088698][ T9730] syzkaller1: entered promiscuous mode
[  164.094346][ T9730] syzkaller1: entered allmulticast mode
[  164.121182][ T9733] RDS: rds_bind could not find a transport for ::ffff:172.30.1.5, load rds_tcp or rds_rdma?
[  164.129400][ T9734] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.1025'.
[  164.298983][ T9745] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1029'.
[  164.350462][ T9741] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  164.364625][ T9741] CPU: 0 UID: 0 PID: 9741 Comm: syz.3.1028 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  164.364652][ T9741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.364663][ T9741] Call Trace:
[  164.364669][ T9741]  <TASK>
[  164.364678][ T9741]  dump_stack_lvl+0x241/0x360
[  164.364706][ T9741]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.364726][ T9741]  ? __pfx__printk+0x10/0x10
[  164.364750][ T9741]  ? __kmalloc_cache_noprof+0x243/0x390
[  164.364772][ T9741]  ? sysfs_warn_dup+0x51/0xa0
[  164.364797][ T9741]  sysfs_warn_dup+0x8e/0xa0
[  164.364817][ T9741]  sysfs_do_create_link_sd+0xbe/0x110
[  164.364841][ T9741]  device_add_class_symlinks+0x1c5/0x250
[  164.364869][ T9741]  device_add+0x553/0xbf0
[  164.364900][ T9741]  wiphy_register+0x1922/0x2650
[  164.364936][ T9741]  ? __pfx_wiphy_register+0x10/0x10
[  164.364954][ T9741]  ? minstrel_ht_alloc+0x84b/0x940
[  164.364986][ T9741]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  164.365015][ T9741]  ieee80211_register_hw+0x35d9/0x42e0
[  164.365053][ T9741]  ? ieee80211_register_hw+0x15f1/0x42e0
[  164.365085][ T9741]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  164.365120][ T9741]  ? __asan_memset+0x23/0x50
[  164.365137][ T9741]  ? __hrtimer_init+0x170/0x250
[  164.365160][ T9741]  mac80211_hwsim_new_radio+0x2a89/0x49f0
[  164.365215][ T9741]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  164.365236][ T9741]  ? trace_kmalloc+0x1f/0xd0
[  164.365256][ T9741]  ? __kmalloc_node_track_caller_noprof+0x2a8/0x4c0
[  164.365283][ T9741]  ? kstrndup+0xbb/0x150
[  164.365314][ T9741]  hwsim_new_radio_nl+0xece/0x2290
[  164.365345][ T9741]  ? __pfx___nla_validate_parse+0x10/0x10
[  164.365367][ T9741]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  164.365425][ T9741]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  164.365453][ T9741]  genl_rcv_msg+0xb1f/0xec0
[  164.365481][ T9741]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.365531][ T9741]  ? __pfx_lock_acquire+0x10/0x10
[  164.365555][ T9741]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  164.365577][ T9741]  ? __pfx___might_resched+0x10/0x10
[  164.365607][ T9741]  netlink_rcv_skb+0x206/0x480
[  164.365635][ T9741]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.365654][ T9741]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  164.365705][ T9741]  genl_rcv+0x28/0x40
[  164.365719][ T9741]  netlink_unicast+0x7f6/0x990
[  164.365748][ T9741]  ? __pfx_netlink_unicast+0x10/0x10
[  164.365765][ T9741]  ? __virt_addr_valid+0x45f/0x530
[  164.365782][ T9741]  ? __phys_addr_symbol+0x2f/0x70
[  164.365796][ T9741]  ? __check_object_size+0x47a/0x730
[  164.365821][ T9741]  netlink_sendmsg+0x8de/0xcb0
[  164.365855][ T9741]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.365881][ T9741]  ? aa_sock_msg_perm+0x91/0x160
[  164.365909][ T9741]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.365928][ T9741]  __sock_sendmsg+0x221/0x270
[  164.365952][ T9741]  ____sys_sendmsg+0x53a/0x860
[  164.365978][ T9741]  ? __pfx_____sys_sendmsg+0x10/0x10
[  164.365993][ T9741]  ? __fget_files+0x2a/0x410
[  164.366017][ T9741]  ? __fget_files+0x2a/0x410
[  164.366048][ T9741]  __sys_sendmsg+0x269/0x350
[  164.366065][ T9741]  ? __pfx_futex_wake+0x10/0x10
[  164.366092][ T9741]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.366153][ T9741]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  164.366178][ T9741]  ? do_syscall_64+0x100/0x230
[  164.366200][ T9741]  ? do_syscall_64+0xb6/0x230
[  164.366221][ T9741]  do_syscall_64+0xf3/0x230
[  164.366240][ T9741]  ? clear_bhb_loop+0x35/0x90
[  164.366263][ T9741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.366284][ T9741] RIP: 0033:0x7f65f198d169
[  164.366299][ T9741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.366312][ T9741] RSP: 002b:00007f65f28d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.366331][ T9741] RAX: ffffffffffffffda RBX: 00007f65f1ba5fa0 RCX: 00007f65f198d169
[  164.366344][ T9741] RDX: 0000000000000800 RSI: 0000400000000100 RDI: 000000000000000b
[  164.366354][ T9741] RBP: 00007f65f1a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  164.366365][ T9741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.366375][ T9741] R13: 0000000000000000 R14: 00007f65f1ba5fa0 R15: 00007ffe547d9d18
[  164.366401][ T9741]  </TASK>
[  165.028100][ T9764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1035'.
[  165.039142][ T9754] syzkaller1: tun_chr_ioctl cmd 1074025677
[  165.045076][ T9754] syzkaller1: Refused to change device type
[  165.054062][ T9754] netlink: 'syz.3.1031': attribute type 1 has an invalid length.
[  165.467943][ T9794] netlink: 'syz.3.1044': attribute type 1 has an invalid length.
[  165.581751][ T9800] bond3: entered promiscuous mode
[  165.603297][ T9800] bond3: entered allmulticast mode
[  165.654337][ T9800] 8021q: adding VLAN 0 to HW filter on device bond3
[  165.733440][ T9810] 8021q: adding VLAN 0 to HW filter on device batadv1
[  165.751657][ T9810] batadv1: entered promiscuous mode
[  165.796807][ T9810] batadv1: entered allmulticast mode
[  165.805962][ T3551] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  165.827370][ T9810] bond3: (slave batadv1): Enslaving as an active interface with an up link
[  165.839077][ T9817] ieee802154 phy1 wpan1: encryption failed: -90
[  165.944232][ T3551] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  166.452898][ T9845] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  166.520855][ T9845] netlink: 'syz.3.1060': attribute type 4 has an invalid length.
[  166.711788][ T9870] xt_hashlimit: overflow, try lower: 0/0
[  166.724469][ T9870] netlink: 'syz.1.1065': attribute type 15 has an invalid length.
[  166.910662][ T9878] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  166.933410][ T9880] netlink: 'syz.0.1069': attribute type 1 has an invalid length.
[  166.938450][ T9878] netlink: 'syz.1.1067': attribute type 3 has an invalid length.
[  167.144417][ T9890] netdevsim netdevsim3 ÿÿÿÿÿÿ: renamed from netdevsim0
[  167.417116][ T9910] netlink: 'syz.2.1078': attribute type 4 has an invalid length.
[  167.421417][ T9897] syzkaller0: entered allmulticast mode
[  167.425005][ T9910] __nla_validate_parse: 4 callbacks suppressed
[  167.425018][ T9910] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1078'.
[  169.450290][ T9945] netlink: 'syz.2.1087': attribute type 1 has an invalid length.
[  169.472510][ T9950] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-™ú:‡/": -EINTR
[  169.491742][ T9951] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-™ú:‡/": -EINTR
[  169.638301][ T9963] netlink: 'syz.2.1091': attribute type 4 has an invalid length.
[  169.696499][ T9963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1091'.
[  169.879228][ T9977] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1097'.
[  169.942610][ T9979] bridge_slave_0: mtu less than device minimum
[  169.992784][ T9977] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1097'.
[  170.028070][ T9985] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1100'.
[  170.089733][ T9987] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1101'.
[  170.136723][ T9989] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1102'.
[  170.346293][T10001] netlink: 'syz.2.1106': attribute type 4 has an invalid length.
[  170.363675][T10001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1106'.
[  170.612661][T10016] vlan3: entered allmulticast mode
[  170.798000][T10023] syzkaller0: entered promiscuous mode
[  170.811287][T10023] syzkaller0: entered allmulticast mode
[  170.982005][T10037] netlink: 'syz.3.1118': attribute type 4 has an invalid length.
[  170.995449][T10037] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1118'.
[  172.771212][T10039] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1119'.
[  173.274099][T10061] netlink: 'syz.4.1124': attribute type 3 has an invalid length.
[  173.301213][T10061] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1124'.
[  173.412776][T10065] 8021q: adding VLAN 0 to HW filter on device bond1
[  173.439042][T10069] netlink: 'syz.3.1128': attribute type 1 has an invalid length.
[  173.465695][T10065] bond0: (slave bond1): Enslaving as an active interface with an up link
[  173.607783][T10072] netlink: 'syz.3.1129': attribute type 4 has an invalid length.
[  173.634637][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1129'.
[  173.653765][T10076] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1130'.
[  173.794238][T10064] netlink: 'syz.1.1126': attribute type 13 has an invalid length.
[  173.854678][T10084] dvmrp0: entered allmulticast mode
[  173.865060][T10084] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1134'.
[  173.930499][T10090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1136'.
[  174.362940][T10111] wireguard0: entered promiscuous mode
[  174.373011][T10111] wireguard0: entered allmulticast mode
[  174.409267][T10118] netlink: 'syz.2.1143': attribute type 4 has an invalid length.
[  174.456902][T10118] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1143'.
[  174.727378][T10124] delete_channel: no stack
[  174.733705][T10127] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1146'.
[  174.772519][T10127] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1146'.
[  174.863902][T10137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1148'.
[  175.126122][T10149] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  175.141699][T10145] netlink: 'syz.1.1149': attribute type 32 has an invalid length.
[  175.445740][ T5842] Bluetooth: hci4: command 0x0401 tx timeout
[  175.599739][T10174] bridge_slave_0: left allmulticast mode
[  175.605978][T10174] bridge_slave_0: left promiscuous mode
[  175.611866][T10174] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.922255][T10174] bridge_slave_1: left allmulticast mode
[  175.939433][T10174] bridge_slave_1: left promiscuous mode
[  175.973859][T10174] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.137470][T10174] bond0: (slave bond_slave_0): Releasing backup interface
[  176.195901][T10174] bond0: (slave bond_slave_1): Releasing backup interface
[  176.238899][T10174] team0: Port device team_slave_0 removed
[  176.241219][T10186] netlink: 'syz.1.1158': attribute type 10 has an invalid length.
[  176.265000][T10174] team0: Port device team_slave_1 removed
[  176.271321][T10174] batman_adv: batadv0: Removing interface: batadv_slave_0
[  176.281370][T10174] vlan2: left allmulticast mode
[  176.293083][T10174] vlan2: left promiscuous mode
[  176.326313][T10174] bridge0: port 3(vlan2) entered disabled state
[  176.349736][T10174] bond0: (slave bond1): Releasing backup interface
[  176.377131][T10178] team0: Mode changed to "loadbalance"
[  176.437665][T10186] team0: Port device bridge0 added
[  176.676453][T10195] netlink: 'syz.0.1162': attribute type 1 has an invalid length.
[  177.489312][T10219] netlink: 'syz.0.1166': attribute type 1 has an invalid length.
[  177.991506][T10227] __nla_validate_parse: 9 callbacks suppressed
[  177.991525][T10227] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1169'.
[  178.285874][T10242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1173'.
[  178.420166][T10245] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1174'.
[  178.455477][T10245] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1174'.
[  178.554584][T10106] Set syz1 is full, maxelem 65536 reached
[  178.632145][T10255] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1179'.
[  178.747402][T10263] ip6tnl2: entered promiscuous mode
[  178.752684][T10263] ip6tnl2: entered allmulticast mode
[  178.807743][T10266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1181'.
[  178.947159][T10271] macsec1: entered allmulticast mode
[  178.966101][T10271] macvlan0: entered allmulticast mode
[  178.988163][T10271] macvlan0: left allmulticast mode
[  179.019887][T10279] vlan3: entered allmulticast mode
[  179.032287][T10279] hsr0: entered allmulticast mode
[  179.039563][T10279] hsr_slave_0: entered allmulticast mode
[  179.052065][T10279] hsr_slave_1: entered allmulticast mode
[  179.069572][T10279] hsr0: left allmulticast mode
[  179.074565][T10279] hsr_slave_0: left allmulticast mode
[  179.083516][T10279] hsr_slave_1: left allmulticast mode
[  179.090011][T10285] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  179.108819][T10281] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1185'.
[  179.121005][T10285] netlink: 'syz.3.1188': attribute type 21 has an invalid length.
[  179.129844][T10285] IPv6: NLM_F_CREATE should be specified when creating new route
[  179.150272][T10285] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  179.157546][T10285] IPv6: NLM_F_CREATE should be set when creating new route
[  179.164833][T10285] IPv6: NLM_F_CREATE should be set when creating new route
[  179.172080][T10285] IPv6: NLM_F_CREATE should be set when creating new route
[  179.200883][T10278] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1185'.
[  179.223526][T10279] vlan3: entered allmulticast mode
[  179.235548][T10279] hsr0: entered allmulticast mode
[  179.240677][T10279] hsr_slave_0: entered allmulticast mode
[  179.256843][T10279] hsr_slave_1: entered allmulticast mode
[  179.279232][T10279] hsr0: left allmulticast mode
[  179.284132][T10279] hsr_slave_0: left allmulticast mode
[  179.295938][T10279] hsr_slave_1: left allmulticast mode
[  179.414615][T10299] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.1191'.
[  179.730460][T10319] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1199'.
[  179.752380][T10319] netlink: 'syz.1.1199': attribute type 4 has an invalid length.
[  179.962157][T10324] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  180.035480][T10324] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  180.360368][T10342] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  180.369409][T10342] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  180.378339][T10342] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  180.387122][T10342] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  180.402777][T10342] vxlan0: entered promiscuous mode
[  180.411801][T10342] vxlan0: entered allmulticast mode
[  180.842811][T10356] bridge3: left promiscuous mode
[  180.858343][T10356] bridge3: left allmulticast mode
[  180.888650][T10356] gretap1: left promiscuous mode
[  180.893720][T10356] gretap1: left allmulticast mode
[  180.952029][T10361] netlink: 'syz.1.1211': attribute type 21 has an invalid length.
[  180.966736][T10361] netlink: 'syz.1.1211': attribute type 5 has an invalid length.
[  181.000562][T10361] netlink: 'syz.1.1211': attribute type 6 has an invalid length.
[  182.013458][T10406] bond0: option mode: unable to set because the bond device has slaves
[  182.694660][T10431] netlink: 'syz.2.1227': attribute type 1 has an invalid length.
[  184.811421][T10484] __nla_validate_parse: 11 callbacks suppressed
[  184.811440][T10484] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1235'.
[  185.368828][T10519] IPVS: Scheduler module ip_vs_sip not found
[  186.230152][T10549] netlink: 'syz.3.1252': attribute type 1 has an invalid length.
[  186.296912][T10554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1256'.
[  186.312329][T10549] bond4: (slave gretap1): making interface the new active one
[  186.322549][T10549] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  186.340798][T10548] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (6)
[  186.409194][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  186.411027][ T5849] Bluetooth: hci2: command 0x0406 tx timeout
[  186.415341][ T5150] Bluetooth: hci1: command 0x0406 tx timeout
[  186.421625][ T5845] Bluetooth: hci0: command 0x0c20 tx timeout
[  186.693489][T10575] netlink: 312 bytes leftover after parsing attributes in process `syz.1.1263'.
[  186.723040][T10577] x_tables: duplicate underflow at hook 3
[  186.777751][T10580] netlink: 'syz.1.1265': attribute type 29 has an invalid length.
[  186.785923][T10580] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1265'.
[  186.832390][T10582] syzkaller1: entered promiscuous mode
[  186.845054][T10582] syzkaller1: entered allmulticast mode
[  187.193270][T10602] netlink: 4344 bytes leftover after parsing attributes in process `syz.4.1271'.
[  187.830240][T10621] vlan2: entered promiscuous mode
[  187.859147][T10621] netlink: 'syz.0.1277': attribute type 10 has an invalid length.
[  188.128596][T10644] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1286'.
[  188.241564][T10647] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1288'.
[  188.265743][T10647] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1288'.
[  188.293818][T10649] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1287'.
[  188.316454][T10645] smc: net device bond0 applied user defined pnetid SYZ2
[  188.333285][T10645] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ2
[  188.503980][T10663] netlink: 'syz.3.1291': attribute type 8 has an invalid length.
[  188.991202][T10687] --map-set only usable from mangle table
[  188.999992][T10689] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1300'.
[  189.114498][T10689] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.137998][T10689] 8021q: adding VLAN 0 to HW filter on device team0
[  189.149197][T10689] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  189.781899][T10722] RDS: rds_bind could not find a transport for ::aaaa:aaaa:8005:0:40:0, load rds_tcp or rds_rdma?
[  189.855840][T10726] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1310'.
[  189.880429][T10725] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  189.906881][T10726] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1310'.
[  190.287137][ T5839] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  190.575119][T10744] xt_CT: No such helper "pptp"
[  190.652195][T10447] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  190.757119][T10750] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  190.769836][T10754] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  190.795739][T10750] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1317'.
[  190.801864][T10755] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  190.818455][T10755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1318'.
[  190.846845][T10756] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1315'.
[  190.905620][ T5839] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  190.955993][T10763] netlink: 'syz.4.1315': attribute type 11 has an invalid length.
[  190.998595][T10760] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1320'.
[  191.126747][T10775] netlink: 'syz.0.1325': attribute type 4 has an invalid length.
[  191.139159][T10775] netlink: 'syz.0.1325': attribute type 4 has an invalid length.
[  191.339944][T10786] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1326'.
[  191.351871][T10786] sock: sock_timestamping_bind_phc: sock not bind to device
[  191.362526][T10786] ieee802154 phy1 wpan1: encryption failed: -22
[  191.545263][T10801] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1333'.
[  191.686924][T10451] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  191.707104][T10451] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  191.869077][T10807] netlink: 'syz.4.1335': attribute type 2 has an invalid length.
[  191.907260][T10807] Tq€: entered promiscuous mode
[  192.073567][T10824] lo: left allmulticast mode
[  192.111633][T10824] batadv_slave_1: left promiscuous mode
[  192.122120][T10824] batadv_slave_1: left allmulticast mode
[  192.139658][T10824] vlan0: left promiscuous mode
[  192.146454][T10824] ip6gre1: left promiscuous mode
[  192.152896][T10831] netlink: 1004 bytes leftover after parsing attributes in process `syz.4.1343'.
[  192.163174][T10824] netdevsim netdevsim3 ÿÿÿÿÿÿ: unset [0, 0] type 1 family 0 port 8472 - 0
[  192.172550][T10824] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  192.181612][T10824] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  192.190637][T10824] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  192.208101][ T5839] IPVS: starting estimator thread 0...
[  192.220277][T10824] bond1: left promiscuous mode
[  192.230735][T10824] bond3: left promiscuous mode
[  192.241058][T10824] batadv1: left promiscuous mode
[  192.246743][T10824] bond3: left allmulticast mode
[  192.251943][T10824] batadv1: left allmulticast mode
[  192.295653][T10834] IPVS: using max 23 ests per chain, 55200 per kthread
[  192.461805][T10843] netlink: 'syz.4.1345': attribute type 1 has an invalid length.
[  192.526794][T10843] 8021q: adding VLAN 0 to HW filter on device bond3
[  192.646790][ T5839] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  192.708087][T10859] bond3: (slave veth3): Enslaving as an active interface with a down link
[  192.778162][T10843] bond3: (slave ip6erspan0): making interface the new active one
[  192.788499][T10843] ip6erspan0: entered promiscuous mode
[  192.794350][T10843] bond3: (slave ip6erspan0): Enslaving as an active interface with an up link
[  192.834906][T10869] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1352'.
[  192.992028][T10876] netlink: 'syz.4.1356': attribute type 1 has an invalid length.
[  193.247674][T10883] sctp: [Deprecated]: syz.0.1349 (pid 10883) Use of struct sctp_assoc_value in delayed_ack socket option.
[  193.247674][T10883] Use struct sctp_sack_info instead
[  193.835162][T10909] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.864036][T10908] openvswitch: netlink: Message has 8 unknown bytes.
[  193.959824][T10908] netlink: 'syz.4.1365': attribute type 12 has an invalid length.
[  194.107694][T10923] netlink: 'syz.0.1368': attribute type 1 has an invalid length.
[  194.300358][T10934] macsec0: entered allmulticast mode
[  194.568646][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  195.050385][ T5847] Bluetooth: hci4: command 0x0401 tx timeout
[  195.144693][T10996] __nla_validate_parse: 5 callbacks suppressed
[  195.144714][T10996] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1384'.
[  195.402895][T11012] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1391'.
[  195.517584][T11016] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1389'.
[  195.560005][T11016] netlink: 192 bytes leftover after parsing attributes in process `syz.2.1389'.
[  195.753514][T11028] netlink: 'syz.1.1393': attribute type 15 has an invalid length.
[  195.845576][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  196.241107][T11039] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1398'.
[  196.622260][T11058] warn_alloc: 1 callbacks suppressed
[  196.622279][T11058] syz.3.1402: vmalloc error: size 33558528, failed to allocated page array size 65544, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  196.636837][T11064] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1404'.
[  196.661589][T11058] ,cpuset=/,mems_allowed=0-1
[  196.671742][T11058] CPU: 1 UID: 0 PID: 11058 Comm: syz.3.1402 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  196.671766][T11058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  196.671777][T11058] Call Trace:
[  196.671783][T11058]  <TASK>
[  196.671790][T11058]  dump_stack_lvl+0x241/0x360
[  196.671827][T11058]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.671845][T11058]  ? __pfx__printk+0x10/0x10
[  196.671866][T11058]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  196.671887][T11058]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  196.671910][T11058]  warn_alloc+0x278/0x410
[  196.671932][T11058]  ? __pfx_warn_alloc+0x10/0x10
[  196.671956][T11058]  ? xskq_create+0xb6/0x170
[  196.671977][T11058]  ? __get_vm_area_node+0x1c8/0x2d0
[  196.671999][T11058]  ? __get_vm_area_node+0x25c/0x2d0
[  196.672027][T11058]  __vmalloc_node_range_noprof+0x62f/0x1380
[  196.672072][T11058]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  196.672093][T11058]  ? __kasan_kmalloc+0x98/0xb0
[  196.672116][T11058]  vmalloc_user_noprof+0x74/0x80
[  196.672139][T11058]  ? xskq_create+0xb6/0x170
[  196.672160][T11058]  xskq_create+0xb6/0x170
[  196.672184][T11058]  xsk_init_queue+0xa1/0x100
[  196.672207][T11058]  xsk_setsockopt+0x560/0x810
[  196.672230][T11058]  ? __pfx_xsk_setsockopt+0x10/0x10
[  196.672251][T11058]  ? __pfx_aa_sk_perm+0x10/0x10
[  196.672276][T11058]  ? __pfx_lock_acquire+0x10/0x10
[  196.672296][T11058]  ? aa_sock_opt_perm+0x79/0x120
[  196.672322][T11058]  ? __pfx_xsk_setsockopt+0x10/0x10
[  196.672343][T11058]  do_sock_setsockopt+0x3af/0x720
[  196.672366][T11058]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  196.672385][T11058]  ? __fget_files+0x395/0x410
[  196.672406][T11058]  ? __fget_files+0x2a/0x410
[  196.672435][T11058]  __x64_sys_setsockopt+0x1ee/0x280
[  196.672459][T11058]  do_syscall_64+0xf3/0x230
[  196.672478][T11058]  ? clear_bhb_loop+0x35/0x90
[  196.672502][T11058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.672522][T11058] RIP: 0033:0x7f65f198d169
[  196.672542][T11058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.672556][T11058] RSP: 002b:00007f65f28b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  196.672575][T11058] RAX: ffffffffffffffda RBX: 00007f65f1ba6080 RCX: 00007f65f198d169
[  196.672588][T11058] RDX: 0000000000000003 RSI: 000000000000011b RDI: 0000000000000003
[  196.672598][T11058] RBP: 00007f65f1a0e2a0 R08: 0000000000000004 R09: 0000000000000000
[  196.672609][T11058] R10: 00004000000001c0 R11: 0000000000000246 R12: 0000000000000000
[  196.672619][T11058] R13: 0000000000000001 R14: 00007f65f1ba6080 R15: 00007ffe547d9d18
[  196.672646][T11058]  </TASK>
[  196.672653][T11058] Mem-Info:
[  196.718995][T11064] dummy0: entered promiscuous mode
[  196.727658][T11058] active_anon:5470 inactive_anon:0 isolated_anon:0
[  196.727658][T11058]  active_file:1512 inactive_file:38354 isolated_file:0
[  196.727658][T11058]  unevictable:768 dirty:199 writeback:0
[  196.727658][T11058]  slab_reclaimable:11199 slab_unreclaimable:103749
[  196.727658][T11058]  mapped:28618 shmem:1421 pagetables:806
[  196.727658][T11058]  sec_pagetables:0 bounce:0
[  196.727658][T11058]  kernel_misc_reclaimable:0
[  196.727658][T11058]  free:1329828 free_pcp:611 free_cma:0
[  196.825104][T11064] dummy0: left promiscuous mode
[  196.856120][T11058] Node 0 active_anon:22180kB inactive_anon:0kB active_file:6048kB inactive_file:153340kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114572kB dirty:796kB writeback:0kB shmem:4148kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12468kB pagetables:3324kB sec_pagetables:0kB all_unreclaimable? no
[  197.035941][T11058] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  197.081894][T11058] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  197.150201][T11058] lowmem_reserve[]: 0 2489 2490 0 0
[  197.195066][T11058] Node 0 DMA32 free:1399816kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:22760kB inactive_anon:0kB active_file:6048kB inactive_file:153024kB unevictable:1536kB writepending:800kB present:3129332kB managed:2549728kB mlocked:0kB bounce:0kB free_pcp:2176kB local_pcp:796kB free_cma:0kB
[  197.280332][T11058] lowmem_reserve[]: 0 0 0 0 0
[  197.285128][T11058] Node 0 Normal free:4kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:316kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  197.318301][T11081] xt_SECMARK: invalid mode: 0
[  197.342204][T11081] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  197.372298][T11058] lowmem_reserve[]: 0 0 0 0 0
[  197.384648][T11058] Node 1 Normal free:3903736kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  197.461899][T11058] lowmem_reserve[]: 0 0 0 0 0
[  197.474137][T11058] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  197.507530][T11058] Node 0 DMA32: 2*4kB (ME) 7*8kB (UE) 301*16kB (UME) 104*32kB (UME) 420*64kB (UME) 298*128kB (UME) 158*256kB (UME) 69*512kB (UME) 24*1024kB (UME) 8*2048kB (UME) 295*4096kB (M) = 1398288kB
[  197.569536][T11058] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  197.592754][T11058] Node 1 Normal: 204*4kB (UME) 57*8kB (UME) 32*16kB (UME) 204*32kB (UME) 88*64kB (UME) 29*128kB (UME) 16*256kB (UME) 8*512kB (UME) 5*1024kB (UME) 1*2048kB (U) 945*4096kB (M) = 3903736kB
[  197.606247][T11090] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  197.620943][T11058] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  197.632058][T11058] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  197.701903][T11058] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  197.711676][T11058] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  197.722020][T11058] 41286 total pagecache pages
[  197.726843][T11058] 0 pages in swap cache
[  197.731333][T11058] Free swap  = 124996kB
[  197.736907][T11058] Total swap = 124996kB
[  197.741088][T11058] 2097051 pages RAM
[  197.744898][T11058] 0 pages HighMem/MovableOnly
[  197.779031][T11101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1414'.
[  197.790038][T11101] netlink: 'syz.1.1414': attribute type 1 has an invalid length.
[  197.814336][T11058] 427897 pages reserved
[  197.835607][T11058] 0 pages cma reserved
[  198.091223][T11113] batman_adv: batadv0: Adding interface: ip6gretap1
[  198.111326][T11113] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  198.140604][T11113] batman_adv: batadv0: Interface activated: ip6gretap1
[  198.153582][T11118] lo: entered promiscuous mode
[  198.159510][T11118] tunl0: entered promiscuous mode
[  198.197928][T11118] gre0: entered promiscuous mode
[  198.212716][T11118] gretap0: entered promiscuous mode
[  198.251941][T11118] erspan0: entered promiscuous mode
[  198.292574][T11118] ip_vti0: entered promiscuous mode
[  198.313813][T11118] ip6_vti0: entered promiscuous mode
[  198.356751][T11118] sit0: entered promiscuous mode
[  198.410787][T11118] ip6tnl0: entered promiscuous mode
[  198.453906][T11118] ip6gre0: entered promiscuous mode
[  198.479758][T11118] ip6gretap0: entered promiscuous mode
[  198.488405][T11118] bridge0: entered promiscuous mode
[  198.578696][T11118] vcan0: entered promiscuous mode
[  198.597734][T11118] bond0: entered promiscuous mode
[  198.607968][T11118] team0: entered promiscuous mode
[  198.641316][T11118] dummy0: entered promiscuous mode
[  198.664402][T11118] nlmon0: entered promiscuous mode
[  198.688893][T11118] caif0: entered promiscuous mode
[  198.694791][T11118] vxcan0: entered promiscuous mode
[  198.706889][T11118] vxcan1: entered promiscuous mode
[  198.724630][T11118] veth0: entered promiscuous mode
[  198.762939][T11118] veth1: entered promiscuous mode
[  198.805812][T11118] wg1: entered promiscuous mode
[  198.831221][T11118] wg2: entered promiscuous mode
[  198.856595][T11118] veth0_to_bridge: entered promiscuous mode
[  198.883991][T11118] bridge_slave_0: entered promiscuous mode
[  198.941920][T11118] veth0_to_bond: entered promiscuous mode
[  198.964065][T11118] bond_slave_0: entered promiscuous mode
[  198.986796][T11118] veth1_to_bond: entered promiscuous mode
[  198.994918][T11118] bond_slave_1: entered promiscuous mode
[  199.011807][T11118] veth0_to_team: entered promiscuous mode
[  199.024260][T11118] team_slave_0: entered promiscuous mode
[  199.031070][T11118] veth1_to_team: entered promiscuous mode
[  199.042985][T11118] team_slave_1: entered promiscuous mode
[  199.062404][T11118] veth0_to_batadv: entered promiscuous mode
[  199.085588][T11118] batadv_slave_0: entered promiscuous mode
[  199.104335][T11118] veth1_to_batadv: entered promiscuous mode
[  199.127338][T11118] batadv_slave_1: entered promiscuous mode
[  199.148231][T11118] xfrm0: entered promiscuous mode
[  199.171263][T11118] veth0_to_hsr: entered promiscuous mode
[  199.211911][T11118] veth1_to_hsr: entered promiscuous mode
[  199.254818][T11118] hsr0: entered promiscuous mode
[  199.275239][T11118] veth1_virt_wifi: entered promiscuous mode
[  199.288554][T11118] veth0_virt_wifi: entered promiscuous mode
[  199.382457][T11118] vlan0: entered promiscuous mode
[  199.396044][T11118] vlan1: entered promiscuous mode
[  199.404098][T11118] macvlan0: entered promiscuous mode
[  199.421431][T11118] macvlan1: entered promiscuous mode
[  199.433798][T11118] ipvlan0: entered promiscuous mode
[  199.445475][T11118] ipvlan1: entered promiscuous mode
[  199.484839][T11118] macvtap0: entered promiscuous mode
[  199.503091][T11118] macsec0: entered promiscuous mode
[  199.533575][T11118] geneve0: entered promiscuous mode
[  199.547250][T11118] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.569480][T11118] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.578051][T11118] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.586566][T11118] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.597016][T11118] geneve1: entered promiscuous mode
[  199.619119][T11118] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  199.642661][T11118] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode
[  199.650106][T11118] syztnl0: entered promiscuous mode
[  199.656561][T11118] x: entered promiscuous mode
[  199.661479][T11118] ip6tnl1: entered promiscuous mode
[  199.667099][T11118] vlan4: entered promiscuous mode
[  199.672321][T11118] netdevsim netdevsim1 eth0: entered promiscuous mode
[  199.679290][T11118] netdevsim netdevsim1 eth1: entered promiscuous mode
[  199.694992][T11118] netdevsim netdevsim1 eth2: entered promiscuous mode
[  199.702108][T11118] netdevsim netdevsim1 eth3: entered promiscuous mode
[  199.735930][T11118] bridge1: entered promiscuous mode
[  199.753188][T11118] bond1: entered promiscuous mode
[  199.785723][T11118] batadv0: entered promiscuous mode
[  199.791092][T11118] vlan2: entered promiscuous mode
[  199.815593][T11118] veth2: entered promiscuous mode
[  199.820926][T11118] veth3: entered promiscuous mode
[  199.826137][T11118] ip6gretap1: entered promiscuous mode
[  199.841965][T11118] vxcan2: entered promiscuous mode
[  199.852053][T11118] vxcan3: entered promiscuous mode
[  199.862249][T11118] ip6tnl2: entered promiscuous mode
[  199.872329][T11118] macvlan2: entered promiscuous mode
[  199.882472][T11118] syzkaller0: entered promiscuous mode
[  199.893479][T11118] bridge2: entered promiscuous mode
[  199.918116][T11124] geneve1: entered promiscuous mode
[  199.952880][T11124] geneve1: left promiscuous mode
[  200.254871][T11145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1426'.
[  201.136271][T11170] netlink: 288 bytes leftover after parsing attributes in process `syz.2.1432'.
[  201.146538][T11170] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1432'.
[  201.525589][T11180] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  201.708162][T11170] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  201.838664][T11187] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1437'.
[  201.865771][T11187] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1437'.
[  201.874763][T11187] tc_dump_action: action bad kind
[  201.905675][T11187] netlink: 'syz.3.1437': attribute type 1 has an invalid length.
[  201.945460][T11187] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1437'.
[  202.142254][T11207] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1442'.
[  202.153426][T11207] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1442'.
[  202.156815][T11202] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  202.166962][T11207] netlink: 'syz.4.1442': attribute type 1 has an invalid length.
[  202.195550][T11207] netlink: 'syz.4.1442': attribute type 3 has an invalid length.
[  202.210991][T11202] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  202.220754][T11207] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1442'.
[  202.255704][T11202] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  202.317526][T11213] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1444'.
[  202.458982][T11220] veth0: entered promiscuous mode
[  202.462704][T11223] openvswitch: netlink: Flow key attr not present in new flow.
[  202.492149][T11220] veth0: left promiscuous mode
[  202.824784][T11246] delete_channel: no stack
[  203.349013][T11267] bridge5: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  203.783621][T11293] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  203.925240][T11298] x_tables: duplicate underflow at hook 4
[  204.005248][T11302] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  204.025924][T10466] ip6erspan0: left promiscuous mode
[  204.034911][T11302] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  204.165486][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  204.683985][T11348] tc_dump_action: action bad kind
[  204.692275][T11348] netlink: 'syz.2.1482': attribute type 3 has an invalid length.
[  204.874826][T11361] ip6tnl2: entered promiscuous mode
[  204.880431][T11361] ip6tnl2: entered allmulticast mode
[  204.888026][T11361] team0: Device ip6tnl2 is of different type
[  205.183908][T11381] netlink: 'syz.1.1492': attribute type 1 has an invalid length.
[  205.207535][T11381] netlink: 'syz.1.1492': attribute type 2 has an invalid length.
[  205.304645][T11394] __nla_validate_parse: 10 callbacks suppressed
[  205.304664][T11394] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1492'.
[  205.412241][T11408] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1496'.
[  205.436838][T11408] netlink: 'syz.4.1496': attribute type 30 has an invalid length.
[  205.457599][T11408] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  205.465861][T11408] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  205.474054][T11408] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  205.482335][T11408] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  205.506443][T11409] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1496'.
[  205.535185][T11409] netlink: 'syz.4.1496': attribute type 30 has an invalid length.
[  205.570268][T11414] gretap1: entered promiscuous mode
[  206.558756][T11458] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  206.647385][T11458] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  206.718541][T11467] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1514'.
[  206.727989][T11467] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1514'.
[  206.738942][T11467] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1514'.
[  206.794354][T11458] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  206.869749][T11469] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1515'.
[  206.899814][T11458] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  207.324526][T11489] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  207.343926][T11496] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  207.344578][T11489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1522'.
[  207.750207][T11513] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1528'.
[  207.770318][T11513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1528'.
[  208.390350][T11529] IPVS: Scheduler module ip_vs_sip not found
[  208.670677][T11458] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  208.713586][T11458] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  208.760770][T11458] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  208.806880][T11458] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  209.528953][T11575] netlink: 'syz.2.1545': attribute type 4 has an invalid length.
[  209.585040][T11575] netlink: 'syz.2.1545': attribute type 4 has an invalid length.
[  209.661975][T11575] netlink: 'syz.2.1545': attribute type 10 has an invalid length.
[  209.778347][T11575] team0: Device hsr_slave_0 failed to register rx_handler
[  210.040498][T11593] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (71)
[  210.503877][T11616] FAULT_INJECTION: forcing a failure.
[  210.503877][T11616] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.573504][T11616] CPU: 0 UID: 0 PID: 11616 Comm: syz.1.1558 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  210.573530][T11616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  210.573541][T11616] Call Trace:
[  210.573547][T11616]  <TASK>
[  210.573554][T11616]  dump_stack_lvl+0x241/0x360
[  210.573584][T11616]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.573602][T11616]  ? __pfx__printk+0x10/0x10
[  210.573620][T11616]  ? __pfx_lock_release+0x10/0x10
[  210.573652][T11616]  should_fail_ex+0x40a/0x550
[  210.573679][T11616]  _copy_from_user+0x2d/0xb0
[  210.573700][T11616]  copy_msghdr_from_user+0xae/0x680
[  210.573722][T11616]  ? native_apic_msr_write+0x39/0x50
[  210.573743][T11616]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  210.573761][T11616]  ? __fget_files+0x2a/0x410
[  210.573786][T11616]  ? __fget_files+0x2a/0x410
[  210.573815][T11616]  __sys_recvmsg+0x200/0x390
[  210.573838][T11616]  ? __pfx___sys_recvmsg+0x10/0x10
[  210.573871][T11616]  ? trace_sys_enter+0x74/0x120
[  210.573888][T11616]  ? __pfx_lock_release+0x10/0x10
[  210.573919][T11616]  ? trace_sys_enter+0x74/0x120
[  210.573934][T11616]  ? rcu_is_watching+0x15/0xb0
[  210.573952][T11616]  ? trace_sys_enter+0x25/0x120
[  210.573972][T11616]  do_syscall_64+0xf3/0x230
[  210.573992][T11616]  ? clear_bhb_loop+0x35/0x90
[  210.574022][T11616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.574042][T11616] RIP: 0033:0x7fe89bb8d169
[  210.574056][T11616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.574070][T11616] RSP: 002b:00007fe89c935038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  210.574088][T11616] RAX: ffffffffffffffda RBX: 00007fe89bda5fa0 RCX: 00007fe89bb8d169
[  210.574100][T11616] RDX: 0000000040020000 RSI: 00004000000004c0 RDI: 0000000000000003
[  210.574111][T11616] RBP: 00007fe89c935090 R08: 0000000000000000 R09: 0000000000000000
[  210.574121][T11616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.574131][T11616] R13: 0000000000000000 R14: 00007fe89bda5fa0 R15: 00007ffda010ac18
[  210.574157][T11616]  </TASK>
[  210.958858][T11626] __nla_validate_parse: 6 callbacks suppressed
[  210.958877][T11626] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1560'.
[  211.026897][T11626] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1560'.
[  211.050029][T11626] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1560'.
[  211.071164][T11626] xt_bpf: check failed: parse error
[  211.111473][   T29] audit: type=1800 audit(1741531301.427:8): pid=11636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1562" name=3199 dev="tmpfs" ino=1516 res=0 errno=0
[  211.327725][T11651] netlink: 16215 bytes leftover after parsing attributes in process `syz.0.1564'.
[  211.710659][T11667] FAULT_INJECTION: forcing a failure.
[  211.710659][T11667] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.759352][T11667] CPU: 1 UID: 0 PID: 11667 Comm: syz.4.1572 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  211.759380][T11667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  211.759390][T11667] Call Trace:
[  211.759397][T11667]  <TASK>
[  211.759405][T11667]  dump_stack_lvl+0x241/0x360
[  211.759431][T11667]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.759449][T11667]  ? __pfx__printk+0x10/0x10
[  211.759472][T11667]  ? snprintf+0xda/0x120
[  211.759498][T11667]  should_fail_ex+0x40a/0x550
[  211.759525][T11667]  _copy_to_user+0x31/0xb0
[  211.759548][T11667]  simple_read_from_buffer+0xca/0x150
[  211.759573][T11667]  proc_fail_nth_read+0x1e9/0x250
[  211.759597][T11667]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  211.759622][T11667]  ? rw_verify_area+0x243/0x630
[  211.759645][T11667]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  211.759668][T11667]  vfs_read+0x1f8/0xb40
[  211.759686][T11667]  ? fdget_pos+0x254/0x320
[  211.759708][T11667]  ? __pfx___mutex_lock+0x10/0x10
[  211.759727][T11667]  ? __pfx_vfs_read+0x10/0x10
[  211.759748][T11667]  ? __fget_files+0x2a/0x410
[  211.759771][T11667]  ? __fget_files+0x395/0x410
[  211.759790][T11667]  ? __fget_files+0x2a/0x410
[  211.759824][T11667]  ksys_read+0x18f/0x2b0
[  211.759844][T11667]  ? __pfx_ksys_read+0x10/0x10
[  211.759861][T11667]  ? do_syscall_64+0x100/0x230
[  211.759882][T11667]  ? do_syscall_64+0xb6/0x230
[  211.759902][T11667]  do_syscall_64+0xf3/0x230
[  211.759920][T11667]  ? clear_bhb_loop+0x35/0x90
[  211.759944][T11667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.759963][T11667] RIP: 0033:0x7f35a318bb7c
[  211.759978][T11667] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  211.759992][T11667] RSP: 002b:00007f35a3f5e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  211.760010][T11667] RAX: ffffffffffffffda RBX: 00007f35a33a5fa0 RCX: 00007f35a318bb7c
[  211.760022][T11667] RDX: 000000000000000f RSI: 00007f35a3f5e0a0 RDI: 0000000000000007
[  211.760032][T11667] RBP: 00007f35a3f5e090 R08: 0000000000000000 R09: 0000000000000000
[  211.760042][T11667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.760051][T11667] R13: 0000000000000000 R14: 00007f35a33a5fa0 R15: 00007ffd6c5aa6c8
[  211.760077][T11667]  </TASK>
[  212.220090][T11691] netlink: 'syz.0.1581': attribute type 1 has an invalid length.
[  212.228791][T11691] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1581'.
[  212.483578][T11700] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1583'.
[  212.497847][T11706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1585'.
[  212.504003][T11713] Cannot find del_set index 2 as target
[  212.975010][T11734] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  213.962905][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1609'.
[  214.180467][T11791] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1610'.
[  214.599553][T11799] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1613'.
[  214.716711][T11804] tipc: Trying to set illegal importance in message
[  214.854475][T11810] sctp: [Deprecated]: syz.1.1617 (pid 11810) Use of int in max_burst socket option.
[  214.854475][T11810] Use struct sctp_assoc_value instead
[  215.448308][T11824] pim6reg1: entered promiscuous mode
[  215.453654][T11824] pim6reg1: entered allmulticast mode
[  215.663484][T11848] xt_socket: unknown flags 0x8
[  215.811895][T11862] --map-set only usable from mangle table
[  216.916705][T11919] __nla_validate_parse: 5 callbacks suppressed
[  216.916723][T11919] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1644'.
[  216.980943][T11924] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1645'.
[  217.081058][T11929] netlink: 'syz.0.1645': attribute type 10 has an invalid length.
[  217.103444][T11924] xt_CT: No such helper "pptp"
[  217.121912][T11929] bond0: (slave wlan1): Releasing backup interface
[  217.153010][T11929] team0: Port device wlan1 added
[  217.223954][T11931] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.265732][T11931] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.301443][T11931] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.331665][T11931] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.359144][T11931] geneve2: entered promiscuous mode
[  217.378119][T11931] geneve2: entered allmulticast mode
[  217.391094][T11931] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.417992][T11931] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.456702][T11931] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.482645][T11931] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.539965][T11947] bridge_slave_0: left allmulticast mode
[  217.540416][T11943] raw_sendmsg: syz.1.1651 forgot to set AF_INET. Fix it!
[  217.546267][T11947] bridge_slave_0: left promiscuous mode
[  217.559450][T11947] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.573083][T11948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1652'.
[  217.584709][T11947] bridge_slave_1: left allmulticast mode
[  217.590831][T11947] bridge_slave_1: left promiscuous mode
[  217.597214][T11947] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.611205][T11947] bond0: (slave bond_slave_0): Releasing backup interface
[  217.621733][T11947] bond0: (slave bond_slave_1): Releasing backup interface
[  217.674502][T11947] team0: Port device team_slave_0 removed
[  217.687812][T11947] team0: Port device team_slave_1 removed
[  217.706727][T11947] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.710031][T11952] xt_TCPMSS: Only works on TCP SYN packets
[  217.724532][T11947] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.755228][T11947] team0: Port device bridge3 removed
[  217.764423][T11947] bond3: (slave veth3): Releasing active interface
[  217.771728][T11947] bond3: (slave veth3): the permanent HWaddr of slave - d2:1c:c6:08:33:57 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  217.789556][T11947] ip6erspan0: entered promiscuous mode
[  217.805732][T11947] bond3: (slave ip6erspan0): Releasing active interface
[  217.813136][T11947] ip6erspan0: left promiscuous mode
[  217.996382][T11964] netlink: 'syz.0.1657': attribute type 1 has an invalid length.
[  218.040907][T11964] 8021q: adding VLAN 0 to HW filter on device bond3
[  218.117058][T11964] bond3: (slave veth5): Enslaving as an active interface with a down link
[  218.234028][T11972] netlink: 308 bytes leftover after parsing attributes in process `syz.0.1657'.
[  219.215714][T10467] wlan1: Trigger new scan to find an IBSS to join
[  220.170633][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  220.462965][T12002] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1668'.
[  220.473190][T12000] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1667'.
[  220.873644][T12019] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1672'.
[  220.893016][T12019] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1672'.
[  220.927104][T12019] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1672'.
[  220.971239][T12023] sctp: [Deprecated]: syz.4.1674 (pid 12023) Use of int in maxseg socket option.
[  220.971239][T12023] Use struct sctp_assoc_value instead
[  221.237701][T12031] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1678'.
[  221.248500][T12031] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  221.338713][T12035] xt_ipcomp: unknown flags F7
[  221.835810][T12058] netlink: 'syz.0.1686': attribute type 10 has an invalid length.
[  221.857051][T12058] batman_adv: batadv0: Adding interface: macvtap0
[  221.865405][T12058] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active
[  221.959886][T12065] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  221.997987][T12068] netlink: 'syz.0.1690': attribute type 21 has an invalid length.
[  222.012307][T12068] __nla_validate_parse: 7 callbacks suppressed
[  222.012325][T12068] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1690'.
[  222.152585][T12068] netlink: 'syz.0.1690': attribute type 5 has an invalid length.
[  222.165536][T10448] wlan1: Trigger new scan to find an IBSS to join
[  222.165581][T12068] netlink: 'syz.0.1690': attribute type 6 has an invalid length.
[  222.198769][T12068] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1690'.
[  222.390431][T12082] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1695'.
[  222.399971][T12082] netlink: 'syz.3.1695': attribute type 30 has an invalid length.
[  222.419839][T12082] netdevsim netdevsim3 ÿÿÿÿÿÿ: set [0, 0] type 1 family 0 port 8472 - 0
[  222.428702][T12082] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  222.437501][T12082] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  222.446329][T12082] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  222.523238][T12090] FAULT_INJECTION: forcing a failure.
[  222.523238][T12090] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.539275][T12082] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1695'.
[  222.548400][T12082] netlink: 'syz.3.1695': attribute type 30 has an invalid length.
[  222.550404][T12090] CPU: 1 UID: 0 PID: 12090 Comm: syz.4.1697 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  222.550427][T12090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  222.550438][T12090] Call Trace:
[  222.550444][T12090]  <TASK>
[  222.550451][T12090]  dump_stack_lvl+0x241/0x360
[  222.550476][T12090]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.550493][T12090]  ? __pfx__printk+0x10/0x10
[  222.550511][T12090]  ? __pfx_lock_release+0x10/0x10
[  222.550539][T12090]  should_fail_ex+0x40a/0x550
[  222.550565][T12090]  _copy_from_user+0x2d/0xb0
[  222.550585][T12090]  copy_msghdr_from_user+0xae/0x680
[  222.550611][T12090]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  222.550629][T12090]  ? __fget_files+0x2a/0x410
[  222.550653][T12090]  ? __fget_files+0x2a/0x410
[  222.550679][T12090]  __sys_sendmsg+0x209/0x350
[  222.550701][T12090]  ? __pfx___sys_sendmsg+0x10/0x10
[  222.550727][T12090]  ? do_sys_openat2+0x17a/0x1d0
[  222.550770][T12090]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  222.550792][T12090]  ? do_syscall_64+0x100/0x230
[  222.550819][T12090]  ? do_syscall_64+0xb6/0x230
[  222.550838][T12090]  do_syscall_64+0xf3/0x230
[  222.550856][T12090]  ? clear_bhb_loop+0x35/0x90
[  222.550879][T12090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.550897][T12090] RIP: 0033:0x7f35a318d169
[  222.550913][T12090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.550927][T12090] RSP: 002b:00007f35a3f5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  222.550944][T12090] RAX: ffffffffffffffda RBX: 00007f35a33a5fa0 RCX: 00007f35a318d169
[  222.550956][T12090] RDX: 0000000000000000 RSI: 0000400000000480 RDI: 0000000000000004
[  222.550966][T12090] RBP: 00007f35a3f5e090 R08: 0000000000000000 R09: 0000000000000000
[  222.550976][T12090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.550985][T12090] R13: 0000000000000000 R14: 00007f35a33a5fa0 R15: 00007ffd6c5aa6c8
[  222.551009][T12090]  </TASK>
[  222.815143][T12027] x_tables: duplicate entry at hook 2
[  222.896350][T12098] netlink: 'syz.1.1701': attribute type 1 has an invalid length.
[  222.904266][T12098] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1701'.
[  223.677061][T12131] FAULT_INJECTION: forcing a failure.
[  223.677061][T12131] name failslab, interval 1, probability 0, space 0, times 0
[  223.690174][T12131] CPU: 1 UID: 0 PID: 12131 Comm: syz.0.1710 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  223.690198][T12131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  223.690209][T12131] Call Trace:
[  223.690215][T12131]  <TASK>
[  223.690222][T12131]  dump_stack_lvl+0x241/0x360
[  223.690247][T12131]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.690265][T12131]  ? __pfx__printk+0x10/0x10
[  223.690283][T12131]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  223.690306][T12131]  ? __pfx___might_resched+0x10/0x10
[  223.690324][T12131]  ? aa_label_sk_perm+0x4f3/0x6c0
[  223.690349][T12131]  should_fail_ex+0x40a/0x550
[  223.690376][T12131]  should_failslab+0xac/0x100
[  223.690398][T12131]  kmem_cache_alloc_node_noprof+0x77/0x380
[  223.690418][T12131]  ? __alloc_skb+0x1c3/0x440
[  223.690438][T12131]  __alloc_skb+0x1c3/0x440
[  223.690458][T12131]  ? __pfx___alloc_skb+0x10/0x10
[  223.690481][T12131]  netlink_sendmsg+0x634/0xcb0
[  223.690514][T12131]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.690538][T12131]  ? aa_sock_msg_perm+0x91/0x160
[  223.690565][T12131]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.690584][T12131]  __sock_sendmsg+0x221/0x270
[  223.690607][T12131]  ____sys_sendmsg+0x53a/0x860
[  223.690631][T12131]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.690646][T12131]  ? __fget_files+0x2a/0x410
[  223.690670][T12131]  ? __fget_files+0x2a/0x410
[  223.690699][T12131]  __sys_sendmsg+0x269/0x350
[  223.690726][T12131]  ? __pfx___sys_sendmsg+0x10/0x10
[  223.690755][T12131]  ? do_sys_openat2+0x17a/0x1d0
[  223.690798][T12131]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  223.690823][T12131]  ? do_syscall_64+0x100/0x230
[  223.690845][T12131]  ? do_syscall_64+0xb6/0x230
[  223.690865][T12131]  do_syscall_64+0xf3/0x230
[  223.690884][T12131]  ? clear_bhb_loop+0x35/0x90
[  223.690907][T12131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.690928][T12131] RIP: 0033:0x7fa30ff8d169
[  223.690943][T12131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.690957][T12131] RSP: 002b:00007fa310d64038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.690974][T12131] RAX: ffffffffffffffda RBX: 00007fa3101a5fa0 RCX: 00007fa30ff8d169
[  223.690987][T12131] RDX: 0000000000000000 RSI: 0000400000000480 RDI: 0000000000000004
[  223.690997][T12131] RBP: 00007fa310d64090 R08: 0000000000000000 R09: 0000000000000000
[  223.691007][T12131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.691017][T12131] R13: 0000000000000000 R14: 00007fa3101a5fa0 R15: 00007ffdd38b9118
[  223.691043][T12131]  </TASK>
[  224.374961][T12152] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1716'.
[  224.607423][T12155] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  224.854336][T12163] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  224.874491][T12173] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  224.914887][T12172] xt_CT: You must specify a L4 protocol and not use inversions on it
[  225.073983][T12186] sctp: [Deprecated]: syz.1.1722 (pid 12186) Use of struct sctp_assoc_value in delayed_ack socket option.
[  225.073983][T12186] Use struct sctp_sack_info instead
[  225.120677][T12179] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1724'.
[  225.206794][T10451] wlan1: Trigger new scan to find an IBSS to join
[  225.260971][T12190] netlink: 'syz.3.1726': attribute type 4 has an invalid length.
[  225.261844][T12186] netlink: 'syz.1.1722': attribute type 5 has an invalid length.
[  225.667783][T12202] netlink: 'syz.4.1730': attribute type 4 has an invalid length.
[  225.810291][T12209] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1733'.
[  225.871407][T12218] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  225.933723][T12209] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1733'.
[  226.087855][T12229] FAULT_INJECTION: forcing a failure.
[  226.087855][T12229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.101237][T12229] CPU: 1 UID: 0 PID: 12229 Comm: syz.1.1740 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  226.101261][T12229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.101272][T12229] Call Trace:
[  226.101278][T12229]  <TASK>
[  226.101285][T12229]  dump_stack_lvl+0x241/0x360
[  226.101312][T12229]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.101329][T12229]  ? __pfx__printk+0x10/0x10
[  226.101351][T12229]  ? snprintf+0xda/0x120
[  226.101374][T12229]  should_fail_ex+0x40a/0x550
[  226.101401][T12229]  _copy_to_user+0x31/0xb0
[  226.101424][T12229]  simple_read_from_buffer+0xca/0x150
[  226.101446][T12229]  proc_fail_nth_read+0x1e9/0x250
[  226.101469][T12229]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  226.101541][T12229]  ? rw_verify_area+0x243/0x630
[  226.101567][T12229]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  226.101588][T12229]  vfs_read+0x1f8/0xb40
[  226.101605][T12229]  ? fdget_pos+0x254/0x320
[  226.101625][T12229]  ? __pfx___mutex_lock+0x10/0x10
[  226.101643][T12229]  ? __pfx_vfs_read+0x10/0x10
[  226.101661][T12229]  ? __fget_files+0x2a/0x410
[  226.101682][T12229]  ? __fget_files+0x395/0x410
[  226.101700][T12229]  ? __fget_files+0x2a/0x410
[  226.101725][T12229]  ksys_read+0x18f/0x2b0
[  226.101744][T12229]  ? __pfx_ksys_read+0x10/0x10
[  226.101760][T12229]  ? do_syscall_64+0x100/0x230
[  226.101780][T12229]  ? do_syscall_64+0xb6/0x230
[  226.101800][T12229]  do_syscall_64+0xf3/0x230
[  226.101818][T12229]  ? clear_bhb_loop+0x35/0x90
[  226.101841][T12229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.101861][T12229] RIP: 0033:0x7fe89bb8bb7c
[  226.101875][T12229] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  226.101889][T12229] RSP: 002b:00007fe89c935030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  226.101906][T12229] RAX: ffffffffffffffda RBX: 00007fe89bda5fa0 RCX: 00007fe89bb8bb7c
[  226.101918][T12229] RDX: 000000000000000f RSI: 00007fe89c9350a0 RDI: 000000000000000b
[  226.101927][T12229] RBP: 00007fe89c935090 R08: 0000000000000000 R09: 0000000000000000
[  226.101935][T12229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.101944][T12229] R13: 0000000000000000 R14: 00007fe89bda5fa0 R15: 00007ffda010ac18
[  226.101968][T12229]  </TASK>
[  226.422747][T12244] netlink: 'syz.1.1743': attribute type 11 has an invalid length.
[  226.441813][T12244] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1743'.
[  226.456968][ T3551] wlan1: Creating new IBSS network, BSSID d2:b0:50:b8:e1:06
[  226.681127][T12257] netlink: 'syz.1.1747': attribute type 2 has an invalid length.
[  226.969933][T12275] netlink: 'syz.3.1751': attribute type 1 has an invalid length.
[  227.154202][T12278] xt_CT: No such helper "snmp"
[  227.333197][T12293] netlink: 'syz.3.1754': attribute type 4 has an invalid length.
[  227.796965][T12308] openvswitch: netlink: VXLAN extension 26 out of range max 1
[  227.895888][T12311] vlan0: entered allmulticast mode
[  227.908216][T12311] hsr0: entered allmulticast mode
[  227.913292][T12311] hsr_slave_0: entered allmulticast mode
[  227.974234][T12311] hsr_slave_1: entered allmulticast mode
[  228.022275][T12311] hsr0: left allmulticast mode
[  228.028782][T12316] delete_channel: no stack
[  228.045440][T12311] hsr_slave_0: left allmulticast mode
[  228.067394][T12311] hsr_slave_1: left allmulticast mode
[  228.323637][T12327] __nla_validate_parse: 2 callbacks suppressed
[  228.323655][T12327] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1764'.
[  228.355569][T12327] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1764'.
[  228.434204][T12329] netlink: 'syz.1.1765': attribute type 8 has an invalid length.
[  229.097581][T10451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.107193][T10451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.391219][T12361] netlink: 'syz.3.1775': attribute type 4 has an invalid length.
[  229.496932][T12365] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  229.579597][T12368] netlink: 'syz.3.1778': attribute type 32 has an invalid length.
[  229.707518][T12372] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1780'.
[  229.912294][T12380] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1783'.
[  229.921644][T12380] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1783'.
[  230.170165][T12385] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  230.544863][T12392] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  230.650969][ T5842] Bluetooth: hci4: command 0x0401 tx timeout
[  231.983961][T12398] netlink: 'syz.3.1788': attribute type 4 has an invalid length.
[  232.276704][T12409] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1790'.
[  232.735978][ T5842] Bluetooth: hci4: command 0x0401 tx timeout
[  232.947300][T12447] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1802'.
[  232.980984][T12447] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1802'.
[  233.015539][T12447] netlink: 'syz.4.1802': attribute type 5 has an invalid length.
[  233.043793][T12447] netlink: 'syz.4.1802': attribute type 6 has an invalid length.
[  233.141518][T12459] ieee802154 phy1 wpan1: encryption failed: -22
[  233.216705][T12464] SET target dimension over the limit!
[  233.274319][T12464] xt_CT: No such helper "snmp"
[  233.609616][T12476] dvmrp5: entered allmulticast mode
[  233.616363][T12476] dvmrp5: left allmulticast mode
[  234.227579][T12495] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1816'.
[  234.374444][T12504] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  234.547647][T12519] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  234.595637][T12519] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1822'.
[  234.638250][T12517] netlink: 'syz.1.1823': attribute type 2 has an invalid length.
[  234.646286][T12517] netlink: 119 bytes leftover after parsing attributes in process `syz.1.1823'.
[  234.680038][T12522] netlink: 'syz.0.1824': attribute type 1 has an invalid length.
[  234.722023][T12522] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1824'.
[  234.856307][T12532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1827'.
[  235.078973][T12541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1828'.
[  235.115197][T12541] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1828'.
[  235.250724][ T5846] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000007: 0000 [#1] PREEMPT SMP KASAN PTI
[  235.263350][ T5846] KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]
[  235.271771][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  235.282634][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  235.292681][ T5846] RIP: 0010:sysfs_move_dir_ns+0xad/0xe0
[  235.298224][ T5846] Code: 9a 48 c1 e8 03 42 80 3c 28 00 74 0c 48 c7 c7 60 60 73 9a e8 85 36 c1 ff 48 8b 1d 3e 83 0b 18 49 8d 7f 38 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 67 36 c1 ff 49 8b 57 38 4c 89 ff 48 89 de
[  235.317822][ T5846] RSP: 0018:ffffc90003c87790 EFLAGS: 00010202
[  235.323882][ T5846] RAX: 0000000000000007 RBX: ffff8880206e6f00 RCX: ffff888064068000
[  235.331839][ T5846] RDX: 0000000000000000 RSI: ffff8880206a5280 RDI: 0000000000000038
[  235.339795][ T5846] RBP: ffffc90003c87890 R08: ffffffff8c067568 R09: ffffffff8c0665ae
[  235.347756][ T5846] R10: 0000000000000008 R11: ffff888064068000 R12: ffff8880206a52b0
[  235.355715][ T5846] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.363670][ T5846] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  235.372588][ T5846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  235.379158][ T5846] CR2: 00004000000002c0 CR3: 0000000058914000 CR4: 00000000003526f0
[  235.387127][ T5846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  235.395084][ T5846] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  235.403043][ T5846] Call Trace:
[  235.406313][ T5846]  <TASK>
[  235.409235][ T5846]  ? __die_body+0x5f/0xb0
[  235.413559][ T5846]  ? die_addr+0xb0/0xe0
[  235.417705][ T5846]  ? exc_general_protection+0x3dd/0x5d0
[  235.423247][ T5846]  ? asm_exc_general_protection+0x26/0x30
[  235.428963][ T5846]  ? vsnprintf+0x18e/0x1220
[  235.433453][ T5846]  ? vsnprintf+0x1148/0x1220
[  235.438032][ T5846]  ? sysfs_move_dir_ns+0xad/0xe0
[  235.442958][ T5846]  kobject_move+0x315/0x450
[  235.447456][ T5846]  ? __pfx_kobject_move+0x10/0x10
[  235.452470][ T5846]  ? get_device_parent+0x25d/0x410
[  235.457573][ T5846]  device_move+0xdf/0x710
[  235.461891][ T5846]  ? kasan_quarantine_put+0xdc/0x230
[  235.467164][ T5846]  hci_conn_del_sysfs+0xb5/0x170
[  235.472091][ T5846]  hci_conn_del+0x8c4/0xc40
[  235.476584][ T5846]  hci_conn_hash_flush+0x258/0x350
[  235.481685][ T5846]  ? __pfx_hci_conn_hash_flush+0x10/0x10
[  235.487308][ T5846]  ? drain_workqueue+0x2d3/0x3a0
[  235.492235][ T5846]  ? hci_discovery_set_state+0x57/0x180
[  235.497767][ T5846]  hci_dev_close_sync+0xa8b/0x1260
[  235.502865][ T5846]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  235.508400][ T5846]  ? rcu_is_watching+0x15/0xb0
[  235.513155][ T5846]  hci_unregister_dev+0x20b/0x510
[  235.518170][ T5846]  vhci_release+0x80/0xd0
[  235.522491][ T5846]  ? __pfx_vhci_release+0x10/0x10
[  235.527507][ T5846]  __fput+0x3e9/0x9f0
[  235.531483][ T5846]  task_work_run+0x24f/0x310
[  235.536063][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  235.541158][ T5846]  ? do_exit+0xa25/0x28e0
[  235.545477][ T5846]  ? do_exit+0xa25/0x28e0
[  235.549796][ T5846]  do_exit+0xa2a/0x28e0
[  235.553942][ T5846]  ? __pfx_do_exit+0x10/0x10
[  235.558519][ T5846]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  235.564493][ T5846]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  235.570810][ T5846]  ? _raw_spin_unlock_irq+0x23/0x50
[  235.575992][ T5846]  ? lockdep_hardirqs_on+0x99/0x150
[  235.581179][ T5846]  do_group_exit+0x207/0x2c0
[  235.585761][ T5846]  __x64_sys_exit_group+0x3f/0x40
[  235.590771][ T5846]  x64_sys_call+0x26a8/0x26b0
[  235.595433][ T5846]  do_syscall_64+0xf3/0x230
[  235.599923][ T5846]  ? clear_bhb_loop+0x35/0x90
[  235.604587][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.610472][ T5846] RIP: 0033:0x7f27a458d169
[  235.614871][ T5846] Code: Unable to access opcode bytes at 0x7f27a458d13f.
[  235.621871][ T5846] RSP: 002b:00007ffd100aedd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  235.630271][ T5846] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27a458d169
[  235.638229][ T5846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  235.646188][ T5846] RBP: 00007f27a45eaad8 R08: 00007ffd100acb77 R09: 00000000000927c0
[  235.654143][ T5846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.662100][ T5846] R13: 00000000000927c0 R14: 0000000000000000 R15: 00007ffd100af670
[  235.670065][ T5846]  </TASK>
[  235.673070][ T5846] Modules linked in:
[  235.677330][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  235.685360][ T5846] ---[ end trace 0000000000000000 ]---
[  235.740677][T12550] netlink: 'syz.0.1832': attribute type 7 has an invalid length.
[  235.759057][ T5846] RIP: 0010:sysfs_move_dir_ns+0xad/0xe0
[  235.764716][ T5846] Code: 9a 48 c1 e8 03 42 80 3c 28 00 74 0c 48 c7 c7 60 60 73 9a e8 85 36 c1 ff 48 8b 1d 3e 83 0b 18 49 8d 7f 38 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 67 36 c1 ff 49 8b 57 38 4c 89 ff 48 89 de
[  235.784667][ T5846] RSP: 0018:ffffc90003c87790 EFLAGS: 00010202
[  235.790805][ T5846] RAX: 0000000000000007 RBX: ffff8880206e6f00 RCX: ffff888064068000
[  235.799414][ T5846] RDX: 0000000000000000 RSI: ffff8880206a5280 RDI: 0000000000000038
[  235.808298][ T5846] RBP: ffffc90003c87890 R08: ffffffff8c067568 R09: ffffffff8c0665ae
[  235.816482][ T5846] R10: 0000000000000008 R11: ffff888064068000 R12: ffff8880206a52b0
[  235.824465][ T5846] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.832546][ T5846] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  235.842531][ T5846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  235.849397][ T5846] CR2: 00007fa310d42f98 CR3: 000000000e938000 CR4: 00000000003526f0
[  235.857952][ T5846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  235.866101][ T5846] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  235.874386][ T5846] Kernel panic - not syncing: Fatal exception
[  235.880683][ T5846] Kernel Offset: disabled
[  235.885021][ T5846] Rebooting in 86400 seconds..